# Actions The following actions are supported by Amazon S3: + [AbortMultipartUpload](API_AbortMultipartUpload.md) + [CompleteMultipartUpload](API_CompleteMultipartUpload.md) + [CopyObject](API_CopyObject.md) + [CreateBucket](API_CreateBucket.md) + [CreateBucketMetadataConfiguration](API_CreateBucketMetadataConfiguration.md) + [CreateBucketMetadataTableConfiguration](API_CreateBucketMetadataTableConfiguration.md) + [CreateMultipartUpload](API_CreateMultipartUpload.md) + [CreateSession](API_CreateSession.md) + [DeleteBucket](API_DeleteBucket.md) + [DeleteBucketAnalyticsConfiguration](API_DeleteBucketAnalyticsConfiguration.md) + [DeleteBucketCors](API_DeleteBucketCors.md) + [DeleteBucketEncryption](API_DeleteBucketEncryption.md) + [DeleteBucketIntelligentTieringConfiguration](API_DeleteBucketIntelligentTieringConfiguration.md) + [DeleteBucketInventoryConfiguration](API_DeleteBucketInventoryConfiguration.md) + [DeleteBucketLifecycle](API_DeleteBucketLifecycle.md) + [DeleteBucketMetadataConfiguration](API_DeleteBucketMetadataConfiguration.md) + [DeleteBucketMetadataTableConfiguration](API_DeleteBucketMetadataTableConfiguration.md) + [DeleteBucketMetricsConfiguration](API_DeleteBucketMetricsConfiguration.md) + [DeleteBucketOwnershipControls](API_DeleteBucketOwnershipControls.md) + [DeleteBucketPolicy](API_DeleteBucketPolicy.md) + [DeleteBucketReplication](API_DeleteBucketReplication.md) + [DeleteBucketTagging](API_DeleteBucketTagging.md) + [DeleteBucketWebsite](API_DeleteBucketWebsite.md) + [DeleteObject](API_DeleteObject.md) + [DeleteObjects](API_DeleteObjects.md) + [DeleteObjectTagging](API_DeleteObjectTagging.md) + [DeletePublicAccessBlock](API_DeletePublicAccessBlock.md) + [GetBucketAbac](API_GetBucketAbac.md) + [GetBucketAccelerateConfiguration](API_GetBucketAccelerateConfiguration.md) + [GetBucketAcl](API_GetBucketAcl.md) + [GetBucketAnalyticsConfiguration](API_GetBucketAnalyticsConfiguration.md) + [GetBucketCors](API_GetBucketCors.md) + [GetBucketEncryption](API_GetBucketEncryption.md) + [GetBucketIntelligentTieringConfiguration](API_GetBucketIntelligentTieringConfiguration.md) + [GetBucketInventoryConfiguration](API_GetBucketInventoryConfiguration.md) + [GetBucketLifecycle](API_GetBucketLifecycle.md) + [GetBucketLifecycleConfiguration](API_GetBucketLifecycleConfiguration.md) + [GetBucketLocation](API_GetBucketLocation.md) + [GetBucketLogging](API_GetBucketLogging.md) + [GetBucketMetadataConfiguration](API_GetBucketMetadataConfiguration.md) + [GetBucketMetadataTableConfiguration](API_GetBucketMetadataTableConfiguration.md) + [GetBucketMetricsConfiguration](API_GetBucketMetricsConfiguration.md) + [GetBucketNotification](API_GetBucketNotification.md) + [GetBucketNotificationConfiguration](API_GetBucketNotificationConfiguration.md) + [GetBucketOwnershipControls](API_GetBucketOwnershipControls.md) + [GetBucketPolicy](API_GetBucketPolicy.md) + [GetBucketPolicyStatus](API_GetBucketPolicyStatus.md) + [GetBucketReplication](API_GetBucketReplication.md) + [GetBucketRequestPayment](API_GetBucketRequestPayment.md) + [GetBucketTagging](API_GetBucketTagging.md) + [GetBucketVersioning](API_GetBucketVersioning.md) + [GetBucketWebsite](API_GetBucketWebsite.md) + [GetObject](API_GetObject.md) + [GetObjectAcl](API_GetObjectAcl.md) + [GetObjectAttributes](API_GetObjectAttributes.md) + [GetObjectLegalHold](API_GetObjectLegalHold.md) + [GetObjectLockConfiguration](API_GetObjectLockConfiguration.md) + [GetObjectRetention](API_GetObjectRetention.md) + [GetObjectTagging](API_GetObjectTagging.md) + [GetObjectTorrent](API_GetObjectTorrent.md) + [GetPublicAccessBlock](API_GetPublicAccessBlock.md) + [HeadBucket](API_HeadBucket.md) + [HeadObject](API_HeadObject.md) + [ListBucketAnalyticsConfigurations](API_ListBucketAnalyticsConfigurations.md) + [ListBucketIntelligentTieringConfigurations](API_ListBucketIntelligentTieringConfigurations.md) + [ListBucketInventoryConfigurations](API_ListBucketInventoryConfigurations.md) + [ListBucketMetricsConfigurations](API_ListBucketMetricsConfigurations.md) + [ListBuckets](API_ListBuckets.md) + [ListDirectoryBuckets](API_ListDirectoryBuckets.md) + [ListMultipartUploads](API_ListMultipartUploads.md) + [ListObjects](API_ListObjects.md) + [ListObjectsV2](API_ListObjectsV2.md) + [ListObjectVersions](API_ListObjectVersions.md) + [ListParts](API_ListParts.md) + [PutBucketAbac](API_PutBucketAbac.md) + [PutBucketAccelerateConfiguration](API_PutBucketAccelerateConfiguration.md) + [PutBucketAcl](API_PutBucketAcl.md) + [PutBucketAnalyticsConfiguration](API_PutBucketAnalyticsConfiguration.md) + [PutBucketCors](API_PutBucketCors.md) + [PutBucketEncryption](API_PutBucketEncryption.md) + [PutBucketIntelligentTieringConfiguration](API_PutBucketIntelligentTieringConfiguration.md) + [PutBucketInventoryConfiguration](API_PutBucketInventoryConfiguration.md) + [PutBucketLifecycle](API_PutBucketLifecycle.md) + [PutBucketLifecycleConfiguration](API_PutBucketLifecycleConfiguration.md) + [PutBucketLogging](API_PutBucketLogging.md) + [PutBucketMetricsConfiguration](API_PutBucketMetricsConfiguration.md) + [PutBucketNotification](API_PutBucketNotification.md) + [PutBucketNotificationConfiguration](API_PutBucketNotificationConfiguration.md) + [PutBucketOwnershipControls](API_PutBucketOwnershipControls.md) + [PutBucketPolicy](API_PutBucketPolicy.md) + [PutBucketReplication](API_PutBucketReplication.md) + [PutBucketRequestPayment](API_PutBucketRequestPayment.md) + [PutBucketTagging](API_PutBucketTagging.md) + [PutBucketVersioning](API_PutBucketVersioning.md) + [PutBucketWebsite](API_PutBucketWebsite.md) + [PutObject](API_PutObject.md) + [PutObjectAcl](API_PutObjectAcl.md) + [PutObjectLegalHold](API_PutObjectLegalHold.md) + [PutObjectLockConfiguration](API_PutObjectLockConfiguration.md) + [PutObjectRetention](API_PutObjectRetention.md) + [PutObjectTagging](API_PutObjectTagging.md) + [PutPublicAccessBlock](API_PutPublicAccessBlock.md) + [RenameObject](API_RenameObject.md) + [RestoreObject](API_RestoreObject.md) + [SelectObjectContent](API_SelectObjectContent.md) + [UpdateBucketMetadataInventoryTableConfiguration](API_UpdateBucketMetadataInventoryTableConfiguration.md) + [UpdateBucketMetadataJournalTableConfiguration](API_UpdateBucketMetadataJournalTableConfiguration.md) + [UpdateObjectEncryption](API_UpdateObjectEncryption.md) + [UploadPart](API_UploadPart.md) + [UploadPartCopy](API_UploadPartCopy.md) + [WriteGetObjectResponse](API_WriteGetObjectResponse.md) The following actions are supported by Amazon S3 Control: + [AssociateAccessGrantsIdentityCenter](API_control_AssociateAccessGrantsIdentityCenter.md) + [CreateAccessGrant](API_control_CreateAccessGrant.md) + [CreateAccessGrantsInstance](API_control_CreateAccessGrantsInstance.md) + [CreateAccessGrantsLocation](API_control_CreateAccessGrantsLocation.md) + [CreateAccessPoint](API_control_CreateAccessPoint.md) + [CreateAccessPointForObjectLambda](API_control_CreateAccessPointForObjectLambda.md) + [CreateBucket](API_control_CreateBucket.md) + [CreateJob](API_control_CreateJob.md) + [CreateMultiRegionAccessPoint](API_control_CreateMultiRegionAccessPoint.md) + [CreateStorageLensGroup](API_control_CreateStorageLensGroup.md) + [DeleteAccessGrant](API_control_DeleteAccessGrant.md) + [DeleteAccessGrantsInstance](API_control_DeleteAccessGrantsInstance.md) + [DeleteAccessGrantsInstanceResourcePolicy](API_control_DeleteAccessGrantsInstanceResourcePolicy.md) + [DeleteAccessGrantsLocation](API_control_DeleteAccessGrantsLocation.md) + [DeleteAccessPoint](API_control_DeleteAccessPoint.md) + [DeleteAccessPointForObjectLambda](API_control_DeleteAccessPointForObjectLambda.md) + [DeleteAccessPointPolicy](API_control_DeleteAccessPointPolicy.md) + [DeleteAccessPointPolicyForObjectLambda](API_control_DeleteAccessPointPolicyForObjectLambda.md) + [DeleteAccessPointScope](API_control_DeleteAccessPointScope.md) + [DeleteBucket](API_control_DeleteBucket.md) + [DeleteBucketLifecycleConfiguration](API_control_DeleteBucketLifecycleConfiguration.md) + [DeleteBucketPolicy](API_control_DeleteBucketPolicy.md) + [DeleteBucketReplication](API_control_DeleteBucketReplication.md) + [DeleteBucketTagging](API_control_DeleteBucketTagging.md) + [DeleteJobTagging](API_control_DeleteJobTagging.md) + [DeleteMultiRegionAccessPoint](API_control_DeleteMultiRegionAccessPoint.md) + [DeletePublicAccessBlock](API_control_DeletePublicAccessBlock.md) + [DeleteStorageLensConfiguration](API_control_DeleteStorageLensConfiguration.md) + [DeleteStorageLensConfigurationTagging](API_control_DeleteStorageLensConfigurationTagging.md) + [DeleteStorageLensGroup](API_control_DeleteStorageLensGroup.md) + [DescribeJob](API_control_DescribeJob.md) + [DescribeMultiRegionAccessPointOperation](API_control_DescribeMultiRegionAccessPointOperation.md) + [DissociateAccessGrantsIdentityCenter](API_control_DissociateAccessGrantsIdentityCenter.md) + [GetAccessGrant](API_control_GetAccessGrant.md) + [GetAccessGrantsInstance](API_control_GetAccessGrantsInstance.md) + [GetAccessGrantsInstanceForPrefix](API_control_GetAccessGrantsInstanceForPrefix.md) + [GetAccessGrantsInstanceResourcePolicy](API_control_GetAccessGrantsInstanceResourcePolicy.md) + [GetAccessGrantsLocation](API_control_GetAccessGrantsLocation.md) + [GetAccessPoint](API_control_GetAccessPoint.md) + [GetAccessPointConfigurationForObjectLambda](API_control_GetAccessPointConfigurationForObjectLambda.md) + [GetAccessPointForObjectLambda](API_control_GetAccessPointForObjectLambda.md) + [GetAccessPointPolicy](API_control_GetAccessPointPolicy.md) + [GetAccessPointPolicyForObjectLambda](API_control_GetAccessPointPolicyForObjectLambda.md) + [GetAccessPointPolicyStatus](API_control_GetAccessPointPolicyStatus.md) + [GetAccessPointPolicyStatusForObjectLambda](API_control_GetAccessPointPolicyStatusForObjectLambda.md) + [GetAccessPointScope](API_control_GetAccessPointScope.md) + [GetBucket](API_control_GetBucket.md) + [GetBucketLifecycleConfiguration](API_control_GetBucketLifecycleConfiguration.md) + [GetBucketPolicy](API_control_GetBucketPolicy.md) + [GetBucketReplication](API_control_GetBucketReplication.md) + [GetBucketTagging](API_control_GetBucketTagging.md) + [GetBucketVersioning](API_control_GetBucketVersioning.md) + [GetDataAccess](API_control_GetDataAccess.md) + [GetJobTagging](API_control_GetJobTagging.md) + [GetMultiRegionAccessPoint](API_control_GetMultiRegionAccessPoint.md) + [GetMultiRegionAccessPointPolicy](API_control_GetMultiRegionAccessPointPolicy.md) + [GetMultiRegionAccessPointPolicyStatus](API_control_GetMultiRegionAccessPointPolicyStatus.md) + [GetMultiRegionAccessPointRoutes](API_control_GetMultiRegionAccessPointRoutes.md) + [GetPublicAccessBlock](API_control_GetPublicAccessBlock.md) + [GetStorageLensConfiguration](API_control_GetStorageLensConfiguration.md) + [GetStorageLensConfigurationTagging](API_control_GetStorageLensConfigurationTagging.md) + [GetStorageLensGroup](API_control_GetStorageLensGroup.md) + [ListAccessGrants](API_control_ListAccessGrants.md) + [ListAccessGrantsInstances](API_control_ListAccessGrantsInstances.md) + [ListAccessGrantsLocations](API_control_ListAccessGrantsLocations.md) + [ListAccessPoints](API_control_ListAccessPoints.md) + [ListAccessPointsForDirectoryBuckets](API_control_ListAccessPointsForDirectoryBuckets.md) + [ListAccessPointsForObjectLambda](API_control_ListAccessPointsForObjectLambda.md) + [ListCallerAccessGrants](API_control_ListCallerAccessGrants.md) + [ListJobs](API_control_ListJobs.md) + [ListMultiRegionAccessPoints](API_control_ListMultiRegionAccessPoints.md) + [ListRegionalBuckets](API_control_ListRegionalBuckets.md) + [ListStorageLensConfigurations](API_control_ListStorageLensConfigurations.md) + [ListStorageLensGroups](API_control_ListStorageLensGroups.md) + [ListTagsForResource](API_control_ListTagsForResource.md) + [PutAccessGrantsInstanceResourcePolicy](API_control_PutAccessGrantsInstanceResourcePolicy.md) + [PutAccessPointConfigurationForObjectLambda](API_control_PutAccessPointConfigurationForObjectLambda.md) + [PutAccessPointPolicy](API_control_PutAccessPointPolicy.md) + [PutAccessPointPolicyForObjectLambda](API_control_PutAccessPointPolicyForObjectLambda.md) + [PutAccessPointScope](API_control_PutAccessPointScope.md) + [PutBucketLifecycleConfiguration](API_control_PutBucketLifecycleConfiguration.md) + [PutBucketPolicy](API_control_PutBucketPolicy.md) + [PutBucketReplication](API_control_PutBucketReplication.md) + [PutBucketTagging](API_control_PutBucketTagging.md) + [PutBucketVersioning](API_control_PutBucketVersioning.md) + [PutJobTagging](API_control_PutJobTagging.md) + [PutMultiRegionAccessPointPolicy](API_control_PutMultiRegionAccessPointPolicy.md) + [PutPublicAccessBlock](API_control_PutPublicAccessBlock.md) + [PutStorageLensConfiguration](API_control_PutStorageLensConfiguration.md) + [PutStorageLensConfigurationTagging](API_control_PutStorageLensConfigurationTagging.md) + [SubmitMultiRegionAccessPointRoutes](API_control_SubmitMultiRegionAccessPointRoutes.md) + [TagResource](API_control_TagResource.md) + [UntagResource](API_control_UntagResource.md) + [UpdateAccessGrantsLocation](API_control_UpdateAccessGrantsLocation.md) + [UpdateJobPriority](API_control_UpdateJobPriority.md) + [UpdateJobStatus](API_control_UpdateJobStatus.md) + [UpdateStorageLensGroup](API_control_UpdateStorageLensGroup.md) The following actions are supported by Amazon S3 Files: + [CreateAccessPoint](API_S3Files_CreateAccessPoint.md) + [CreateFileSystem](API_S3Files_CreateFileSystem.md) + [CreateMountTarget](API_S3Files_CreateMountTarget.md) + [DeleteAccessPoint](API_S3Files_DeleteAccessPoint.md) + [DeleteFileSystem](API_S3Files_DeleteFileSystem.md) + [DeleteFileSystemPolicy](API_S3Files_DeleteFileSystemPolicy.md) + [DeleteMountTarget](API_S3Files_DeleteMountTarget.md) + [GetAccessPoint](API_S3Files_GetAccessPoint.md) + [GetFileSystem](API_S3Files_GetFileSystem.md) + [GetFileSystemPolicy](API_S3Files_GetFileSystemPolicy.md) + [GetMountTarget](API_S3Files_GetMountTarget.md) + [GetSynchronizationConfiguration](API_S3Files_GetSynchronizationConfiguration.md) + [ListAccessPoints](API_S3Files_ListAccessPoints.md) + [ListFileSystems](API_S3Files_ListFileSystems.md) + [ListMountTargets](API_S3Files_ListMountTargets.md) + [ListTagsForResource](API_S3Files_ListTagsForResource.md) + [PutFileSystemPolicy](API_S3Files_PutFileSystemPolicy.md) + [PutSynchronizationConfiguration](API_S3Files_PutSynchronizationConfiguration.md) + [TagResource](API_S3Files_TagResource.md) + [UntagResource](API_S3Files_UntagResource.md) + [UpdateMountTarget](API_S3Files_UpdateMountTarget.md) The following actions are supported by Amazon S3 on Outposts: + [CreateEndpoint](API_s3outposts_CreateEndpoint.md) + [DeleteEndpoint](API_s3outposts_DeleteEndpoint.md) + [ListEndpoints](API_s3outposts_ListEndpoints.md) + [ListOutpostsWithS3](API_s3outposts_ListOutpostsWithS3.md) + [ListSharedEndpoints](API_s3outposts_ListSharedEndpoints.md) The following actions are supported by Amazon S3 Tables: + [CreateNamespace](API_s3Buckets_CreateNamespace.md) + [CreateTable](API_s3Buckets_CreateTable.md) + [CreateTableBucket](API_s3Buckets_CreateTableBucket.md) + [DeleteNamespace](API_s3Buckets_DeleteNamespace.md) + [DeleteTable](API_s3Buckets_DeleteTable.md) + [DeleteTableBucket](API_s3Buckets_DeleteTableBucket.md) + [DeleteTableBucketEncryption](API_s3Buckets_DeleteTableBucketEncryption.md) + [DeleteTableBucketMetricsConfiguration](API_s3Buckets_DeleteTableBucketMetricsConfiguration.md) + [DeleteTableBucketPolicy](API_s3Buckets_DeleteTableBucketPolicy.md) + [DeleteTableBucketReplication](API_s3Buckets_DeleteTableBucketReplication.md) + [DeleteTablePolicy](API_s3Buckets_DeleteTablePolicy.md) + [DeleteTableReplication](API_s3Buckets_DeleteTableReplication.md) + [GetNamespace](API_s3Buckets_GetNamespace.md) + [GetTable](API_s3Buckets_GetTable.md) + [GetTableBucket](API_s3Buckets_GetTableBucket.md) + [GetTableBucketEncryption](API_s3Buckets_GetTableBucketEncryption.md) + [GetTableBucketMaintenanceConfiguration](API_s3Buckets_GetTableBucketMaintenanceConfiguration.md) + [GetTableBucketMetricsConfiguration](API_s3Buckets_GetTableBucketMetricsConfiguration.md) + [GetTableBucketPolicy](API_s3Buckets_GetTableBucketPolicy.md) + [GetTableBucketReplication](API_s3Buckets_GetTableBucketReplication.md) + [GetTableBucketStorageClass](API_s3Buckets_GetTableBucketStorageClass.md) + [GetTableEncryption](API_s3Buckets_GetTableEncryption.md) + [GetTableMaintenanceConfiguration](API_s3Buckets_GetTableMaintenanceConfiguration.md) + [GetTableMaintenanceJobStatus](API_s3Buckets_GetTableMaintenanceJobStatus.md) + [GetTableMetadataLocation](API_s3Buckets_GetTableMetadataLocation.md) + [GetTablePolicy](API_s3Buckets_GetTablePolicy.md) + [GetTableRecordExpirationConfiguration](API_s3Buckets_GetTableRecordExpirationConfiguration.md) + [GetTableRecordExpirationJobStatus](API_s3Buckets_GetTableRecordExpirationJobStatus.md) + [GetTableReplication](API_s3Buckets_GetTableReplication.md) + [GetTableReplicationStatus](API_s3Buckets_GetTableReplicationStatus.md) + [GetTableStorageClass](API_s3Buckets_GetTableStorageClass.md) + [ListNamespaces](API_s3Buckets_ListNamespaces.md) + [ListTableBuckets](API_s3Buckets_ListTableBuckets.md) + [ListTables](API_s3Buckets_ListTables.md) + [ListTagsForResource](API_s3Buckets_ListTagsForResource.md) + [PutTableBucketEncryption](API_s3Buckets_PutTableBucketEncryption.md) + [PutTableBucketMaintenanceConfiguration](API_s3Buckets_PutTableBucketMaintenanceConfiguration.md) + [PutTableBucketMetricsConfiguration](API_s3Buckets_PutTableBucketMetricsConfiguration.md) + [PutTableBucketPolicy](API_s3Buckets_PutTableBucketPolicy.md) + [PutTableBucketReplication](API_s3Buckets_PutTableBucketReplication.md) + [PutTableBucketStorageClass](API_s3Buckets_PutTableBucketStorageClass.md) + [PutTableMaintenanceConfiguration](API_s3Buckets_PutTableMaintenanceConfiguration.md) + [PutTablePolicy](API_s3Buckets_PutTablePolicy.md) + [PutTableRecordExpirationConfiguration](API_s3Buckets_PutTableRecordExpirationConfiguration.md) + [PutTableReplication](API_s3Buckets_PutTableReplication.md) + [RenameTable](API_s3Buckets_RenameTable.md) + [TagResource](API_s3Buckets_TagResource.md) + [UntagResource](API_s3Buckets_UntagResource.md) + [UpdateTableMetadataLocation](API_s3Buckets_UpdateTableMetadataLocation.md) The following actions are supported by Amazon S3 Vectors: + [CreateIndex](API_S3VectorBuckets_CreateIndex.md) + [CreateVectorBucket](API_S3VectorBuckets_CreateVectorBucket.md) + [DeleteIndex](API_S3VectorBuckets_DeleteIndex.md) + [DeleteVectorBucket](API_S3VectorBuckets_DeleteVectorBucket.md) + [DeleteVectorBucketPolicy](API_S3VectorBuckets_DeleteVectorBucketPolicy.md) + [DeleteVectors](API_S3VectorBuckets_DeleteVectors.md) + [GetIndex](API_S3VectorBuckets_GetIndex.md) + [GetVectorBucket](API_S3VectorBuckets_GetVectorBucket.md) + [GetVectorBucketPolicy](API_S3VectorBuckets_GetVectorBucketPolicy.md) + [GetVectors](API_S3VectorBuckets_GetVectors.md) + [ListIndexes](API_S3VectorBuckets_ListIndexes.md) + [ListTagsForResource](API_S3VectorBuckets_ListTagsForResource.md) + [ListVectorBuckets](API_S3VectorBuckets_ListVectorBuckets.md) + [ListVectors](API_S3VectorBuckets_ListVectors.md) + [PutVectorBucketPolicy](API_S3VectorBuckets_PutVectorBucketPolicy.md) + [PutVectors](API_S3VectorBuckets_PutVectors.md) + [QueryVectors](API_S3VectorBuckets_QueryVectors.md) + [TagResource](API_S3VectorBuckets_TagResource.md) + [UntagResource](API_S3VectorBuckets_UntagResource.md) # Amazon S3 The following actions are supported by Amazon S3: + [AbortMultipartUpload](API_AbortMultipartUpload.md) + [CompleteMultipartUpload](API_CompleteMultipartUpload.md) + [CopyObject](API_CopyObject.md) + [CreateBucket](API_CreateBucket.md) + [CreateBucketMetadataConfiguration](API_CreateBucketMetadataConfiguration.md) + [CreateBucketMetadataTableConfiguration](API_CreateBucketMetadataTableConfiguration.md) + [CreateMultipartUpload](API_CreateMultipartUpload.md) + [CreateSession](API_CreateSession.md) + [DeleteBucket](API_DeleteBucket.md) + [DeleteBucketAnalyticsConfiguration](API_DeleteBucketAnalyticsConfiguration.md) + [DeleteBucketCors](API_DeleteBucketCors.md) + [DeleteBucketEncryption](API_DeleteBucketEncryption.md) + [DeleteBucketIntelligentTieringConfiguration](API_DeleteBucketIntelligentTieringConfiguration.md) + [DeleteBucketInventoryConfiguration](API_DeleteBucketInventoryConfiguration.md) + [DeleteBucketLifecycle](API_DeleteBucketLifecycle.md) + [DeleteBucketMetadataConfiguration](API_DeleteBucketMetadataConfiguration.md) + [DeleteBucketMetadataTableConfiguration](API_DeleteBucketMetadataTableConfiguration.md) + [DeleteBucketMetricsConfiguration](API_DeleteBucketMetricsConfiguration.md) + [DeleteBucketOwnershipControls](API_DeleteBucketOwnershipControls.md) + [DeleteBucketPolicy](API_DeleteBucketPolicy.md) + [DeleteBucketReplication](API_DeleteBucketReplication.md) + [DeleteBucketTagging](API_DeleteBucketTagging.md) + [DeleteBucketWebsite](API_DeleteBucketWebsite.md) + [DeleteObject](API_DeleteObject.md) + [DeleteObjects](API_DeleteObjects.md) + [DeleteObjectTagging](API_DeleteObjectTagging.md) + [DeletePublicAccessBlock](API_DeletePublicAccessBlock.md) + [GetBucketAbac](API_GetBucketAbac.md) + [GetBucketAccelerateConfiguration](API_GetBucketAccelerateConfiguration.md) + [GetBucketAcl](API_GetBucketAcl.md) + [GetBucketAnalyticsConfiguration](API_GetBucketAnalyticsConfiguration.md) + [GetBucketCors](API_GetBucketCors.md) + [GetBucketEncryption](API_GetBucketEncryption.md) + [GetBucketIntelligentTieringConfiguration](API_GetBucketIntelligentTieringConfiguration.md) + [GetBucketInventoryConfiguration](API_GetBucketInventoryConfiguration.md) + [GetBucketLifecycle](API_GetBucketLifecycle.md) + [GetBucketLifecycleConfiguration](API_GetBucketLifecycleConfiguration.md) + [GetBucketLocation](API_GetBucketLocation.md) + [GetBucketLogging](API_GetBucketLogging.md) + [GetBucketMetadataConfiguration](API_GetBucketMetadataConfiguration.md) + [GetBucketMetadataTableConfiguration](API_GetBucketMetadataTableConfiguration.md) + [GetBucketMetricsConfiguration](API_GetBucketMetricsConfiguration.md) + [GetBucketNotification](API_GetBucketNotification.md) + [GetBucketNotificationConfiguration](API_GetBucketNotificationConfiguration.md) + [GetBucketOwnershipControls](API_GetBucketOwnershipControls.md) + [GetBucketPolicy](API_GetBucketPolicy.md) + [GetBucketPolicyStatus](API_GetBucketPolicyStatus.md) + [GetBucketReplication](API_GetBucketReplication.md) + [GetBucketRequestPayment](API_GetBucketRequestPayment.md) + [GetBucketTagging](API_GetBucketTagging.md) + [GetBucketVersioning](API_GetBucketVersioning.md) + [GetBucketWebsite](API_GetBucketWebsite.md) + [GetObject](API_GetObject.md) + [GetObjectAcl](API_GetObjectAcl.md) + [GetObjectAttributes](API_GetObjectAttributes.md) + [GetObjectLegalHold](API_GetObjectLegalHold.md) + [GetObjectLockConfiguration](API_GetObjectLockConfiguration.md) + [GetObjectRetention](API_GetObjectRetention.md) + [GetObjectTagging](API_GetObjectTagging.md) + [GetObjectTorrent](API_GetObjectTorrent.md) + [GetPublicAccessBlock](API_GetPublicAccessBlock.md) + [HeadBucket](API_HeadBucket.md) + [HeadObject](API_HeadObject.md) + [ListBucketAnalyticsConfigurations](API_ListBucketAnalyticsConfigurations.md) + [ListBucketIntelligentTieringConfigurations](API_ListBucketIntelligentTieringConfigurations.md) + [ListBucketInventoryConfigurations](API_ListBucketInventoryConfigurations.md) + [ListBucketMetricsConfigurations](API_ListBucketMetricsConfigurations.md) + [ListBuckets](API_ListBuckets.md) + [ListDirectoryBuckets](API_ListDirectoryBuckets.md) + [ListMultipartUploads](API_ListMultipartUploads.md) + [ListObjects](API_ListObjects.md) + [ListObjectsV2](API_ListObjectsV2.md) + [ListObjectVersions](API_ListObjectVersions.md) + [ListParts](API_ListParts.md) + [PutBucketAbac](API_PutBucketAbac.md) + [PutBucketAccelerateConfiguration](API_PutBucketAccelerateConfiguration.md) + [PutBucketAcl](API_PutBucketAcl.md) + [PutBucketAnalyticsConfiguration](API_PutBucketAnalyticsConfiguration.md) + [PutBucketCors](API_PutBucketCors.md) + [PutBucketEncryption](API_PutBucketEncryption.md) + [PutBucketIntelligentTieringConfiguration](API_PutBucketIntelligentTieringConfiguration.md) + [PutBucketInventoryConfiguration](API_PutBucketInventoryConfiguration.md) + [PutBucketLifecycle](API_PutBucketLifecycle.md) + [PutBucketLifecycleConfiguration](API_PutBucketLifecycleConfiguration.md) + [PutBucketLogging](API_PutBucketLogging.md) + [PutBucketMetricsConfiguration](API_PutBucketMetricsConfiguration.md) + [PutBucketNotification](API_PutBucketNotification.md) + [PutBucketNotificationConfiguration](API_PutBucketNotificationConfiguration.md) + [PutBucketOwnershipControls](API_PutBucketOwnershipControls.md) + [PutBucketPolicy](API_PutBucketPolicy.md) + [PutBucketReplication](API_PutBucketReplication.md) + [PutBucketRequestPayment](API_PutBucketRequestPayment.md) + [PutBucketTagging](API_PutBucketTagging.md) + [PutBucketVersioning](API_PutBucketVersioning.md) + [PutBucketWebsite](API_PutBucketWebsite.md) + [PutObject](API_PutObject.md) + [PutObjectAcl](API_PutObjectAcl.md) + [PutObjectLegalHold](API_PutObjectLegalHold.md) + [PutObjectLockConfiguration](API_PutObjectLockConfiguration.md) + [PutObjectRetention](API_PutObjectRetention.md) + [PutObjectTagging](API_PutObjectTagging.md) + [PutPublicAccessBlock](API_PutPublicAccessBlock.md) + [RenameObject](API_RenameObject.md) + [RestoreObject](API_RestoreObject.md) + [SelectObjectContent](API_SelectObjectContent.md) + [UpdateBucketMetadataInventoryTableConfiguration](API_UpdateBucketMetadataInventoryTableConfiguration.md) + [UpdateBucketMetadataJournalTableConfiguration](API_UpdateBucketMetadataJournalTableConfiguration.md) + [UpdateObjectEncryption](API_UpdateObjectEncryption.md) + [UploadPart](API_UploadPart.md) + [UploadPartCopy](API_UploadPartCopy.md) + [WriteGetObjectResponse](API_WriteGetObjectResponse.md) # AbortMultipartUpload This operation aborts a multipart upload. After a multipart upload is aborted, no additional parts can be uploaded using that upload ID. The storage consumed by any previously uploaded parts will be freed. However, if any part uploads are currently in progress, those part uploads might or might not succeed. As a result, it might be necessary to abort a given multipart upload multiple times in order to completely free all storage consumed by all parts. To verify that all parts have been removed and prevent getting charged for the part storage, you should call the [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) API operation and ensure that the parts list is empty. **Note** **Directory buckets** - If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed. To delete these in-progress multipart uploads, use the `ListMultipartUploads` operation to list the in-progress multipart uploads in the bucket and use the `AbortMultipartUpload` operation to abort all the in-progress multipart uploads. **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - For information about permissions required to use the multipart upload, see [Multipart Upload and Permissions](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `AbortMultipartUpload`: + [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) + [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) + [CompleteMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) + [ListMultipartUploads](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /Key+?uploadId=UploadId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-if-match-initiated-time: IfMatchInitiatedTime ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_AbortMultipartUpload_RequestSyntax) ** The bucket name to which the upload was taking place. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_AbortMultipartUpload_RequestSyntax) ** Key of the object for which the multipart upload was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [uploadId](#API_AbortMultipartUpload_RequestSyntax) ** Upload ID that identifies the multipart upload. Required: Yes ** [x-amz-expected-bucket-owner](#API_AbortMultipartUpload_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-if-match-initiated-time](#API_AbortMultipartUpload_RequestSyntax) ** If present, this header aborts an in progress multipart upload only if it was initiated on the provided timestamp. If the initiated timestamp of the multipart upload does not match the provided value, the operation returns a `412 Precondition Failed` error. If the initiated timestamp matches or if the multipart upload doesn’t exist, the operation returns a `204 Success (No Content)` response. This functionality is only supported for directory buckets. ** [x-amz-request-payer](#API_AbortMultipartUpload_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_AbortMultipartUpload_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Errors ** NoSuchUpload ** The specified multipart upload does not exist. HTTP Status Code: 404 ## Examples ### Sample Request for general purpose buckets The following request aborts a multipart upload identified by its upload ID. ``` DELETE /example-object?uploadId=VXBsb2FkIElEIGZvciBlbHZpbmcncyBteS1tb3ZpZS5tMnRzIHVwbG9hZ HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of AbortMultipartUpload. ``` HTTP/1.1 204 OK x-amz-id-2: Weag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 996c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT Content-Length: 0 Connection: keep-alive Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/AbortMultipartUpload) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/AbortMultipartUpload) # CompleteMultipartUpload Completes a multipart upload by assembling previously uploaded parts. You first initiate the multipart upload and then upload all parts using the [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) operation or the [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) operation. After successfully uploading all relevant parts of an upload, you call this `CompleteMultipartUpload` operation to complete the upload. Upon receiving this request, Amazon S3 concatenates all the parts in ascending order by part number to create a new object. In the CompleteMultipartUpload request, you must provide the parts list and ensure that the parts list is complete. The CompleteMultipartUpload API operation concatenates the parts that you provide in the list. For each part in the list, you must provide the `PartNumber` value and the `ETag` value that are returned after that part was uploaded. The processing of a CompleteMultipartUpload request could take several minutes to finalize. After Amazon S3 begins processing the request, it sends an HTTP response header that specifies a `200 OK` response. While processing is in progress, Amazon S3 periodically sends white space characters to keep the connection from timing out. A request could fail after the initial `200 OK` response has been sent. This means that a `200 OK` response can contain either a success or an error. The error response might be embedded in the `200 OK` response. If you call this API operation directly, make sure to design your application to parse the contents of the response and handle it appropriately. If you use AWS SDKs, SDKs handle this condition. The SDKs detect the embedded error and apply error handling per your configuration settings (including automatically retrying the request as appropriate). If the condition persists, the SDKs throw an exception (or, for the SDKs that don't use exceptions, they return an error). Note that if `CompleteMultipartUpload` fails, applications should be prepared to retry any failed requests (including 500 error responses). For more information, see [Amazon S3 Error Best Practices](https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html). **Important** You can't use `Content-Type: application/x-www-form-urlencoded` for the CompleteMultipartUpload requests. Also, if you don't provide a `Content-Type` header, `CompleteMultipartUpload` can still return a `200 OK` response. For more information about multipart uploads, see [Uploading Objects Using Multipart Upload](https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - For information about permissions required to use the multipart upload API, see [Multipart Upload and Permissions](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) in the *Amazon S3 User Guide*. If you provide an [additional checksum value](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html) in your `MultipartUpload` requests and the object is encrypted with AWS Key Management Service, you must have permission to use the `kms:Decrypt` action for the `CompleteMultipartUpload` request to succeed. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). If the object is encrypted with SSE-KMS, you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key. Special errors + Error Code: `EntityTooSmall` + Description: Your proposed upload is smaller than the minimum allowed object size. Each part must be at least 5 MB in size, except the last part. + HTTP Status Code: 400 Bad Request + Error Code: `InvalidPart` + Description: One or more of the specified parts could not be found. The part might not have been uploaded, or the specified ETag might not have matched the uploaded part's ETag. + HTTP Status Code: 400 Bad Request + Error Code: `InvalidPartOrder` + Description: The list of parts was not in ascending order. The parts list must be specified in order by part number. + HTTP Status Code: 400 Bad Request + Error Code: `NoSuchUpload` + Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed. + HTTP Status Code: 404 Not Found HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `CompleteMultipartUpload`: + [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) + [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) + [AbortMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) + [ListMultipartUploads](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /Key+?uploadId=UploadId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-checksum-crc32: ChecksumCRC32 x-amz-checksum-crc32c: ChecksumCRC32C x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-checksum-sha1: ChecksumSHA1 x-amz-checksum-sha256: ChecksumSHA256 x-amz-checksum-type: ChecksumType x-amz-mp-object-size: MpuObjectSize x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner If-Match: IfMatch If-None-Match: IfNoneMatch x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 string string string string string string integer ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_CompleteMultipartUpload_RequestSyntax) ** Name of the bucket to which the multipart upload was initiated. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [If-Match](#API_CompleteMultipartUpload_RequestSyntax) ** Uploads the object only if the ETag (entity tag) value provided during the WRITE operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a `412 Precondition Failed` error. If a conflicting operation occurs during the upload S3 returns a `409 ConditionalRequestConflict` response. On a 409 failure you should fetch the object's ETag, re-initiate the multipart upload with `CreateMultipartUpload`, and re-upload each part. Expects the ETag value as a string. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232), or [Conditional requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html) in the *Amazon S3 User Guide*. ** [If-None-Match](#API_CompleteMultipartUpload_RequestSyntax) ** Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a `412 Precondition Failed` error. If a conflicting operation occurs during the upload S3 returns a `409 ConditionalRequestConflict` response. On a 409 failure you should re-initiate the multipart upload with `CreateMultipartUpload` and re-upload each part. Expects the '\$1' (asterisk) character. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232), or [Conditional requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html) in the *Amazon S3 User Guide*. ** [Key](#API_CompleteMultipartUpload_RequestSyntax) ** Object key for which the multipart upload was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [uploadId](#API_CompleteMultipartUpload_RequestSyntax) ** ID for the initiated multipart upload. Required: Yes ** [x-amz-checksum-crc32](#API_CompleteMultipartUpload_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32` checksum of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc32c](#API_CompleteMultipartUpload_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32C` checksum of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc64nvme](#API_CompleteMultipartUpload_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit `CRC64NVME` checksum of the object. The `CRC64NVME` checksum is always a full object checksum. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). ** [x-amz-checksum-sha1](#API_CompleteMultipartUpload_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 160-bit `SHA1` digest of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha256](#API_CompleteMultipartUpload_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 256-bit `SHA256` digest of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-type](#API_CompleteMultipartUpload_RequestSyntax) ** This header specifies the checksum type of the object, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. You can use this header as a data integrity check to verify that the checksum type that is received is the same checksum that was specified. If the checksum type doesn’t match the checksum type that was specified for the object during the `CreateMultipartUpload` request, it’ll result in a `BadDigest` error. For more information, see Checking object integrity in the Amazon S3 User Guide. Valid Values: `COMPOSITE | FULL_OBJECT` ** [x-amz-expected-bucket-owner](#API_CompleteMultipartUpload_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-mp-object-size](#API_CompleteMultipartUpload_RequestSyntax) ** The expected total object size of the multipart upload request. If there’s a mismatch between the specified object size value and the actual object size value, it results in an `HTTP 400 InvalidRequest` error. ** [x-amz-request-payer](#API_CompleteMultipartUpload_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption-customer-algorithm](#API_CompleteMultipartUpload_RequestSyntax) ** The server-side encryption (SSE) algorithm used to encrypt the object. This parameter is required only when the object was created using a checksum algorithm or if your bucket policy requires the use of SSE-C. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-require-condition-key) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_CompleteMultipartUpload_RequestSyntax) ** The server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_CompleteMultipartUpload_RequestSyntax) ** The MD5 server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ## Request Body The request accepts the following data in XML format. ** [CompleteMultipartUpload](#API_CompleteMultipartUpload_RequestSyntax) ** Root level tag for the CompleteMultipartUpload parameters. Required: Yes ** [Part](#API_CompleteMultipartUpload_RequestSyntax) ** Array of CompletedPart data types. If you do not supply a valid `Part` with your request, the service sends back an HTTP 400 response. Type: Array of [CompletedPart](API_CompletedPart.md) data types Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-expiration: Expiration x-amz-server-side-encryption: ServerSideEncryption x-amz-version-id: VersionId x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-request-charged: RequestCharged string string string string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-expiration](#API_CompleteMultipartUpload_ResponseSyntax) ** If the object expiration is configured, this will contain the expiration date (`expiry-date`) and rule ID (`rule-id`). The value of `rule-id` is URL-encoded. This functionality is not supported for directory buckets. ** [x-amz-request-charged](#API_CompleteMultipartUpload_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_CompleteMultipartUpload_ResponseSyntax) ** The server-side encryption algorithm used when storing this object in Amazon S3. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_CompleteMultipartUpload_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_CompleteMultipartUpload_ResponseSyntax) ** Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-version-id](#API_CompleteMultipartUpload_ResponseSyntax) ** Version ID of the newly created object, in case the bucket has versioning turned on. This functionality is not supported for directory buckets. The following data is returned in XML format by the service. ** [CompleteMultipartUploadResult](#API_CompleteMultipartUpload_ResponseSyntax) ** Root level tag for the CompleteMultipartUploadResult parameters. Required: Yes ** [Bucket](#API_CompleteMultipartUpload_ResponseSyntax) ** The name of the bucket that contains the newly created object. Does not return the access point ARN or access point alias if used. Access points are not supported by directory buckets. Type: String ** [ChecksumCRC32](#API_CompleteMultipartUpload_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32 checksum` of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. Type: String ** [ChecksumCRC32C](#API_CompleteMultipartUpload_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32C` checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. Type: String ** [ChecksumCRC64NVME](#API_CompleteMultipartUpload_ResponseSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit `CRC64NVME` checksum of the object. The `CRC64NVME` checksum is always a full object checksum. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). Type: String ** [ChecksumSHA1](#API_CompleteMultipartUpload_ResponseSyntax) ** The Base64 encoded, 160-bit `SHA1` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. Type: String ** [ChecksumSHA256](#API_CompleteMultipartUpload_ResponseSyntax) ** The Base64 encoded, 256-bit `SHA256` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. Type: String ** [ChecksumType](#API_CompleteMultipartUpload_ResponseSyntax) ** The checksum type, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. You can use this header as a data integrity check to verify that the checksum type that is received is the same checksum type that was specified during the `CreateMultipartUpload` request. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). Type: String Valid Values: `COMPOSITE | FULL_OBJECT` ** [ETag](#API_CompleteMultipartUpload_ResponseSyntax) ** Entity tag that identifies the newly created object's data. Objects with different object data will have different entity tags. The entity tag is an opaque string. The entity tag may or may not be an MD5 digest of the object data. If the entity tag is not an MD5 digest of the object data, it will contain one or more nonhexadecimal characters and/or will consist of less than 32 or more than 32 hexadecimal digits. For more information about how the entity tag is calculated, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [Key](#API_CompleteMultipartUpload_ResponseSyntax) ** The object key of the newly created object. Type: String Length Constraints: Minimum length of 1. ** [Location](#API_CompleteMultipartUpload_ResponseSyntax) ** The URI that identifies the newly created object. Type: String ## Examples ### Sample Request for general purpose buckets The following Complete Multipart Upload request specifies three parts in the `CompleteMultipartUpload` element. ``` POST /example-object?uploadId=AAAsb2FkIElEIGZvciBlbHZpbmcncyWeeS1tb3ZpZS5tMnRzIRRwbG9hZA HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Content-Length: 391 Authorization: authorization string 1 "a54357aff0632cce46d942af68356b38" 2 "0c78aef83f66abc1fa1e8477f296d394" 3 "acbd18db4cc2f85cedef654fccc4a4d8" ``` ### Sample Response for general purpose buckets The following response indicates that an object was successfully assembled. ``` HTTP/1.1 200 OK x-amz-id-2: Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT Connection: close Server: AmazonS3 http://amzn-s3-demo-bucket.s3..amazonaws.com/Example-Object amzn-s3-demo-bucket Example-Object "3858f62230ac3c915f300c664312c11f-9" ``` ### Sample Response for general purpose buckets: Error specified in header The following response indicates that an error occurred before the HTTP response header was sent. ``` HTTP/1.1 403 Forbidden x-amz-id-2: Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT Content-Length: 237 Connection: keep-alive Server: AmazonS3 AccessDenied Access Denied 656c76696e6727732072657175657374 Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== ``` ### Sample Response for general purpose buckets: Error specified in body The following response indicates that an error occurred after the HTTP response header was sent. Note that while the HTTP status code is 200 OK, the request actually failed as described in the `Error` element. ``` HTTP/1.1 200 OK x-amz-id-2: Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT Connection: close Server: AmazonS3 InternalError We encountered an internal error. Please try again. 656c76696e6727732072657175657374 Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/CompleteMultipartUpload) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/CompleteMultipartUpload) # CopyObject Creates a copy of an object that is already stored in Amazon S3. **Important** End of support notice: As of October 1, 2025, Amazon S3 has discontinued support for Email Grantee Access Control Lists (ACLs). If you attempt to use an Email Grantee ACL in a request after October 1, 2025, the request will receive an `HTTP 405` (Method Not Allowed) error. This change affects the following AWS Regions: US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), and South America (São Paulo). **Note** You can store individual objects of up to 50 TB in Amazon S3. You create a copy of your object up to 5 GB in size in a single atomic action using this API. However, to copy an object greater than 5 GB, you must use the multipart upload Upload Part - Copy (UploadPartCopy) API. For more information, see [Copy Object Using the REST Multipart Upload API](https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html). You can copy individual objects between general purpose buckets, between directory buckets, and between general purpose buckets and directory buckets. **Note** Amazon S3 supports copy operations using Multi-Region Access Points only as a destination when using the Multi-Region Access Point ARN. **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. VPC endpoints don't support cross-Region requests (including copies). If you're using VPC endpoints, your source and destination buckets should be in the same AWS Region as your VPC endpoint. Both the Region that you want to copy the object from and the Region that you want to copy the object to must be enabled for your account. For more information about how to enable a Region for your account, see [Enable or disable a Region for standalone accounts](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#manage-acct-regions-enable-standalone) in the * AWS Account Management Guide*. **Important** Amazon S3 transfer acceleration does not support cross-Region copies. If you request a cross-Region copy using a transfer acceleration endpoint, you get a `400 Bad Request` error. For more information, see [Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html). Authentication and authorization All `CopyObject` requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the `x-amz-` prefix, including `x-amz-copy-source`, must be signed. For more information, see [REST Authentication](https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). **Directory buckets** - You must use the IAM credentials to authenticate and authorize your access to the `CopyObject` API operation, instead of using the temporary security credentials through the `CreateSession` API operation. AWS CLI or SDKs handles authentication and authorization on your behalf. Permissions You must have *read* access to the source object and *write* access to the destination bucket. + **General purpose bucket permissions** - You must have permissions in an IAM policy based on the source and destination bucket types in a `CopyObject` operation. + If the source object is in a general purpose bucket, you must have ** `s3:GetObject` ** permission to read the source object that is being copied. + If the destination bucket is a general purpose bucket, you must have ** `s3:PutObject` ** permission to write the object copy to the destination bucket. + **Directory bucket permissions** - You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination bucket types in a `CopyObject` operation. + If the source object that you want to copy is in a directory bucket, you must have the ** `s3express:CreateSession` ** permission in the `Action` element of a policy to read the object. If no session mode is specified, the session will be created with the maximum allowable privilege, attempting `ReadWrite` first, then `ReadOnly` if `ReadWrite` is not permitted. If you want to explicitly restrict the access to be read-only, you can set the `s3express:SessionMode` condition key to `ReadOnly` on the copy source bucket. + If the copy destination is a directory bucket, you must have the ** `s3express:CreateSession` ** permission in the `Action` element of a policy to write the object to the destination. The `s3express:SessionMode` condition key can't be set to `ReadOnly` on the copy destination bucket. If the object is encrypted with SSE-KMS, you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key. For example policies, see [Example bucket policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) and [AWS Identity and Access Management (IAM) identity-based policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) in the *Amazon S3 User Guide*. Response and special errors When the request is an HTTP 1.1 request, the response is chunk encoded. When the request is not an HTTP 1.1 request, the response would not contain the `Content-Length`. You always need to read the entire response body to check if the copy succeeds. + If the copy is successful, you receive a response with information about the copied object. + A copy request might return an error when Amazon S3 receives the copy request or while Amazon S3 is copying the files. A `200 OK` response can contain either a success or an error. + If the error occurs before the copy action starts, you receive a standard Amazon S3 error. + If the error occurs during the copy operation, the error response is embedded in the `200 OK` response. For example, in a cross-region copy, you may encounter throttling and receive a `200 OK` response. For more information, see [Resolve the Error 200 response when copying objects to Amazon S3](https://repost.aws/knowledge-center/s3-resolve-200-internalerror). The `200 OK` status code means the copy was accepted, but it doesn't mean the copy is complete. Another example is when you disconnect from Amazon S3 before the copy is complete, Amazon S3 might cancel the copy and you may receive a `200 OK` response. You must stay connected to Amazon S3 until the entire response is successfully received and processed. If you call this API operation directly, make sure to design your application to parse the content of the response and handle it appropriately. If you use AWS SDKs, SDKs handle this condition. The SDKs detect the embedded error and apply error handling per your configuration settings (including automatically retrying the request as appropriate). If the condition persists, the SDKs throw an exception (or, for the SDKs that don't use exceptions, they return an error). Charge The copy request charge is based on the storage class and Region that you specify for the destination object. The request can also result in a data retrieval charge for the source if the source storage class bills for data retrieval. If the copy source is in a different region, the data transfer is billed to the copy source account. For pricing information, see [Amazon S3 pricing](http://aws.amazon.com/s3/pricing/). HTTP Host header syntax + **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. + **Amazon S3 on Outposts** - When you use this action with S3 on Outposts through the REST API, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. The hostname isn't required when you use the AWS CLI or SDKs. The following operations are related to `CopyObject`: + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /Key+ HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-acl: ACL Cache-Control: CacheControl x-amz-checksum-algorithm: ChecksumAlgorithm Content-Disposition: ContentDisposition Content-Encoding: ContentEncoding Content-Language: ContentLanguage Content-Type: ContentType x-amz-copy-source: CopySource x-amz-copy-source-if-match: CopySourceIfMatch x-amz-copy-source-if-modified-since: CopySourceIfModifiedSince x-amz-copy-source-if-none-match: CopySourceIfNoneMatch x-amz-copy-source-if-unmodified-since: CopySourceIfUnmodifiedSince Expires: Expires x-amz-grant-full-control: GrantFullControl x-amz-grant-read: GrantRead x-amz-grant-read-acp: GrantReadACP x-amz-grant-write-acp: GrantWriteACP If-Match: IfMatch If-None-Match: IfNoneMatch x-amz-metadata-directive: MetadataDirective x-amz-tagging-directive: TaggingDirective x-amz-server-side-encryption: ServerSideEncryption x-amz-storage-class: StorageClass x-amz-website-redirect-location: WebsiteRedirectLocation x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-copy-source-server-side-encryption-customer-algorithm: CopySourceSSECustomerAlgorithm x-amz-copy-source-server-side-encryption-customer-key: CopySourceSSECustomerKey x-amz-copy-source-server-side-encryption-customer-key-MD5: CopySourceSSECustomerKeyMD5 x-amz-request-payer: RequestPayer x-amz-tagging: Tagging x-amz-object-lock-mode: ObjectLockMode x-amz-object-lock-retain-until-date: ObjectLockRetainUntilDate x-amz-object-lock-legal-hold: ObjectLockLegalHoldStatus x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-source-expected-bucket-owner: ExpectedSourceBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_CopyObject_RequestSyntax) ** The name of the destination bucket. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. Copying objects across different AWS Regions isn't supported when the source or destination bucket is in AWS Local Zones. The source and destination buckets must have the same parent AWS Region. Otherwise, you get an HTTP `400 Bad Request` error with the error code `InvalidRequest`. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must use the Outpost bucket access point ARN or the access point alias for the destination bucket. You can only copy objects within the same Outpost bucket. It's not supported to copy objects across different AWS Outposts, between buckets on the same Outposts, or between Outposts buckets and any other bucket types. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *S3 on Outposts guide*. When you use this action with S3 on Outposts through the REST API, you must direct requests to the S3 on Outposts hostname, in the format ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. The hostname isn't required when you use the AWS CLI or SDKs. Required: Yes ** [Cache-Control](#API_CopyObject_RequestSyntax) ** Specifies the caching behavior along the request/reply chain. ** [Content-Disposition](#API_CopyObject_RequestSyntax) ** Specifies presentational information for the object. Indicates whether an object should be displayed in a web browser or downloaded as a file. It allows specifying the desired filename for the downloaded file. ** [Content-Encoding](#API_CopyObject_RequestSyntax) ** Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For directory buckets, only the `aws-chunked` value is supported in this header field. ** [Content-Language](#API_CopyObject_RequestSyntax) ** The language the content is in. ** [Content-Type](#API_CopyObject_RequestSyntax) ** A standard MIME type that describes the format of the object data. ** [Expires](#API_CopyObject_RequestSyntax) ** The date and time at which the object is no longer cacheable. ** [If-Match](#API_CopyObject_RequestSyntax) ** Copies the object if the entity tag (ETag) of the destination object matches the specified tag. If the ETag values do not match, the operation returns a `412 Precondition Failed` error. If a concurrent operation occurs during the upload S3 returns a `409 ConditionalRequestConflict` response. On a 409 failure you should fetch the object's ETag and retry the upload. Expects the ETag value as a string. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [If-None-Match](#API_CopyObject_RequestSyntax) ** Copies the object only if the object key name at the destination does not already exist in the bucket specified. Otherwise, Amazon S3 returns a `412 Precondition Failed` error. If a concurrent operation occurs during the upload S3 returns a `409 ConditionalRequestConflict` response. On a 409 failure you should retry the upload. Expects the '\$1' (asterisk) character. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [Key](#API_CopyObject_RequestSyntax) ** The key of the destination object. Length Constraints: Minimum length of 1. Required: Yes ** [x-amz-acl](#API_CopyObject_RequestSyntax) ** The canned access control list (ACL) to apply to the object. When you copy an object, the ACL metadata is not preserved and is set to `private` by default. Only the owner has full access control. To override the default ACL setting, specify a new ACL when you generate a copy request. For more information, see [Using ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). If the destination bucket that you're copying objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only accept `PUT` requests that don't specify an ACL or `PUT` requests that specify bucket owner full control ACLs, such as the `bucket-owner-full-control` canned ACL or an equivalent form of this ACL expressed in the XML format. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. + If your destination bucket uses the bucket owner enforced setting for Object Ownership, all objects written to the bucket by any account will be owned by the bucket owner. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. Valid Values: `private | public-read | public-read-write | authenticated-read | aws-exec-read | bucket-owner-read | bucket-owner-full-control` ** [x-amz-checksum-algorithm](#API_CopyObject_RequestSyntax) ** Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. When you copy an object, if the source object has a checksum, that checksum value will be copied to the new object by default. If the `CopyObject` request does not include this `x-amz-checksum-algorithm` header, the checksum algorithm will be copied from the source object to the destination object (if it's present on the source object). You can optionally specify a different checksum algorithm to use with the `x-amz-checksum-algorithm` header. Unrecognized or unsupported values will respond with the HTTP status code `400 Bad Request`. For directory buckets, when you use AWS SDKs, `CRC32` is the default checksum algorithm that's used for performance. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ** [x-amz-copy-source](#API_CopyObject_RequestSyntax) ** Specifies the source object for the copy operation. The source object can be up to 5 GB. If the source object is an object that was uploaded by using a multipart upload, the object copy will be a single part object after the source object is copied to the destination bucket. You specify the value of the copy source in one of two formats, depending on whether you want to access the source object through an [access point](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html): + For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, to copy the object `reports/january.pdf` from the general purpose bucket `awsexamplebucket`, use `awsexamplebucket/reports/january.pdf`. The value must be URL-encoded. To copy the object `reports/january.pdf` from the directory bucket `awsexamplebucket--use1-az5--x-s3`, use `awsexamplebucket--use1-az5--x-s3/reports/january.pdf`. The value must be URL-encoded. + For objects accessed through access points, specify the Amazon Resource Name (ARN) of the object as accessed through the access point, in the format `arn:aws:s3:::accesspoint//object/`. For example, to copy the object `reports/january.pdf` through access point `my-access-point` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`. The value must be URL encoded. **Note** Amazon S3 supports copy operations using Access points only when the source and destination buckets are in the same AWS Region. Access points are not supported by directory buckets. Alternatively, for objects accessed through Amazon S3 on Outposts, specify the ARN of the object as accessed in the format `arn:aws:s3-outposts:::outpost//object/`. For example, to copy the object `reports/january.pdf` through outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`. The value must be URL-encoded. If your source bucket versioning is enabled, the `x-amz-copy-source` header by default identifies the current version of an object to copy. If the current version is a delete marker, Amazon S3 behaves as if the object was deleted. To copy a different version, use the `versionId` query parameter. Specifically, append `?versionId=` to the value (for example, `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`). If you don't specify a version ID, Amazon S3 copies the latest version of the source object. If you enable versioning on the destination bucket, Amazon S3 generates a unique version ID for the copied object. This version ID is different from the version ID of the source object. Amazon S3 returns the version ID of the copied object in the `x-amz-version-id` response header in the response. If you do not enable versioning or suspend it on the destination bucket, the version ID that Amazon S3 generates in the `x-amz-version-id` response header is always null. **Directory buckets** - S3 Versioning isn't enabled and supported for directory buckets. Pattern: `\/?.+\/.+` Required: Yes ** [x-amz-copy-source-if-match](#API_CopyObject_RequestSyntax) ** Copies the object if its entity tag (ETag) matches the specified tag. If both the `x-amz-copy-source-if-match` and `x-amz-copy-source-if-unmodified-since` headers are present in the request and evaluate as follows, Amazon S3 returns `200 OK` and copies the data: + `x-amz-copy-source-if-match` condition evaluates to true + `x-amz-copy-source-if-unmodified-since` condition evaluates to false ** [x-amz-copy-source-if-modified-since](#API_CopyObject_RequestSyntax) ** Copies the object if it has been modified since the specified time. If both the `x-amz-copy-source-if-none-match` and `x-amz-copy-source-if-modified-since` headers are present in the request and evaluate as follows, Amazon S3 returns the `412 Precondition Failed` response code: + `x-amz-copy-source-if-none-match` condition evaluates to false + `x-amz-copy-source-if-modified-since` condition evaluates to true ** [x-amz-copy-source-if-none-match](#API_CopyObject_RequestSyntax) ** Copies the object if its entity tag (ETag) is different than the specified ETag. If both the `x-amz-copy-source-if-none-match` and `x-amz-copy-source-if-modified-since` headers are present in the request and evaluate as follows, Amazon S3 returns the `412 Precondition Failed` response code: + `x-amz-copy-source-if-none-match` condition evaluates to false + `x-amz-copy-source-if-modified-since` condition evaluates to true ** [x-amz-copy-source-if-unmodified-since](#API_CopyObject_RequestSyntax) ** Copies the object if it hasn't been modified since the specified time. If both the `x-amz-copy-source-if-match` and `x-amz-copy-source-if-unmodified-since` headers are present in the request and evaluate as follows, Amazon S3 returns `200 OK` and copies the data: + `x-amz-copy-source-if-match` condition evaluates to true + `x-amz-copy-source-if-unmodified-since` condition evaluates to false ** [x-amz-copy-source-server-side-encryption-customer-algorithm](#API_CopyObject_RequestSyntax) ** Specifies the algorithm to use when decrypting the source object (for example, `AES256`). If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying. This functionality is not supported when the source object is in a directory bucket. ** [x-amz-copy-source-server-side-encryption-customer-key](#API_CopyObject_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be the same one that was used when the source object was created. If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying. This functionality is not supported when the source object is in a directory bucket. ** [x-amz-copy-source-server-side-encryption-customer-key-MD5](#API_CopyObject_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying. This functionality is not supported when the source object is in a directory bucket. ** [x-amz-expected-bucket-owner](#API_CopyObject_RequestSyntax) ** The account ID of the expected destination bucket owner. If the account ID that you provide does not match the actual owner of the destination bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-grant-full-control](#API_CopyObject_RequestSyntax) ** Gives the grantee READ, READ\$1ACP, and WRITE\$1ACP permissions on the object. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read](#API_CopyObject_RequestSyntax) ** Allows grantee to read the object data and its metadata. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read-acp](#API_CopyObject_RequestSyntax) ** Allows grantee to read the object ACL. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-write-acp](#API_CopyObject_RequestSyntax) ** Allows grantee to write the ACL for the applicable object. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-metadata-directive](#API_CopyObject_RequestSyntax) ** Specifies whether the metadata is copied from the source object or replaced with metadata that's provided in the request. When copying an object, you can preserve all metadata (the default) or specify new metadata. If this header isn’t specified, `COPY` is the default behavior. **General purpose bucket** - For general purpose buckets, when you grant permissions, you can use the `s3:x-amz-metadata-directive` condition key to enforce certain metadata behavior when objects are uploaded. For more information, see [Amazon S3 condition key examples](https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) in the *Amazon S3 User Guide*. `x-amz-website-redirect-location` is unique to each object and is not copied when using the `x-amz-metadata-directive` header. To copy the value, you must specify `x-amz-website-redirect-location` in the request header. Valid Values: `COPY | REPLACE` ** [x-amz-object-lock-legal-hold](#API_CopyObject_RequestSyntax) ** Specifies whether you want to apply a legal hold to the object copy. This functionality is not supported for directory buckets. Valid Values: `ON | OFF` ** [x-amz-object-lock-mode](#API_CopyObject_RequestSyntax) ** The Object Lock mode that you want to apply to the object copy. This functionality is not supported for directory buckets. Valid Values: `GOVERNANCE | COMPLIANCE` ** [x-amz-object-lock-retain-until-date](#API_CopyObject_RequestSyntax) ** The date and time when you want the Object Lock of the object copy to expire. This functionality is not supported for directory buckets. ** [x-amz-request-payer](#API_CopyObject_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_CopyObject_RequestSyntax) ** The server-side encryption algorithm used when storing this object in Amazon S3. Unrecognized or unsupported values won’t write a destination object and will receive a `400 Bad Request` response. Amazon S3 automatically encrypts all new objects that are copied to an S3 bucket. When copying an object, if you don't specify encryption information in your copy request, the encryption setting of the target object is set to the default encryption configuration of the destination bucket. By default, all buckets have a base level of encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket has a different default encryption configuration, Amazon S3 uses the corresponding encryption key to encrypt the target object copy. With server-side encryption, Amazon S3 encrypts your data as it writes your data to disks in its data centers and decrypts the data when you access it. For more information about server-side encryption, see [Using Server-Side Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) in the *Amazon S3 User Guide*. **General purpose buckets ** + For general purpose buckets, there are the following supported options for server-side encryption: server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), dual-layer server-side encryption with AWS KMS keys (DSSE-KMS), and server-side encryption with customer-provided encryption keys (SSE-C). Amazon S3 uses the corresponding KMS key, or a customer-provided key to encrypt the target object copy. + When you perform a `CopyObject` operation, if you want to use a different type of encryption setting for the target object, you can specify appropriate encryption-related headers to encrypt the target object with an Amazon S3 managed key, a KMS key, or a customer-provided key. If the encryption setting in your request is different from the default encryption configuration of the destination bucket, the encryption setting in your request takes precedence. **Directory buckets ** + For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your `CreateSession` requests or `PUT` object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. For more information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with AWS KMS for new object uploads](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html). + To encrypt new object copies to a directory bucket with SSE-KMS, we recommend you specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk)). The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (`aws/s3`) isn't supported. Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. After you specify a customer managed key for SSE-KMS, you can't override the customer managed key for the bucket's SSE-KMS configuration. Then, when you perform a `CopyObject` operation and want to specify server-side encryption settings for new object copies with SSE-KMS in the encryption-related request headers, you must ensure the encryption key is the same customer managed key that you specified for the directory bucket's default encryption configuration. + **S3 access points for Amazon FSx ** - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_CopyObject_RequestSyntax) ** Specifies the AWS KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. All GET and PUT requests for an object protected by AWS KMS will fail if they're not made via SSL or using SigV4. For information about configuring any of the officially supported AWS SDKs and AWS CLI, see [Specifying the Signature Version in Request Authentication](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) in the *Amazon S3 User Guide*. **Directory buckets** - To encrypt data using SSE-KMS, it's recommended to specify the `x-amz-server-side-encryption` header to `aws:kms`. Then, the `x-amz-server-side-encryption-aws-kms-key-id` header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the ` x-amz-server-side-encryption-aws-kms-key-id` header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (`aws/s3`) isn't supported. Incorrect key specification results in an HTTP `400 Bad Request` error. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_CopyObject_RequestSyntax) ** Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using AWS Key Management Service (AWS KMS) keys (SSE-KMS). If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the object. Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Specifying this header with a COPY action doesn’t affect bucket-level settings for S3 Bucket Key. For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*. **Directory buckets** - S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html). In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object. ** [x-amz-server-side-encryption-context](#API_CopyObject_RequestSyntax) ** Specifies the AWS KMS Encryption Context as an additional encryption context to use for the destination object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs. **General purpose buckets** - This value must be explicitly added to specify encryption context for `CopyObject` requests if you want an additional encryption context for your destination object. The additional encryption context of the source object won't be copied to the destination object. For more information, see [Encryption context](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context) in the *Amazon S3 User Guide*. **Directory buckets** - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported. ** [x-amz-server-side-encryption-customer-algorithm](#API_CopyObject_RequestSyntax) ** Specifies the algorithm to use when encrypting the object (for example, `AES256`). When you perform a `CopyObject` operation, if you want to use a different type of encryption setting for the target object, you can specify appropriate encryption-related headers to encrypt the target object with an Amazon S3 managed key, a KMS key, or a customer-provided key. If the encryption setting in your request is different from the default encryption configuration of the destination bucket, the encryption setting in your request takes precedence. This functionality is not supported when the destination bucket is a directory bucket. ** [x-amz-server-side-encryption-customer-key](#API_CopyObject_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded. Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm` header. This functionality is not supported when the destination bucket is a directory bucket. ** [x-amz-server-side-encryption-customer-key-MD5](#API_CopyObject_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported when the destination bucket is a directory bucket. ** [x-amz-source-expected-bucket-owner](#API_CopyObject_RequestSyntax) ** The account ID of the expected source bucket owner. If the account ID that you provide does not match the actual owner of the source bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-storage-class](#API_CopyObject_RequestSyntax) ** If the `x-amz-storage-class` header is not used, the copied object will be stored in the `STANDARD` Storage Class by default. The `STANDARD` storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. + **Directory buckets ** - Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. Unsupported storage class values won't write a destination object and will respond with the HTTP status code `400 Bad Request`. + **Amazon S3 on Outposts ** - S3 on Outposts only uses the `OUTPOSTS` Storage Class. You can use the `CopyObject` action to change the storage class of an object that is already stored in Amazon S3 by using the `x-amz-storage-class` header. For more information, see [Storage Classes](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) in the *Amazon S3 User Guide*. Before using an object as a source object for the copy operation, you must restore a copy of it if it meets any of the following conditions: + The storage class of the source object is `GLACIER` or `DEEP_ARCHIVE`. + The storage class of the source object is `INTELLIGENT_TIERING` and it's [S3 Intelligent-Tiering access tier](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering-overview.html#intel-tiering-tier-definition) is `Archive Access` or `Deep Archive Access`. For more information, see [RestoreObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) and [Copying Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html) in the *Amazon S3 User Guide*. Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` ** [x-amz-tagging](#API_CopyObject_RequestSyntax) ** The tag-set for the object copy in the destination bucket. This value must be used in conjunction with the `x-amz-tagging-directive` if you choose `REPLACE` for the `x-amz-tagging-directive`. If you choose `COPY` for the `x-amz-tagging-directive`, you don't need to set the `x-amz-tagging` header, because the tag-set will be copied from the source object directly. The tag-set must be encoded as URL Query parameters. The default value is the empty value. **Directory buckets** - For directory buckets in a `CopyObject` operation, only the empty tag-set is supported. Any requests that attempt to write non-empty tags into directory buckets will receive a `501 Not Implemented` status code. When the destination bucket is a directory bucket, you will receive a `501 Not Implemented` response in any of the following situations: + When you attempt to `COPY` the tag-set from an S3 source object that has non-empty tags. + When you attempt to `REPLACE` the tag-set of a source object and set a non-empty value to `x-amz-tagging`. + When you don't set the `x-amz-tagging-directive` header and the source object has non-empty tags. This is because the default value of `x-amz-tagging-directive` is `COPY`. Because only the empty tag-set is supported for directory buckets in a `CopyObject` operation, the following situations are allowed: + When you attempt to `COPY` the tag-set from a directory bucket source object that has no tags to a general purpose bucket. It copies an empty tag-set to the destination object. + When you attempt to `REPLACE` the tag-set of a directory bucket source object and set the `x-amz-tagging` value of the directory bucket destination object to empty. + When you attempt to `REPLACE` the tag-set of a general purpose bucket source object that has non-empty tags and set the `x-amz-tagging` value of the directory bucket destination object to empty. + When you attempt to `REPLACE` the tag-set of a directory bucket source object and don't set the `x-amz-tagging` value of the directory bucket destination object. This is because the default value of `x-amz-tagging` is the empty value. ** [x-amz-tagging-directive](#API_CopyObject_RequestSyntax) ** Specifies whether the object tag-set is copied from the source object or replaced with the tag-set that's provided in the request. The default value is `COPY`. **Directory buckets** - For directory buckets in a `CopyObject` operation, only the empty tag-set is supported. Any requests that attempt to write non-empty tags into directory buckets will receive a `501 Not Implemented` status code. When the destination bucket is a directory bucket, you will receive a `501 Not Implemented` response in any of the following situations: + When you attempt to `COPY` the tag-set from an S3 source object that has non-empty tags. + When you attempt to `REPLACE` the tag-set of a source object and set a non-empty value to `x-amz-tagging`. + When you don't set the `x-amz-tagging-directive` header and the source object has non-empty tags. This is because the default value of `x-amz-tagging-directive` is `COPY`. Because only the empty tag-set is supported for directory buckets in a `CopyObject` operation, the following situations are allowed: + When you attempt to `COPY` the tag-set from a directory bucket source object that has no tags to a general purpose bucket. It copies an empty tag-set to the destination object. + When you attempt to `REPLACE` the tag-set of a directory bucket source object and set the `x-amz-tagging` value of the directory bucket destination object to empty. + When you attempt to `REPLACE` the tag-set of a general purpose bucket source object that has non-empty tags and set the `x-amz-tagging` value of the directory bucket destination object to empty. + When you attempt to `REPLACE` the tag-set of a directory bucket source object and don't set the `x-amz-tagging` value of the directory bucket destination object. This is because the default value of `x-amz-tagging` is the empty value. Valid Values: `COPY | REPLACE` ** [x-amz-website-redirect-location](#API_CopyObject_RequestSyntax) ** If the destination bucket is configured as a website, redirects requests for this object copy to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. This value is unique to each object and is not copied when using the `x-amz-metadata-directive` header. Instead, you may opt to provide this header in combination with the `x-amz-metadata-directive` header. This functionality is not supported for directory buckets. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-expiration: Expiration x-amz-copy-source-version-id: CopySourceVersionId x-amz-version-id: VersionId x-amz-server-side-encryption: ServerSideEncryption x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-request-charged: RequestCharged string timestamp string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-copy-source-version-id](#API_CopyObject_ResponseSyntax) ** Version ID of the source object that was copied. This functionality is not supported when the source object is in a directory bucket. ** [x-amz-expiration](#API_CopyObject_ResponseSyntax) ** If the object expiration is configured, the response includes this header. Object expiration information is not returned in directory buckets and this header returns the value "`NotImplemented`" in all responses for directory buckets. ** [x-amz-request-charged](#API_CopyObject_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_CopyObject_ResponseSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_CopyObject_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_CopyObject_ResponseSyntax) ** Indicates whether the copied object uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-server-side-encryption-context](#API_CopyObject_ResponseSyntax) ** If present, indicates the AWS KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded UTF-8 string holding JSON with the encryption context key-value pairs. ** [x-amz-server-side-encryption-customer-algorithm](#API_CopyObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_CopyObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key. This functionality is not supported for directory buckets. ** [x-amz-version-id](#API_CopyObject_ResponseSyntax) ** Version ID of the newly created copy. This functionality is not supported for directory buckets. The following data is returned in XML format by the service. ** [CopyObjectResult](#API_CopyObject_ResponseSyntax) ** Root level tag for the CopyObjectResult parameters. Required: Yes ** [ChecksumCRC32](#API_CopyObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32` checksum of the object. This checksum is only present if the object was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumCRC32C](#API_CopyObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32C` checksum of the object. This checksum is only present if the checksum was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumCRC64NVME](#API_CopyObject_ResponseSyntax) ** The Base64 encoded, 64-bit `CRC64NVME` checksum of the object. This checksum is present if the object being copied was uploaded with the `CRC64NVME` checksum algorithm, or if the object was uploaded without a checksum (and Amazon S3 added the default checksum, `CRC64NVME`, to the uploaded object). For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumSHA1](#API_CopyObject_ResponseSyntax) ** The Base64 encoded, 160-bit `SHA1` digest of the object. This checksum is only present if the checksum was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumSHA256](#API_CopyObject_ResponseSyntax) ** The Base64 encoded, 256-bit `SHA256` digest of the object. This checksum is only present if the checksum was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumType](#API_CopyObject_ResponseSyntax) ** The checksum type that is used to calculate the object’s checksum value. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String Valid Values: `COMPOSITE | FULL_OBJECT` ** [ETag](#API_CopyObject_ResponseSyntax) ** Returns the ETag of the new object. The ETag reflects only changes to the contents of an object, not its metadata. Type: String ** [LastModified](#API_CopyObject_ResponseSyntax) ** Creation date of the object. Type: Timestamp ## Errors ** ObjectNotInActiveTierError ** The source object of the COPY action is not in the active tier and is only stored in Amazon S3 Glacier. HTTP Status Code: 403 ## Examples ### Sample Request for general purpose buckets This example copies `my-image.jpg` into the `amzn-s3-demo-bucket` bucket, with the key name `my-second-image.jpg`. ``` PUT /my-second-image.jpg HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT x-amz-copy-source: /amzn-s3-demo-bucket/my-image.jpg Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of CopyObject. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 x-amz-copy-source-version-id: 3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo x-amz-version-id: QUpfdndhfd8438MNFDN93jdnJFkdmqnh893 Date: Wed, 28 Oct 2009 22:32:00 GMT Connection: close Server: AmazonS3 2009-10-12T17:50:30.000Z "9b2cf535f27731c974343645a3985328" ``` ### Sample Request for general purpose buckets: Copying a specified version of an object The following request copies the `my-image.jpg` key with the specified version ID, copies it into the `amzn-s3-demo-bucket` bucket, and gives it the `my-second-image.jpg` key. ``` PUT /my-second-image.jpg HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT x-amz-copy-source: /amzn-s3-demo-bucket/my-image.jpg?versionId=3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo Authorization: authorization string ``` ### Success Response for general purpose buckets: Copying a versioned object into a version-enabled bucket The following response shows that an object was copied into a target bucket where versioning is enabled. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 x-amz-version-id: QUpfdndhfd8438MNFDN93jdnJFkdmqnh893 x-amz-copy-source-version-id: 09df8234529fjs0dfi0w52935029wefdj Date: Wed, 28 Oct 2009 22:32:00 GMT Connection: close Server: AmazonS3 2009-10-12T17:50:30.000Z "9b2cf535f27731c974343645a3985328" ``` ### Success Response for general purpose buckets: Copying a versioned object into a version-suspended bucket The following response shows that an object was copied into a target bucket where versioning is suspended. The parameter `VersionId` does not appear. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 x-amz-copy-source-version-id: 3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo Date: Wed, 28 Oct 2009 22:32:00 GMT Connection: close Server: AmazonS3 2009-10-28T22:32:00 "9b2cf535f27731c974343645a3985328" ``` ### Sample Request for general purpose buckets: Copy from unencrypted object to an object encrypted with server-side encryption with customer-provided encryption keys The following example specifies the HTTP PUT header to copy an unencrypted object to an object encrypted with server-side encryption with customer-provided encryption keys (SSE-C). ``` PUT /exampleDestinationObject HTTP/1.1 Host: amzn-s3-demo-destination-bucket.s3..amazonaws.com x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key: Base64(YourKey) x-amz-server-side-encryption-customer-key-MD5 : Base64(MD5(YourKey)) x-amz-metadata-directive: metadata_directive x-amz-copy-source: /amzn-s3-demo-source-bucket/exampleSourceObject x-amz-copy-source-if-match: etag x-amz-copy-source-if-none-match: etag x-amz-copy-source-if-unmodified-since: time_stamp x-amz-copy-source-if-modified-since: time_stamp Authorization: authorization string (see Authenticating Requests (AWS Signature Version 4)) Date: date ``` ### Sample Request for general purpose buckets: Copy from an object encrypted with SSE-C to an object encrypted with SSE-C The following example specifies the HTTP PUT header to copy an object encrypted with server-side encryption with customer-provided encryption keys to an object encrypted with server-side encryption with customer-provided encryption keys for key rotation. **Note** If you have server-side encryption with customer-provided keys (SSE-C) blocked for your general purpose bucket, you will get an HTTP 403 Access Denied error when you specify the SSE-C request headers while writing new data to your bucket. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). ``` PUT /exampleDestinationObject HTTP/1.1 Host: amzn-s3-demo-destination-bucket.s3..amazonaws.com x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key: Base64(NewKey) x-amz-server-side-encryption-customer-key-MD5: Base64(MD5(NewKey)) x-amz-metadata-directive: metadata_directive x-amz-copy-source: /amzn-s3-demo-source-bucket/sourceObject x-amz-copy-source-if-match: etag x-amz-copy-source-if-none-match: etag x-amz-copy-source-if-unmodified-since: time_stamp x-amz-copy-source-if-modified-since: time_stamp x-amz-copy-source-server-side-encryption-customer-algorithm: AES256 x-amz-copy-source-server-side-encryption-customer-key: Base64(OldKey) x-amz-copy-source-server-side-encryption-customer-key-MD5: Base64(MD5(OldKey)) Authorization: authorization string (see Authenticating Requests (AWS Signature Version 4)) Date: date ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/CopyObject) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/CopyObject) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/CopyObject) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/CopyObject) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/CopyObject) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/CopyObject) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/CopyObject) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/CopyObject) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/CopyObject) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/CopyObject) # CreateBucket **Note** This action creates an Amazon S3 bucket. To create an Amazon S3 on Outposts bucket, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html). Creates a new S3 bucket. To create a bucket, you must set up Amazon S3 and have a valid AWS Access Key ID to authenticate requests. Anonymous requests are never allowed to create buckets. By creating the bucket, you become the bucket owner. There are two types of buckets: general purpose buckets and directory buckets. For more information about these bucket types, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon S3 User Guide*. General purpose buckets exist in a global namespace, which means that each bucket name must be unique across all AWS accounts in all the AWS Regions within a partition. A partition is a grouping of Regions. AWS currently has four partitions: `aws` (Standard Regions), `aws-cn` (China Regions), `aws-us-gov` (AWS GovCloud (US)), and `aws-eusc` (European Sovereign Cloud). When you create a general purpose bucket, you can choose to create a bucket in the shared global namespace or you can choose to create a bucket in your account regional namespace. Your account regional namespace is a subdivision of the global namespace that only your account can create buckets in. For more information on account regional namespaces, see [Namespaces for general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/gpbucketnamespaces.html). **Note** **General purpose buckets** - If you send your `CreateBucket` request to the `s3.amazonaws.com` global endpoint, the request goes to the `us-east-1` Region. So the signature calculations in Signature Version 4 must use `us-east-1` as the Region, even if the location constraint in the request specifies another Region where the bucket is to be created. If you create a bucket in a Region other than US East (N. Virginia), your application must be able to handle 307 redirect. For more information, see [Virtual hosting of buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html) in the *Amazon S3 User Guide*. **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - In addition to the `s3:CreateBucket` permission, the following permissions are required in a policy when your `CreateBucket` request includes specific headers: + **Access control lists (ACLs)** - In your `CreateBucket` request, if you specify an access control list (ACL) and set it to `public-read`, `public-read-write`, `authenticated-read`, or if you explicitly specify any other custom ACLs, both `s3:CreateBucket` and `s3:PutBucketAcl` permissions are required. In your `CreateBucket` request, if you set the ACL to `private`, or if you don't specify any ACLs, only the `s3:CreateBucket` permission is required. + **Object Lock** - In your `CreateBucket` request, if you set `x-amz-bucket-object-lock-enabled` to true, the `s3:PutBucketObjectLockConfiguration` and `s3:PutBucketVersioning` permissions are required. + **S3 Object Ownership** - If your `CreateBucket` request includes the `x-amz-object-ownership` header, then the `s3:PutBucketOwnershipControls` permission is required. **Important** To set an ACL on a bucket as part of a `CreateBucket` request, you must explicitly set S3 Object Ownership for the bucket to a different value than the default, `BucketOwnerEnforced`. Additionally, if your desired bucket ACL grants public access, you must first create the bucket (without the bucket ACL) and then explicitly disable Block Public Access on the bucket before using `PutBucketAcl` to set the ACL. If you try to create a bucket with a public ACL, the request will fail. For the majority of modern use cases in S3, we recommend that you keep all Block Public Access settings enabled and keep ACLs disabled. If you would like to share data with users outside of your account, you can use bucket policies as needed. For more information, see [Controlling ownership of objects and disabling ACLs for your bucket ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) and [Blocking public access to your Amazon S3 storage ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) in the *Amazon S3 User Guide*. + **S3 Block Public Access** - If your specific use case requires granting public access to your S3 resources, you can disable Block Public Access. Specifically, you can create a new bucket with Block Public Access enabled, then separately call the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) API. To use this operation, you must have the `s3:PutBucketPublicAccessBlock` permission. For more information about S3 Block Public Access, see [Blocking public access to your Amazon S3 storage ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - You must have the `s3express:CreateBucket` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. **Important** The permissions for ACLs, Object Lock, S3 Object Ownership, and S3 Block Public Access are not supported for directory buckets. For directory buckets, all Block Public Access settings are enabled at the bucket level and S3 Object Ownership is set to Bucket owner enforced (ACLs disabled). These settings can't be modified. For more information about permissions for creating and working with directory buckets, see [Directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) in the *Amazon S3 User Guide*. For more information about supported S3 features for directory buckets, see [Features of S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html#s3-express-features) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following operations are related to `CreateBucket`: + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT / HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-acl: ACL x-amz-grant-full-control: GrantFullControl x-amz-grant-read: GrantRead x-amz-grant-read-acp: GrantReadACP x-amz-grant-write: GrantWrite x-amz-grant-write-acp: GrantWriteACP x-amz-bucket-object-lock-enabled: ObjectLockEnabledForBucket x-amz-object-ownership: ObjectOwnership x-amz-bucket-namespace: BucketNamespace string string string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_CreateBucket_RequestSyntax) ** The name of the bucket to create. **General purpose buckets** - For information about bucket naming restrictions, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide*. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [x-amz-acl](#API_CreateBucket_RequestSyntax) ** The canned ACL to apply to the bucket. This functionality is not supported for directory buckets. Valid Values: `private | public-read | public-read-write | authenticated-read` ** [x-amz-bucket-namespace](#API_CreateBucket_RequestSyntax) ** Specifies the namespace where you want to create your general purpose bucket. When you create a general purpose bucket, you can choose to create a bucket in the shared global namespace or you can choose to create a bucket in your account regional namespace. Your account regional namespace is a subdivision of the global namespace that only your account can create buckets in. For more information on bucket namespaces, see [Namespaces for general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/gpbucketnamespaces.html). General purpose buckets in your account regional namespace must follow a specific naming convention. These buckets consist of a bucket name prefix that you create, and a suffix that contains your 12-digit AWS Account ID, the AWS Region code, and ends with `-an`. Bucket names must follow the format `bucket-name-prefix-accountId-region-an` (for example, `amzn-s3-demo-bucket-111122223333-us-west-2-an`). For information about bucket naming restrictions, see [Account regional namespace naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html#account-regional-naming-rules) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `account-regional | global` ** [x-amz-bucket-object-lock-enabled](#API_CreateBucket_RequestSyntax) ** Specifies whether you want S3 Object Lock to be enabled for the new bucket. This functionality is not supported for directory buckets. ** [x-amz-grant-full-control](#API_CreateBucket_RequestSyntax) ** Allows grantee the read, write, read ACP, and write ACP permissions on the bucket. This functionality is not supported for directory buckets. ** [x-amz-grant-read](#API_CreateBucket_RequestSyntax) ** Allows grantee to list the objects in the bucket. This functionality is not supported for directory buckets. ** [x-amz-grant-read-acp](#API_CreateBucket_RequestSyntax) ** Allows grantee to read the bucket ACL. This functionality is not supported for directory buckets. ** [x-amz-grant-write](#API_CreateBucket_RequestSyntax) ** Allows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects. This functionality is not supported for directory buckets. ** [x-amz-grant-write-acp](#API_CreateBucket_RequestSyntax) ** Allows grantee to write the ACL for the applicable bucket. This functionality is not supported for directory buckets. ** [x-amz-object-ownership](#API_CreateBucket_RequestSyntax) ** The container element for object ownership for a bucket's ownership controls. `BucketOwnerPreferred` - Objects uploaded to the bucket change ownership to the bucket owner if the objects are uploaded with the `bucket-owner-full-control` canned ACL. `ObjectWriter` - The uploading account will own the object if the object is uploaded with the `bucket-owner-full-control` canned ACL. `BucketOwnerEnforced` - Access control lists (ACLs) are disabled and no longer affect permissions. The bucket owner automatically owns and has full control over every object in the bucket. The bucket only accepts PUT requests that don't specify an ACL or specify bucket owner full control ACLs (such as the predefined `bucket-owner-full-control` canned ACL or a custom ACL in XML format that grants the same permissions). By default, `ObjectOwnership` is set to `BucketOwnerEnforced` and ACLs are disabled. We recommend keeping ACLs disabled, except in uncommon use cases where you must control access for each object individually. For more information about S3 Object Ownership, see [Controlling ownership of objects and disabling ACLs for your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Directory buckets use the bucket owner enforced setting for S3 Object Ownership. Valid Values: `BucketOwnerPreferred | ObjectWriter | BucketOwnerEnforced` ## Request Body The request accepts the following data in XML format. ** [CreateBucketConfiguration](#API_CreateBucket_RequestSyntax) ** Root level tag for the CreateBucketConfiguration parameters. Required: Yes ** [Bucket](#API_CreateBucket_RequestSyntax) ** Specifies the information about the bucket that will be created. This functionality is only supported by directory buckets. Type: [BucketInfo](API_BucketInfo.md) data type Required: No ** [Location](#API_CreateBucket_RequestSyntax) ** Specifies the location where the bucket will be created. **Directory buckets ** - The location type is Availability Zone or Local Zone. To use the Local Zone location type, your account must be enabled for Local Zones. Otherwise, you get an HTTP `403 Forbidden` error with the error code `AccessDenied`. To learn more, see [Enable accounts for Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/opt-in-directory-bucket-lz.html) in the *Amazon S3 User Guide*. This functionality is only supported by directory buckets. Type: [LocationInfo](API_LocationInfo.md) data type Required: No ** [LocationConstraint](#API_CreateBucket_RequestSyntax) ** Specifies the Region where the bucket will be created. You might choose a Region to optimize latency, minimize costs, or address regulatory requirements. For example, if you reside in Europe, you will probably find it advantageous to create buckets in the Europe (Ireland) Region. If you don't specify a Region, the bucket is created in the US East (N. Virginia) Region (us-east-1) by default. Configurations using the value `EU` will create a bucket in `eu-west-1`. For a list of the valid values for all of the AWS Regions, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region). This functionality is not supported for directory buckets. Type: String Valid Values: `af-south-1 | ap-east-1 | ap-northeast-1 | ap-northeast-2 | ap-northeast-3 | ap-south-1 | ap-south-2 | ap-southeast-1 | ap-southeast-2 | ap-southeast-3 | ap-southeast-4 | ap-southeast-5 | ca-central-1 | cn-north-1 | cn-northwest-1 | EU | eu-central-1 | eu-central-2 | eu-north-1 | eu-south-1 | eu-south-2 | eu-west-1 | eu-west-2 | eu-west-3 | il-central-1 | me-central-1 | me-south-1 | sa-east-1 | us-east-2 | us-gov-east-1 | us-gov-west-1 | us-west-1 | us-west-2` Required: No ** [Tags](#API_CreateBucket_RequestSyntax) ** An array of tags that you can apply to the bucket that you're creating. Tags are key-value pairs of metadata used to categorize and organize your buckets, track costs, and control access. You must have the `s3:TagResource` permission to create a general purpose bucket with tags or the `s3express:TagResource` permission to create a directory bucket with tags. When creating buckets with tags, note that tag-based conditions using `aws:ResourceTag` and `s3:BucketTag` condition keys are applicable only after ABAC is enabled on the bucket. To learn more, see [Enabling ABAC in general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html). Type: Array of [Tag](API_Tag.md) data types Required: No ## Response Syntax ``` HTTP/1.1 200 Location: Location x-amz-bucket-arn: BucketArn ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [Location](#API_CreateBucket_ResponseSyntax) ** A forward slash followed by the name of the bucket. ** [x-amz-bucket-arn](#API_CreateBucket_ResponseSyntax) ** The Amazon Resource Name (ARN) of the S3 bucket. ARNs uniquely identify AWS resources across all of AWS. This parameter is only supported for S3 directory buckets. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html). Length Constraints: Minimum length of 1. Maximum length of 128. Pattern: `arn:[^:]+:(s3|s3express):.*` ## Errors ** BucketAlreadyExists ** The requested bucket name is not available. The bucket namespace is shared by all users of the system. Select a different name and try again. HTTP Status Code: 409 ** BucketAlreadyOwnedByYou ** The bucket you tried to create already exists, and you own it. Amazon S3 returns this error in all AWS Regions except in the North Virginia Region. For legacy compatibility, if you re-create an existing bucket that you already own in the North Virginia Region, Amazon S3 returns 200 OK and resets the bucket access control lists (ACLs). HTTP Status Code: 409 ## Examples ### Sample Request for general purpose buckets This request creates a bucket named `amzn-s3-demo-bucket`. ``` PUT / HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Content-Length: 0 Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of CreateBucket. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT Location: /amzn-s3-demo-bucket Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Request for general purpose buckets: Setting the Region of a bucket The following request sets the Region for the bucket to Europe. ``` PUT / HTTP/1.1 Host: amzn-s3-demo-bucket.s3.amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: 124 EU ``` ### Sample Request for general purpose buckets: Creating a bucket and applying the ObjectWriter setting for S3 Object Ownership. This request creates a bucket and applies the `ObjectWriter` setting for Object Ownership. ``` PUT / HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Content-Length: 0 x-amz-object-ownership: ObjectWriter Date: Tue, 30 Nov 2021 12:00:00 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of CreateBucket. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Tue, 30 Nov 2021 12:00:00 GMT Location: /amzn-s3-demo-bucket Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Request for general purpose buckets: Creating a bucket and configuring access permissions explicitly This request creates a bucket named `amzn-s3-demo-bucket` and grants WRITE permission to the AWS account identified by canonical id. ``` PUT HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Sat, 07 Apr 2012 00:54:40 GMT Authorization: authorization string x-amz-grant-write: id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be", id="52b113e7a2f25102679df27bb0746532b8776c37c9fc7ca4ac94015369746b9f" ``` ### Sample Response for general purpose buckets This example illustrates one usage of CreateBucket. ``` HTTP/1.1 200 OK ``` ### Sample Request for general purpose buckets: Creating a bucket and configuring access permission using a canned ACL This request creates a bucket named `amzn-s3-demo-bucket` and sets the ACL to private. ``` PUT / HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Content-Length: 0 x-amz-acl: private Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of CreateBucket. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT Location: /amzn-s3-demo-bucket Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Request for general purpose buckets: Creating a bucket in your account regional namespace This request creates the general purpose bucket `amzn-s3-demo-bucket-012345678910-us-west-2-an` in the account regional namespace for AWS Account 012345678910 in the US West (Oregon) Region `(us-west-2)` Region. ``` PUT / HTTP/1.1 Host: amzn-s3-demo-bucket-012345678910-us-west-2-an.s3.us-west-2.amazonaws.com Content-Length: 0 x-amz-bucket-namespace: account-regional Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string us-west-2 ``` ### Sample Response for general purpose buckets This example illustrates one usage of CreateBucket. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT Location: /amzn-s3-demo-bucket-012345678910-us-west-2-an Content-Length: 0 Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/CreateBucket) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/CreateBucket) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/CreateBucket) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/CreateBucket) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/CreateBucket) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/CreateBucket) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/CreateBucket) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/CreateBucket) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/CreateBucket) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/CreateBucket) # CreateBucketMetadataConfiguration Creates an S3 Metadata V2 metadata configuration for a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. Permissions To use this operation, you must have the following permissions. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. If you want to encrypt your metadata tables with server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), you need additional permissions in your KMS key policy. For more information, see [ Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. If you also want to integrate your table bucket with AWS analytics services so that you can query your metadata table, you need additional permissions. For more information, see [ Integrating Amazon S3 Tables with AWS analytics services](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-integrating-aws.html) in the *Amazon S3 User Guide*. To query your metadata tables, you need additional permissions. For more information, see [ Permissions for querying metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-bucket-query-permissions.html) in the *Amazon S3 User Guide*. + `s3:CreateBucketMetadataTableConfiguration` **Note** The IAM policy action name is the same for the V1 and V2 API operations. + `s3tables:CreateTableBucket` + `s3tables:CreateNamespace` + `s3tables:GetTable` + `s3tables:CreateTable` + `s3tables:PutTablePolicy` + `s3tables:PutTableEncryption` + `kms:DescribeKey` The following operations are related to `CreateBucketMetadataConfiguration`: + [DeleteBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html) + [GetBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html) + [UpdateBucketMetadataInventoryTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html) + [UpdateBucketMetadataJournalTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /?metadataConfiguration HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string integer string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_CreateBucketMetadataConfiguration_RequestSyntax) ** The general purpose bucket that you want to create the metadata configuration for. Required: Yes ** [Content-MD5](#API_CreateBucketMetadataConfiguration_RequestSyntax) ** The `Content-MD5` header for the metadata configuration. ** [x-amz-expected-bucket-owner](#API_CreateBucketMetadataConfiguration_RequestSyntax) ** The expected owner of the general purpose bucket that corresponds to your metadata configuration. ** [x-amz-sdk-checksum-algorithm](#API_CreateBucketMetadataConfiguration_RequestSyntax) ** The checksum algorithm to use with your metadata configuration. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [MetadataConfiguration](#API_CreateBucketMetadataConfiguration_RequestSyntax) ** Root level tag for the MetadataConfiguration parameters. Required: Yes ** [InventoryTableConfiguration](#API_CreateBucketMetadataConfiguration_RequestSyntax) ** The inventory table configuration for a metadata configuration. Type: [InventoryTableConfiguration](API_InventoryTableConfiguration.md) data type Required: No ** [JournalTableConfiguration](#API_CreateBucketMetadataConfiguration_RequestSyntax) ** The journal table configuration for a metadata configuration. Type: [JournalTableConfiguration](API_JournalTableConfiguration.md) data type Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/CreateBucketMetadataConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/CreateBucketMetadataConfiguration) # CreateBucketMetadataTableConfiguration **Important** We recommend that you create your S3 Metadata configurations by using the V2 [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) API operation. We no longer recommend using the V1 `CreateBucketMetadataTableConfiguration` API operation. If you created your S3 Metadata configuration before July 15, 2025, we recommend that you delete and re-create your configuration by using [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) so that you can expire journal table records and create a live inventory table. Creates a V1 S3 Metadata configuration for a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. Permissions To use this operation, you must have the following permissions. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. If you want to encrypt your metadata tables with server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), you need additional permissions. For more information, see [ Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. If you also want to integrate your table bucket with AWS analytics services so that you can query your metadata table, you need additional permissions. For more information, see [ Integrating Amazon S3 Tables with AWS analytics services](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-integrating-aws.html) in the *Amazon S3 User Guide*. + `s3:CreateBucketMetadataTableConfiguration` + `s3tables:CreateNamespace` + `s3tables:GetTable` + `s3tables:CreateTable` + `s3tables:PutTablePolicy` The following operations are related to `CreateBucketMetadataTableConfiguration`: + [DeleteBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html) + [GetBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /?metadataTable HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_CreateBucketMetadataTableConfiguration_RequestSyntax) ** The general purpose bucket that you want to create the metadata table configuration for. Required: Yes ** [Content-MD5](#API_CreateBucketMetadataTableConfiguration_RequestSyntax) ** The `Content-MD5` header for the metadata table configuration. ** [x-amz-expected-bucket-owner](#API_CreateBucketMetadataTableConfiguration_RequestSyntax) ** The expected owner of the general purpose bucket that corresponds to your metadata table configuration. ** [x-amz-sdk-checksum-algorithm](#API_CreateBucketMetadataTableConfiguration_RequestSyntax) ** The checksum algorithm to use with your metadata table configuration. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [MetadataTableConfiguration](#API_CreateBucketMetadataTableConfiguration_RequestSyntax) ** Root level tag for the MetadataTableConfiguration parameters. Required: Yes ** [S3TablesDestination](#API_CreateBucketMetadataTableConfiguration_RequestSyntax) ** The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket. Type: [S3TablesDestination](API_S3TablesDestination.md) data type Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/CreateBucketMetadataTableConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/CreateBucketMetadataTableConfiguration) # CreateMultipartUpload **Important** End of support notice: As of October 1, 2025, Amazon S3 has discontinued support for Email Grantee Access Control Lists (ACLs). If you attempt to use an Email Grantee ACL in a request after October 1, 2025, the request will receive an `HTTP 405` (Method Not Allowed) error. This change affects the following AWS Regions: US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), and South America (São Paulo). This action initiates a multipart upload and returns an upload ID. This upload ID is used to associate all of the parts in the specific multipart upload. You specify this upload ID in each of your subsequent upload part requests (see [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)). You also include this upload ID in the final request to either complete or abort the multipart upload request. For more information about multipart uploads, see [Multipart Upload Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the *Amazon S3 User Guide*. **Note** After you initiate a multipart upload and upload one or more parts, to stop being charged for storing the uploaded parts, you must either complete or abort the multipart upload. Amazon S3 frees up the space used to store the parts and stops charging you for storing them only after you either complete or abort a multipart upload. If you have configured a lifecycle rule to abort incomplete multipart uploads, the created multipart upload must be completed within the number of days specified in the bucket lifecycle configuration. Otherwise, the incomplete multipart upload becomes eligible for an abort action and Amazon S3 aborts the multipart upload. For more information, see [Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). **Note** **Directory buckets ** - S3 Lifecycle is not supported by directory buckets. **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Request signing For request signing, multipart upload is just a series of regular requests. You initiate a multipart upload, send one or more requests to upload parts, and then complete the multipart upload process. You sign each request individually. There is nothing special about signing multipart upload requests. For more information about signing, see [Authenticating Requests (AWS Signature Version 4)](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - To perform a multipart upload with encryption using an AWS Key Management Service (AWS KMS) KMS key, the requester must have permission to the `kms:Decrypt` and `kms:GenerateDataKey` actions on the key. The requester must also have permissions for the `kms:GenerateDataKey` action for the `CreateMultipartUpload` API. Then, the requester needs permissions for the `kms:Decrypt` action on the `UploadPart` and `UploadPartCopy` APIs. These permissions are required because Amazon S3 must decrypt and read data from the encrypted file parts before it completes the multipart upload. For more information, see [Multipart upload API and permissions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) and [Protecting data using server-side encryption with AWS KMS](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). Encryption + **General purpose buckets** - Server-side encryption is for data encryption at rest. Amazon S3 encrypts your data as it writes it to disks in its data centers and decrypts it when you access it. Amazon S3 automatically encrypts all new objects that are uploaded to an S3 bucket. When doing a multipart upload, if you don't specify encryption information in your request, the encryption setting of the uploaded parts is set to the default encryption configuration of the destination bucket. By default, all buckets have a base level of encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket has a default encryption configuration that uses server-side encryption with an AWS Key Management Service (AWS KMS) key (SSE-KMS), or a customer-provided encryption key (SSE-C), Amazon S3 uses the corresponding KMS key, or a customer-provided key to encrypt the uploaded parts. When you perform a CreateMultipartUpload operation, if you want to use a different type of encryption setting for the uploaded parts, you can request that Amazon S3 encrypts the object with a different encryption key (such as an Amazon S3 managed key, a KMS key, or a customer-provided key). When the encryption setting in your request is different from the default encryption configuration of the destination bucket, the encryption setting in your request takes precedence. If you choose to provide your own encryption key, the request headers you provide in [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) requests must match the headers you used in the `CreateMultipartUpload` request. + Use KMS keys (SSE-KMS) that include the AWS managed key (`aws/s3`) and AWS KMS customer managed keys stored in AWS Key Management Service (AWS KMS) – If you want AWS to manage the keys used to encrypt data, specify the following headers in the request. + `x-amz-server-side-encryption` + `x-amz-server-side-encryption-aws-kms-key-id` + `x-amz-server-side-encryption-context` **Note** If you specify `x-amz-server-side-encryption:aws:kms`, but don't provide `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the AWS managed key (`aws/s3` key) in AWS KMS to protect the data. To perform a multipart upload with encryption by using an AWS KMS key, the requester must have permission to the `kms:Decrypt` and `kms:GenerateDataKey*` actions on the key. These permissions are required because Amazon S3 must decrypt and read data from the encrypted file parts before it completes the multipart upload. For more information, see [Multipart upload API and permissions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) and [Protecting data using server-side encryption with AWS KMS](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) in the *Amazon S3 User Guide*. If your AWS Identity and Access Management (IAM) user or role is in the same AWS account as the KMS key, then you must have these permissions on the key policy. If your IAM user or role is in a different account from the key, then you must have the permissions on both the key policy and your IAM user or role. All `GET` and `PUT` requests for an object protected by AWS KMS fail if you don't make them by using Secure Sockets Layer (SSL), Transport Layer Security (TLS), or Signature Version 4. For information about configuring any of the officially supported AWS SDKs and AWS CLI, see [Specifying the Signature Version in Request Authentication](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) in the *Amazon S3 User Guide*. For more information about server-side encryption with AWS KMS keys (SSE-KMS), see [Protecting Data Using Server-Side Encryption with KMS keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) in the *Amazon S3 User Guide*. + Use customer-provided encryption keys (SSE-C) – If you want to manage your own encryption keys, provide all the following headers in the request. + `x-amz-server-side-encryption-customer-algorithm` + `x-amz-server-side-encryption-customer-key` + `x-amz-server-side-encryption-customer-key-MD5` For more information about server-side encryption with customer-provided encryption keys (SSE-C), see [ Protecting data using server-side encryption with customer-provided encryption keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. + **Directory buckets** - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your `CreateSession` requests or `PUT` object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. For more information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with AWS KMS for new object uploads](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html). In the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)) using the REST API, the encryption request headers must match the encryption settings that are specified in the `CreateSession` request. You can't override the values of the encryption settings (`x-amz-server-side-encryption`, `x-amz-server-side-encryption-aws-kms-key-id`, `x-amz-server-side-encryption-context`, and `x-amz-server-side-encryption-bucket-key-enabled`) that are specified in the `CreateSession` request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the `CreateSession` request to protect new objects in the directory bucket. **Note** When you use the CLI or the AWS SDKs, for `CreateSession`, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the AWS SDKs use the bucket's default encryption configuration for the `CreateSession` request. It's not supported to override the encryption settings values in the `CreateSession` request. So in the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)), the encryption request headers must match the default encryption configuration of the directory bucket. **Note** For directory buckets, when you perform a `CreateMultipartUpload` operation and an `UploadPartCopy` operation, the request headers you provide in the `CreateMultipartUpload` request must match the default encryption configuration of the destination bucket. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `CreateMultipartUpload`: + [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) + [CompleteMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) + [AbortMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) + [ListMultipartUploads](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /{Key+}?uploads HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-acl: ACL Cache-Control: CacheControl Content-Disposition: ContentDisposition Content-Encoding: ContentEncoding Content-Language: ContentLanguage Content-Type: ContentType Expires: Expires x-amz-grant-full-control: GrantFullControl x-amz-grant-read: GrantRead x-amz-grant-read-acp: GrantReadACP x-amz-grant-write-acp: GrantWriteACP x-amz-server-side-encryption: ServerSideEncryption x-amz-storage-class: StorageClass x-amz-website-redirect-location: WebsiteRedirectLocation x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-request-payer: RequestPayer x-amz-tagging: Tagging x-amz-object-lock-mode: ObjectLockMode x-amz-object-lock-retain-until-date: ObjectLockRetainUntilDate x-amz-object-lock-legal-hold: ObjectLockLegalHoldStatus x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-checksum-algorithm: ChecksumAlgorithm x-amz-checksum-type: ChecksumType ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_CreateMultipartUpload_RequestSyntax) ** The name of the bucket where the multipart upload is initiated and where the object is uploaded. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Cache-Control](#API_CreateMultipartUpload_RequestSyntax) ** Specifies caching behavior along the request/reply chain. ** [Content-Disposition](#API_CreateMultipartUpload_RequestSyntax) ** Specifies presentational information for the object. ** [Content-Encoding](#API_CreateMultipartUpload_RequestSyntax) ** Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For directory buckets, only the `aws-chunked` value is supported in this header field. ** [Content-Language](#API_CreateMultipartUpload_RequestSyntax) ** The language that the content is in. ** [Content-Type](#API_CreateMultipartUpload_RequestSyntax) ** A standard MIME type describing the format of the object data. ** [Expires](#API_CreateMultipartUpload_RequestSyntax) ** The date and time at which the object is no longer cacheable. ** [Key](#API_CreateMultipartUpload_RequestSyntax) ** Object key for which the multipart upload is to be initiated. Length Constraints: Minimum length of 1. Required: Yes ** [x-amz-acl](#API_CreateMultipartUpload_RequestSyntax) ** The canned ACL to apply to the object. Amazon S3 supports a set of predefined ACLs, known as *canned ACLs*. Each canned ACL has a predefined set of grantees and permissions. For more information, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) in the *Amazon S3 User Guide*. By default, all objects are private. Only the owner has full access control. When uploading an object, you can grant access permissions to individual AWS accounts or to predefined groups defined by Amazon S3. These permissions are then added to the access control list (ACL) on the new object. For more information, see [Using ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). One way to grant the permissions using the request headers is to specify a canned ACL with the `x-amz-acl` request header. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. Valid Values: `private | public-read | public-read-write | authenticated-read | aws-exec-read | bucket-owner-read | bucket-owner-full-control` ** [x-amz-checksum-algorithm](#API_CreateMultipartUpload_RequestSyntax) ** Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ** [x-amz-checksum-type](#API_CreateMultipartUpload_RequestSyntax) ** Indicates the checksum type that you want Amazon S3 to use to calculate the object’s checksum value. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). Valid Values: `COMPOSITE | FULL_OBJECT` ** [x-amz-expected-bucket-owner](#API_CreateMultipartUpload_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-grant-full-control](#API_CreateMultipartUpload_RequestSyntax) ** Specify access permissions explicitly to give the grantee READ, READ\$1ACP, and WRITE\$1ACP permissions on the object. By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific AWS accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the *Amazon S3 User Guide*. You specify each grantee as a type=value pair, where the type is one of the following: + `id` – if the value specified is the canonical user ID of an AWS account + `uri` – if you are granting permissions to a predefined group + `emailAddress` – if the value specified is the email address of an AWS account **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. For example, the following `x-amz-grant-read` header grants the AWS accounts identified by account IDs permissions to read object data and its metadata: `x-amz-grant-read: id="11112222333", id="444455556666" ` + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read](#API_CreateMultipartUpload_RequestSyntax) ** Specify access permissions explicitly to allow grantee to read the object data and its metadata. By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific AWS accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the *Amazon S3 User Guide*. You specify each grantee as a type=value pair, where the type is one of the following: + `id` – if the value specified is the canonical user ID of an AWS account + `uri` – if you are granting permissions to a predefined group + `emailAddress` – if the value specified is the email address of an AWS account **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. For example, the following `x-amz-grant-read` header grants the AWS accounts identified by account IDs permissions to read object data and its metadata: `x-amz-grant-read: id="11112222333", id="444455556666" ` + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read-acp](#API_CreateMultipartUpload_RequestSyntax) ** Specify access permissions explicitly to allows grantee to read the object ACL. By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific AWS accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the *Amazon S3 User Guide*. You specify each grantee as a type=value pair, where the type is one of the following: + `id` – if the value specified is the canonical user ID of an AWS account + `uri` – if you are granting permissions to a predefined group + `emailAddress` – if the value specified is the email address of an AWS account **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. For example, the following `x-amz-grant-read` header grants the AWS accounts identified by account IDs permissions to read object data and its metadata: `x-amz-grant-read: id="11112222333", id="444455556666" ` + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-write-acp](#API_CreateMultipartUpload_RequestSyntax) ** Specify access permissions explicitly to allows grantee to allow grantee to write the ACL for the applicable object. By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific AWS accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the *Amazon S3 User Guide*. You specify each grantee as a type=value pair, where the type is one of the following: + `id` – if the value specified is the canonical user ID of an AWS account + `uri` – if you are granting permissions to a predefined group + `emailAddress` – if the value specified is the email address of an AWS account **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. For example, the following `x-amz-grant-read` header grants the AWS accounts identified by account IDs permissions to read object data and its metadata: `x-amz-grant-read: id="11112222333", id="444455556666" ` + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-object-lock-legal-hold](#API_CreateMultipartUpload_RequestSyntax) ** Specifies whether you want to apply a legal hold to the uploaded object. This functionality is not supported for directory buckets. Valid Values: `ON | OFF` ** [x-amz-object-lock-mode](#API_CreateMultipartUpload_RequestSyntax) ** Specifies the Object Lock mode that you want to apply to the uploaded object. This functionality is not supported for directory buckets. Valid Values: `GOVERNANCE | COMPLIANCE` ** [x-amz-object-lock-retain-until-date](#API_CreateMultipartUpload_RequestSyntax) ** Specifies the date and time when you want the Object Lock to expire. This functionality is not supported for directory buckets. ** [x-amz-request-payer](#API_CreateMultipartUpload_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_CreateMultipartUpload_RequestSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. + **Directory buckets ** - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your `CreateSession` requests or `PUT` object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. For more information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with AWS KMS for new object uploads](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html). In the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)) using the REST API, the encryption request headers must match the encryption settings that are specified in the `CreateSession` request. You can't override the values of the encryption settings (`x-amz-server-side-encryption`, `x-amz-server-side-encryption-aws-kms-key-id`, `x-amz-server-side-encryption-context`, and `x-amz-server-side-encryption-bucket-key-enabled`) that are specified in the `CreateSession` request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the `CreateSession` request to protect new objects in the directory bucket. **Note** When you use the CLI or the AWS SDKs, for `CreateSession`, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the AWS SDKs use the bucket's default encryption configuration for the `CreateSession` request. It's not supported to override the encryption settings values in the `CreateSession` request. So in the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)), the encryption request headers must match the default encryption configuration of the directory bucket. + **S3 access points for Amazon FSx ** - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_CreateMultipartUpload_RequestSyntax) ** Specifies the AWS KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID. **General purpose buckets** - If you specify `x-amz-server-side-encryption` with `aws:kms` or `aws:kms:dsse`, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the AWS KMS key to use. If you specify `x-amz-server-side-encryption:aws:kms` or `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the AWS managed key (`aws/s3`) to protect the data. **Directory buckets** - To encrypt data using SSE-KMS, it's recommended to specify the `x-amz-server-side-encryption` header to `aws:kms`. Then, the `x-amz-server-side-encryption-aws-kms-key-id` header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the ` x-amz-server-side-encryption-aws-kms-key-id` header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (`aws/s3`) isn't supported. Incorrect key specification results in an HTTP `400 Bad Request` error. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_CreateMultipartUpload_RequestSyntax) ** Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using AWS Key Management Service (AWS KMS) keys (SSE-KMS). **General purpose buckets** - Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key. **Directory buckets** - S3 Bucket Keys are always enabled for `GET` and `PUT` operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html), [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html), [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops), or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job). In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object. ** [x-amz-server-side-encryption-context](#API_CreateMultipartUpload_RequestSyntax) ** Specifies the AWS KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. **Directory buckets** - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported. ** [x-amz-server-side-encryption-customer-algorithm](#API_CreateMultipartUpload_RequestSyntax) ** Specifies the algorithm to use when encrypting the object (for example, AES256). This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_CreateMultipartUpload_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm` header. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_CreateMultipartUpload_RequestSyntax) ** Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported for directory buckets. ** [x-amz-storage-class](#API_CreateMultipartUpload_RequestSyntax) ** By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see [Storage Classes](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) in the *Amazon S3 User Guide*. + Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. + Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` ** [x-amz-tagging](#API_CreateMultipartUpload_RequestSyntax) ** The tag-set for the object. The tag-set must be encoded as URL Query parameters. This functionality is not supported for directory buckets. ** [x-amz-website-redirect-location](#API_CreateMultipartUpload_RequestSyntax) ** If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. This functionality is not supported for directory buckets. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-abort-date: AbortDate x-amz-abort-rule-id: AbortRuleId x-amz-server-side-encryption: ServerSideEncryption x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-request-charged: RequestCharged x-amz-checksum-algorithm: ChecksumAlgorithm x-amz-checksum-type: ChecksumType string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-abort-date](#API_CreateMultipartUpload_ResponseSyntax) ** If the bucket has a lifecycle rule configured with an action to abort incomplete multipart uploads and the prefix in the lifecycle rule matches the object name in the request, the response includes this header. The header indicates when the initiated multipart upload becomes eligible for an abort operation. For more information, see [ Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) in the *Amazon S3 User Guide*. The response also includes the `x-amz-abort-rule-id` header that provides the ID of the lifecycle configuration rule that defines the abort action. This functionality is not supported for directory buckets. ** [x-amz-abort-rule-id](#API_CreateMultipartUpload_ResponseSyntax) ** This header is returned along with the `x-amz-abort-date` header. It identifies the applicable lifecycle configuration rule that defines the action to abort incomplete multipart uploads. This functionality is not supported for directory buckets. ** [x-amz-checksum-algorithm](#API_CreateMultipartUpload_ResponseSyntax) ** The algorithm that was used to create a checksum of the object. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ** [x-amz-checksum-type](#API_CreateMultipartUpload_ResponseSyntax) ** Indicates the checksum type that you want Amazon S3 to use to calculate the object’s checksum value. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). Valid Values: `COMPOSITE | FULL_OBJECT` ** [x-amz-request-charged](#API_CreateMultipartUpload_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_CreateMultipartUpload_ResponseSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_CreateMultipartUpload_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_CreateMultipartUpload_ResponseSyntax) ** Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-server-side-encryption-context](#API_CreateMultipartUpload_ResponseSyntax) ** If present, indicates the AWS KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. ** [x-amz-server-side-encryption-customer-algorithm](#API_CreateMultipartUpload_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_CreateMultipartUpload_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key. This functionality is not supported for directory buckets. The following data is returned in XML format by the service. ** [InitiateMultipartUploadResult](#API_CreateMultipartUpload_ResponseSyntax) ** Root level tag for the InitiateMultipartUploadResult parameters. Required: Yes ** [Bucket](#API_CreateMultipartUpload_ResponseSyntax) ** The name of the bucket to which the multipart upload was initiated. Does not return the access point ARN or access point alias if used. Access points are not supported by directory buckets. Type: String ** [Key](#API_CreateMultipartUpload_ResponseSyntax) ** Object key for which the multipart upload was initiated. Type: String Length Constraints: Minimum length of 1. ** [UploadId](#API_CreateMultipartUpload_ResponseSyntax) ** ID for the initiated multipart upload. Type: String ## Examples ### Sample Request for general purpose buckets This action initiates a multipart upload for the `amzn-s3-demo-bucket` object. ``` POST /example-object?uploads HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of CreateMultipartUpload. ``` HTTP/1.1 200 OK x-amz-id-2: Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT Transfer-Encoding: chunked Connection: keep-alive Server: AmazonS3 amzn-s3-demo-bucket example-object VXBsb2FkIElEIGZvciA2aWWpbmcncyBteS1tb3ZpZS5tMnRzIHVwbG9hZA ``` ### Example for general purpose buckets: Initiate a multipart upload using server-side encryption with customer-provided encryption keys This example, which initiates a multipart upload request, specifies server-side encryption with customer-provided encryption keys by adding relevant headers. **Note** If you have server-side encryption with customer-provided keys (SSE-C) blocked for your general purpose bucket, you will get an HTTP 403 Access Denied error when you specify the SSE-C request headers while writing new data to your bucket. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). ``` POST /example-object?uploads HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Authorization:authorization string Date: Wed, 28 May 2014 19:34:57 +0000 x-amz-server-side-encryption-customer-key: g0lCfA3Dv40jZz5SQJ1ZukLRFqtI5WorC/8SEEXAMPLE x-amz-server-side-encryption-customer-key-MD5: ZjQrne1X/iTcskbY2example x-amz-server-side-encryption-customer-algorithm: AES256 ``` ### Sample Response for general purpose buckets In the response, Amazon S3 returns an `UploadId`. In addition, Amazon S3 returns the encryption algorithm and the MD5 digest of the encryption key that you provided in the request. ``` HTTP/1.1 200 OK x-amz-id-2: 36HRCaIGp57F1FvWvVRrvd3hNn9WoBGfEaCVHTCt8QWf00qxdHazQUgfoXAbhFWD x-amz-request-id: 50FA1D691B62CA43 Date: Wed, 28 May 2014 19:34:58 GMT x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key-MD5: ZjQrne1X/iTcskbY2m3tFg== Transfer-Encoding: chunked amzn-s3-demo-bucket example-object EXAMPLEJZ6e0YupT2h66iePQCc9IEbYbDUy4RTpMeoSMLPRp8Z5o1u8feSRonpvnWsKKG35tI2LB9VDPiCgTy.Gq2VxQLYjrue4Nq.NBdqI- ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/CreateMultipartUpload) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/CreateMultipartUpload) # CreateSession Creates a session that establishes temporary security credentials to support fast authentication and authorization for the Zonal endpoint API operations on directory buckets. For more information about Zonal endpoint API operations that include the Availability Zone in the request endpoint, see [S3 Express One Zone APIs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-APIs.html) in the *Amazon S3 User Guide*. To make Zonal endpoint API requests on a directory bucket, use the `CreateSession` API operation. Specifically, you grant `s3express:CreateSession` permission to a bucket in a bucket policy or an IAM identity-based policy. Then, you use IAM credentials to make the `CreateSession` API request on the bucket, which returns temporary security credentials that include the access key ID, secret access key, session token, and expiration. These credentials have associated permissions to access the Zonal endpoint API operations. After the session is created, you don’t need to use other policies to grant permissions to each Zonal endpoint API individually. Instead, in your Zonal endpoint API requests, you sign your requests by applying the temporary security credentials of the session to the request headers and following the SigV4 protocol for authentication. You also apply the session token to the `x-amz-s3session-token` request header for authorization. Temporary security credentials are scoped to the bucket and expire after 5 minutes. After the expiration time, any calls that you make with those credentials will fail. You must use IAM credentials again to make a `CreateSession` API request that generates a new set of temporary credentials for use. Temporary credentials cannot be extended or refreshed beyond the original specified interval. If you use AWS SDKs, SDKs handle the session token refreshes automatically to avoid service interruptions when a session expires. We recommend that you use the AWS SDKs to initiate and manage requests to the CreateSession API. For more information, see [Performance guidelines and design patterns](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-optimizing-performance-guidelines-design-patterns.html#s3-express-optimizing-performance-session-authentication) in the *Amazon S3 User Guide*. **Note** You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. ** `CopyObject` API operation** - Unlike other Zonal endpoint API operations, the `CopyObject` API operation doesn't use the temporary security credentials returned from the `CreateSession` API operation for authentication and authorization. For information about authentication and authorization of the `CopyObject` API operation on directory buckets, see [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html). ** `HeadBucket` API operation** - Unlike other Zonal endpoint API operations, the `HeadBucket` API operation doesn't use the temporary security credentials returned from the `CreateSession` API operation for authentication and authorization. For information about authentication and authorization of the `HeadBucket` API operation on directory buckets, see [HeadBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html). Permissions To obtain temporary security credentials, you must create a bucket policy or an IAM identity-based policy that grants `s3express:CreateSession` permission to the bucket. In a policy, you can have the `s3express:SessionMode` condition key to control who can create a `ReadWrite` or `ReadOnly` session. For more information about `ReadWrite` or `ReadOnly` sessions, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html#API_CreateSession_RequestParameters](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html#API_CreateSession_RequestParameters). For example policies, see [Example bucket policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) and [AWS Identity and Access Management (IAM) identity-based policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) in the *Amazon S3 User Guide*. To grant cross-account access to Zonal endpoint API operations, the bucket policy should also grant both accounts the `s3express:CreateSession` permission. If you want to encrypt objects with SSE-KMS, you must also have the `kms:GenerateDataKey` and the `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the target AWS KMS key. Encryption For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your `CreateSession` requests or `PUT` object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. For more information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with AWS KMS for new object uploads](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html). For [Zonal endpoint (object-level) API operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-differences.html#s3-express-differences-api-operations) except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html), you authenticate and authorize requests through [CreateSession](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) for low latency. To encrypt new objects in a directory bucket with SSE-KMS, you must specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk)). Then, when a session is created for Zonal endpoint API operations, new objects are automatically encrypted and decrypted with SSE-KMS and S3 Bucket Keys during the session. Only 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) is supported per directory bucket for the lifetime of the bucket. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (`aws/s3`) isn't supported. After you specify SSE-KMS as your bucket's default encryption configuration with a customer managed key, you can't change the customer managed key for the bucket's SSE-KMS configuration. In the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)) using the REST API, you can't override the values of the encryption settings (`x-amz-server-side-encryption`, `x-amz-server-side-encryption-aws-kms-key-id`, `x-amz-server-side-encryption-context`, and `x-amz-server-side-encryption-bucket-key-enabled`) from the `CreateSession` request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the `CreateSession` request to protect new objects in the directory bucket. When you use the CLI or the AWS SDKs, for `CreateSession`, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the AWS SDKs use the bucket's default encryption configuration for the `CreateSession` request. It's not supported to override the encryption settings values in the `CreateSession` request. Also, in the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)), it's not supported to override the values of the encryption settings from the `CreateSession` request. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?session HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-create-session-mode: SessionMode x-amz-server-side-encryption: ServerSideEncryption x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_CreateSession_RequestSyntax) ** The name of the bucket that you create a session for. Required: Yes ** [x-amz-create-session-mode](#API_CreateSession_RequestSyntax) ** Specifies the mode of the session that will be created, either `ReadWrite` or `ReadOnly`. If no session mode is specified, the default behavior attempts to create a session with the maximum allowable privilege. It will first attempt to create a `ReadWrite` session, and if that is not allowed by permissions, it will attempt to create a `ReadOnly` session. If neither session type is allowed, the request will return an Access Denied error. A `ReadWrite` session is capable of executing all the Zonal endpoint API operations on a directory bucket. A `ReadOnly` session is constrained to execute the following Zonal endpoint API operations: `GetObject`, `HeadObject`, `ListObjectsV2`, `GetObjectAttributes`, `ListParts`, and `ListMultipartUploads`. Valid Values: `ReadOnly | ReadWrite` ** [x-amz-server-side-encryption](#API_CreateSession_RequestSyntax) ** The server-side encryption algorithm to use when you store objects in the directory bucket. For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). By default, Amazon S3 encrypts data with SSE-S3. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html) in the *Amazon S3 User Guide*. **S3 access points for Amazon FSx ** - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_CreateSession_RequestSyntax) ** If you specify `x-amz-server-side-encryption` with `aws:kms`, you must specify the ` x-amz-server-side-encryption-aws-kms-key-id` header with the ID (Key ID or Key ARN) of the AWS KMS symmetric encryption customer managed key to use. Otherwise, you get an HTTP `400 Bad Request` error. Only use the key ID or key ARN. The key alias format of the KMS key isn't supported. Also, if the KMS key doesn't exist in the same account that't issuing the command, you must use the full Key ARN not the Key ID. Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (`aws/s3`) isn't supported. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_CreateSession_RequestSyntax) ** Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using AWS KMS keys (SSE-KMS). S3 Bucket Keys are always enabled for `GET` and `PUT` operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html), [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html), [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops), or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job). In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object. ** [x-amz-server-side-encryption-context](#API_CreateSession_RequestSyntax) ** Specifies the AWS KMS Encryption Context as an additional encryption context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to AWS KMS for future `GetObject` operations on this object. **General purpose buckets** - This value must be explicitly added during `CopyObject` operations if you want an additional encryption context for your object. For more information, see [Encryption context](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context) in the *Amazon S3 User Guide*. **Directory buckets** - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-server-side-encryption: ServerSideEncryption x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled string timestamp string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-server-side-encryption](#API_CreateSession_ResponseSyntax) ** The server-side encryption algorithm used when you store objects in the directory bucket. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_CreateSession_ResponseSyntax) ** If you specify `x-amz-server-side-encryption` with `aws:kms`, this header indicates the ID of the AWS KMS symmetric encryption customer managed key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_CreateSession_ResponseSyntax) ** Indicates whether to use an S3 Bucket Key for server-side encryption with AWS KMS keys (SSE-KMS). ** [x-amz-server-side-encryption-context](#API_CreateSession_ResponseSyntax) ** If present, indicates the AWS KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to AWS KMS for future `GetObject` operations on this object. The following data is returned in XML format by the service. ** [CreateSessionResult](#API_CreateSession_ResponseSyntax) ** Root level tag for the CreateSessionResult parameters. Required: Yes ** [Credentials](#API_CreateSession_ResponseSyntax) ** The established temporary security credentials for the created session. Type: [SessionCredentials](API_SessionCredentials.md) data type ## Errors ** NoSuchBucket ** The specified bucket does not exist. HTTP Status Code: 404 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/CreateSession) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/CreateSession) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/CreateSession) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/CreateSession) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/CreateSession) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/CreateSession) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/CreateSession) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/CreateSession) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/CreateSession) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/CreateSession) # DeleteBucket Deletes the S3 bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. **Note** **Directory buckets** - If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed. **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - You must have the `s3:DeleteBucket` permission on the specified bucket in a policy. + **Directory bucket permissions** - You must have the `s3express:DeleteBucket` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following operations are related to `DeleteBucket`: + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [DeleteObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE / HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucket_RequestSyntax) ** Specifies the bucket being deleted. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucket_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request for general purpose buckets This request deletes the bucket named `amzn-s3-demo-bucket`. ``` DELETE / HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets ``` HTTP/1.1 204 No Content x-amz-id-2: JuKZqmXuiwFeDQxhD7M8KtsKobSzWA1QEjLbTMTagkKdBX2z7Il/jGhDeJ3j6s80 x-amz-request-id: 32FE2CEB32F5EE25 Date: Wed, 01 Mar 2006 12:00:00 GMT Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucket) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucket) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucket) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucket) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucket) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucket) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucket) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucket) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucket) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucket) # DeleteBucketAnalyticsConfiguration **Note** This operation is not supported for directory buckets. Deletes an analytics configuration for the bucket (specified by the analytics configuration ID). To use this operation, you must have permissions to perform the `s3:PutAnalyticsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). For information about the Amazon S3 analytics feature, see [Amazon S3 Analytics – Storage Class Analysis](https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html). The following operations are related to `DeleteBucketAnalyticsConfiguration`: + [GetBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) + [ListBucketAnalyticsConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) + [PutBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?analytics&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketAnalyticsConfiguration_RequestSyntax) ** The name of the bucket from which an analytics configuration is deleted. Required: Yes ** [id](#API_DeleteBucketAnalyticsConfiguration_RequestSyntax) ** The ID that identifies the analytics configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketAnalyticsConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request The following DELETE request deletes the analytics configuration with the ID `list1`. ``` DELETE ?/analytics&id=list1 HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 14 May 2014 02:11:22 GMT Authorization: signatureValue ``` ### Sample Response The following successful response shows Amazon S3 returning a `204 No Content` response. The analytics configuration with the ID `list1` for the bucket has been removed. ``` HTTP/1.1 204 No Content x-amz-id-2: 0FmFIWsh/PpBuzZ0JFRC55ZGVmQW4SHJ7xVDqKwhEdJmf3q63RtrvH8ZuxW1Bol5 x-amz-request-id: 0CF038E9BCF63097 Date: Wed, 14 May 2014 02:11:22 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketAnalyticsConfiguration) # DeleteBucketCors **Note** This operation is not supported for directory buckets. Deletes the `cors` configuration information set for the bucket. To use this operation, you must have permission to perform the `s3:PutBucketCORS` action. The bucket owner has this permission by default and can grant this permission to others. For information about `cors`, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*. **Related Resources** + [PutBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) + [RESTOPTIONSobject](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?cors HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketCors_RequestSyntax) ** Specifies the bucket whose `cors` configuration is being deleted. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketCors_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request This example illustrates one usage of `DeleteBucketCors`. ``` DELETE /?cors HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Tue, 13 Dec 2011 19:14:42 GMT Authorization: signatureValue ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketCors) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketCors) # DeleteBucketEncryption This implementation of the DELETE action resets the default encryption for the bucket as server-side encryption with Amazon S3 managed keys (SSE-S3). **Note** **General purpose buckets** - For information about the bucket default encryption feature, see [Amazon S3 Bucket Default Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*. **Directory buckets** - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. For information about the default encryption configuration in directory buckets, see [Setting default server-side encryption behavior for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html). Permissions + **General purpose bucket permissions** - The `s3:PutEncryptionConfiguration` permission is required in a policy. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:PutEncryptionConfiguration` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following operations are related to `DeleteBucketEncryption`: + [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) + [GetBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?encryption HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketEncryption_RequestSyntax) ** The name of the bucket containing the server-side encryption configuration to delete. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketEncryption_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request for a general purpose bucket The following `DELETE` request resets the default encryption for the bucket as server-side encryption with Amazon S3 managed keys (SSE-S3). ``` DELETE ?/encryption HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 06 Sep 2017 12:00:00 GMT Authorization: signatureValue ``` ### Sample Response for a general purpose bucket The following successful response shows Amazon S3 returning a `204 No Content` response confirming that default encryption for the bucket has been reset as server-side encryption with Amazon S3 managed keys (SSE-S3). ``` HTTP/1.1 204 No Content x-amz-id-2: 0FmFIWsh/PpBuzZ0JFRC55ZGVmQW4SHJ7xVDqKwhEdJmf3q63RtrvH8ZuxW1Bol5 x-amz-request-id: 0CF038E9BCF63097 Date: Wed, 06 Sep 2017 12:00:00 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketEncryption) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketEncryption) # DeleteBucketIntelligentTieringConfiguration **Note** This operation is not supported for directory buckets. Deletes the S3 Intelligent-Tiering configuration from the specified bucket. The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities. The S3 Intelligent-Tiering storage class is the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class. For more information, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). Operations related to `DeleteBucketIntelligentTieringConfiguration` include: + [GetBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) + [PutBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) + [ListBucketIntelligentTieringConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?intelligent-tiering&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketIntelligentTieringConfiguration_RequestSyntax) ** The name of the Amazon S3 bucket whose configuration you want to modify or retrieve. Required: Yes ** [id](#API_DeleteBucketIntelligentTieringConfiguration_RequestSyntax) ** The ID used to identify the S3 Intelligent-Tiering configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketIntelligentTieringConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration) # DeleteBucketInventoryConfiguration **Note** This operation is not supported for directory buckets. Deletes an S3 Inventory configuration (identified by the inventory ID) from the bucket. To use this operation, you must have permissions to perform the `s3:PutInventoryConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). For information about the Amazon S3 inventory feature, see [Amazon S3 Inventory](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html). **Note** After deleting a configuration, Amazon S3 might still deliver one additional inventory report during a brief transition period while the system processes the deletion. Operations related to `DeleteBucketInventoryConfiguration` include: + [GetBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) + [PutBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) + [ListBucketInventoryConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?inventory&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketInventoryConfiguration_RequestSyntax) ** The name of the bucket containing the inventory configuration to delete. Required: Yes ** [id](#API_DeleteBucketInventoryConfiguration_RequestSyntax) ** The ID used to identify the inventory configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketInventoryConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request The following DELETE request deletes the inventory configuration with the ID `list1`. ``` DELETE ?/inventory&id=list1 HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 14 May 2014 02:11:22 GMT Authorization: signatureValue ``` ### Sample Response The following successful response shows Amazon S3 returning a `204 No Content` response. The inventory configuration with the ID `list1` for the bucket has been removed. ``` HTTP/1.1 204 No Content x-amz-id-2: 0FmFIWsh/PpBuzZ0JFRC55ZGVmQW4SHJ7xVDqKwhEdJmf3q63RtrvH8ZuxW1Bol5 x-amz-request-id: 0CF038E9BCF63097 Date: Wed, 14 May 2014 02:11:22 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketInventoryConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketInventoryConfiguration) # DeleteBucketLifecycle Deletes the lifecycle configuration from the specified bucket. Amazon S3 removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. Permissions + **General purpose bucket permissions** - By default, all Amazon S3 resources are private, including buckets, objects, and related subresources (for example, lifecycle configuration and website configuration). Only the resource owner (that is, the AWS account that created it) can access the resource. The resource owner can optionally grant access permissions to others by writing an access policy. For this operation, a user must have the `s3:PutLifecycleConfiguration` permission. For more information about permissions, see [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **Directory bucket permissions** - You must have the `s3express:PutLifecycleConfiguration` permission in an IAM identity-based policy to use this operation. Cross-account access to this API operation isn't supported. The resource owner can optionally grant access permissions to others by creating a role or user for them as long as they are within the same account as the owner and resource. For more information about directory bucket policies and permissions, see [Authorizing Regional endpoint APIs with IAM](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`. For more information about the object expiration, see [Elements to Describe Lifecycle Actions](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#intro-lifecycle-rules-actions). Related actions include: + [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) + [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?lifecycle HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketLifecycle_RequestSyntax) ** The bucket name of the lifecycle to delete. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketLifecycle_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). This parameter applies to general purpose buckets only. It is not supported for directory bucket lifecycle configurations. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request The following DELETE request deletes the lifecycle subresource from the specified general purpose bucket. This removes lifecycle configuration stored in the subresource. ``` DELETE /?lifecycle HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 14 Dec 2011 05:37:16 GMT Authorization: signatureValue ``` ### Sample Response The following successful response shows Amazon S3 returning a 204 No Content response. Objects in your general purpose bucket no longer expire. ``` HTTP/1.1 204 No Content x-amz-id-2: Uuag1LuByRx9e6j5OnimrSAMPLEtRPfTaOAa== x-amz-request-id: 656c76696e672SAMPLE5657374 Date: Wed, 14 Dec 2011 05:37:16 GMT Connection: keep-alive Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketLifecycle) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketLifecycle) # DeleteBucketMetadataConfiguration Deletes an S3 Metadata configuration from a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. **Note** You can use the V2 `DeleteBucketMetadataConfiguration` API operation with V1 or V2 metadata configurations. However, if you try to use the V1 `DeleteBucketMetadataTableConfiguration` API operation with V2 configurations, you will receive an HTTP `405 Method Not Allowed` error. Permissions To use this operation, you must have the `s3:DeleteBucketMetadataTableConfiguration` permission. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. The IAM policy action name is the same for the V1 and V2 API operations. The following operations are related to `DeleteBucketMetadataConfiguration`: + [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) + [GetBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html) + [UpdateBucketMetadataInventoryTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html) + [UpdateBucketMetadataJournalTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?metadataConfiguration HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketMetadataConfiguration_RequestSyntax) ** The general purpose bucket that you want to remove the metadata configuration from. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketMetadataConfiguration_RequestSyntax) ** The expected bucket owner of the general purpose bucket that you want to remove the metadata table configuration from. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketMetadataConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketMetadataConfiguration) # DeleteBucketMetadataTableConfiguration **Important** We recommend that you delete your S3 Metadata configurations by using the V2 [DeleteBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html) API operation. We no longer recommend using the V1 `DeleteBucketMetadataTableConfiguration` API operation. If you created your S3 Metadata configuration before July 15, 2025, we recommend that you delete and re-create your configuration by using [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) so that you can expire journal table records and create a live inventory table. Deletes a V1 S3 Metadata configuration from a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. **Note** You can use the V2 `DeleteBucketMetadataConfiguration` API operation with V1 or V2 metadata table configurations. However, if you try to use the V1 `DeleteBucketMetadataTableConfiguration` API operation with V2 configurations, you will receive an HTTP `405 Method Not Allowed` error. Make sure that you update your processes to use the new V2 API operations (`CreateBucketMetadataConfiguration`, `GetBucketMetadataConfiguration`, and `DeleteBucketMetadataConfiguration`) instead of the V1 API operations. Permissions To use this operation, you must have the `s3:DeleteBucketMetadataTableConfiguration` permission. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. The following operations are related to `DeleteBucketMetadataTableConfiguration`: + [CreateBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataTableConfiguration.html) + [GetBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?metadataTable HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketMetadataTableConfiguration_RequestSyntax) ** The general purpose bucket that you want to remove the metadata table configuration from. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketMetadataTableConfiguration_RequestSyntax) ** The expected bucket owner of the general purpose bucket that you want to remove the metadata table configuration from. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketMetadataTableConfiguration) # DeleteBucketMetricsConfiguration Deletes a metrics configuration for the Amazon CloudWatch request metrics (specified by the metrics configuration ID) from the bucket. Note that this doesn't include the daily storage metrics. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions To use this operation, you must have permissions to perform the `s3:PutMetricsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **General purpose bucket permissions** - The `s3:PutMetricsConfiguration` permission is required in a policy. For more information about general purpose buckets permissions, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:PutMetricsConfiguration` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. For information about CloudWatch request metrics for Amazon S3, see [Monitoring Metrics with Amazon CloudWatch](https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). The following operations are related to `DeleteBucketMetricsConfiguration`: + [GetBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) + [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) + [ListBucketMetricsConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) + [Monitoring Metrics with Amazon CloudWatch](https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?metrics&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketMetricsConfiguration_RequestSyntax) ** The name of the bucket containing the metrics configuration to delete. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [id](#API_DeleteBucketMetricsConfiguration_RequestSyntax) ** The ID used to identify the metrics configuration. The ID has a 64 character limit and can only contain letters, numbers, periods, dashes, and underscores. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketMetricsConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` DELETE /?metrics&id=ExampleMetrics HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2016 00:17:21 GMT Authorization: signatureValue ``` ### Sample Response Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` HTTP/1.1 204 No Content x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketMetricsConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketMetricsConfiguration) # DeleteBucketOwnershipControls **Note** This operation is not supported for directory buckets. Removes `OwnershipControls` for an Amazon S3 bucket. To use this operation, you must have the `s3:PutBucketOwnershipControls` permission. For more information about Amazon S3 permissions, see [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). For information about Amazon S3 Object Ownership, see [Using Object Ownership](https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html). The following operations are related to `DeleteBucketOwnershipControls`: + [GetBucketOwnershipControls](API_GetBucketOwnershipControls.md) + [PutBucketOwnershipControls](API_PutBucketOwnershipControls.md) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?ownershipControls HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketOwnershipControls_RequestSyntax) ** The Amazon S3 bucket whose `OwnershipControls` you want to delete. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketOwnershipControls_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample DeleteBucketOwnershipControls Request This example illustrates one usage of DeleteBucketOwnershipControls. ``` DELETE /example-bucket?/ownershipControls HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Thu, 18 Jun 2017 00:17:22 GMT Authorization: signatureValue; ``` ### Sample DeleteBucketOwnershipControls Response This example illustrates one usage of DeleteBucketOwnershipControls. ``` HTTP/1.1 204 No Content x-amz-id-2: dVrxJD3XHDcjZHFtd7eSB+ovpY8hQ6kSe9jPzyRVkWp27cij05qV1pTIvz/hjlsrupiy9gEkSdw= x-amz-request-id: 4BFC0B777B448C97 Date: Thu, 18 Jun 2020 22:54:03 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketOwnershipControls) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketOwnershipControls) # DeleteBucketPolicy Deletes the policy of a specified bucket. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must both have the `DeleteBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation. If you don't have `DeleteBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error. To ensure that bucket owners don't inadvertently lock themselves out of their own buckets, the root principal in a bucket owner's AWS account can perform the `GetBucketPolicy`, `PutBucketPolicy`, and `DeleteBucketPolicy` API actions, even if their bucket policy explicitly denies the root principal's access. Bucket owner root principals can only be blocked from performing these API actions by VPC endpoint policies and AWS Organizations policies. + **General purpose bucket permissions** - The `s3:DeleteBucketPolicy` permission is required in a policy. For more information about general purpose buckets bucket policies, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:DeleteBucketPolicy` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following operations are related to `DeleteBucketPolicy` + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [DeleteObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?policy HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketPolicy_RequestSyntax) ** The bucket name. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketPolicy_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request for general purpose buckets This request deletes the bucket named `amzn-s3-demo-bucket`. ``` DELETE /?policy HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Tue, 04 Apr 2010 20:34:56 GMT Authorization: signatureValue ``` ### Sample Response for general purpose buckets This example illustrates one usage of DeleteBucketPolicy. ``` HTTP/1.1 204 No Content x-amz-id-2: Uuag1LuByRx9e6j5OnimrSAMPLEtRPfTaOFg== x-amz-request-id: 656c76696e672SAMPLE5657374 Date: Tue, 04 Apr 2010 20:34:56 GMT Connection: keep-alive Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketPolicy) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketPolicy) # DeleteBucketReplication **Note** This operation is not supported for directory buckets. Deletes the replication configuration from the bucket. To use this operation, you must have permissions to perform the `s3:PutReplicationConfiguration` action. The bucket owner has these permissions by default and can grant it to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). **Note** It can take a while for the deletion of a replication configuration to fully propagate. For information about replication configuration, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*. The following operations are related to `DeleteBucketReplication`: + [PutBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) + [GetBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?replication HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketReplication_RequestSyntax) ** The bucket name. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketReplication_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request The following DELETE request deletes the `replication` subresource from the specified bucket. This removes the replication configuration that is set for the bucket. ``` DELETE /?replication HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 11 Feb 2015 05:37:16 GMT 20150211T171320Z Authorization: authorization string ``` ### Sample Response When the `replication` subresource has been deleted, Amazon S3 returns a `204 No Content` response. It will not replicate new objects that are stored in the `examplebucket` bucket. ``` HTTP/1.1 204 No Content x-amz-id-2: Uuag1LuByRx9e6j5OnimrSAMPLEtRPfTaOAa== x-amz-request-id: 656c76696e672example Date: Wed, 11 Feb 2015 05:37:16 GMT Connection: keep-alive Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketReplication) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketReplication) # DeleteBucketTagging **Note** This operation is not supported for directory buckets. Deletes tags from the general purpose bucket if attribute based access control (ABAC) is not enabled for the bucket. When you [enable ABAC for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html), you can no longer use this operation for that bucket and must use [UntagResource](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UntagResource.html) instead. To use this operation, you must have permission to perform the `s3:PutBucketTagging` action. By default, the bucket owner has this permission and can grant this permission to others. The following operations are related to `DeleteBucketTagging`: + [GetBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) + [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?tagging HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketTagging_RequestSyntax) ** The bucket that has the tag set to be removed. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketTagging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request The following DELETE request deletes the tag set from the specified bucket. ``` DELETE /?tagging HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 14 Dec 2011 05:37:16 GMT Authorization: signatureValue ``` ### Sample Response The following successful response shows Amazon S3 returning a `204 No Content` response. The tag set for the bucket has been removed. ``` HTTP/1.1 204 No Content Date: Wed, 25 Nov 2009 12:00:00 GMT Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketTagging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketTagging) # DeleteBucketWebsite **Note** This operation is not supported for directory buckets. This action removes the website configuration for a bucket. Amazon S3 returns a `200 OK` response upon successfully deleting a website configuration on the specified bucket. You will get a `200 OK` response if the website configuration you are trying to delete does not exist on the bucket. Amazon S3 returns a `404` response if the bucket specified in the request does not exist. This DELETE action requires the `S3:DeleteBucketWebsite` permission. By default, only the bucket owner can delete the website configuration attached to a bucket. However, bucket owners can grant other users permission to delete the website configuration by writing a bucket policy granting them the `S3:DeleteBucketWebsite` permission. For more information about hosting websites, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). The following operations are related to `DeleteBucketWebsite`: + [GetBucketWebsite](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html) + [PutBucketWebsite](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?website HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteBucketWebsite_RequestSyntax) ** The bucket name for which you want to remove the website configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeleteBucketWebsite_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## Examples ### Sample Request This request deletes the website configuration on the specified bucket. ``` DELETE ?website HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Thu, 27 Jan 2011 12:00:00 GMT Authorization: signatureValue ``` ### Sample Response This example illustrates one usage of DeleteBucketWebsite. ``` HTTP/1.1 204 No Content x-amz-id-2: aws-s3integ-s3ws-31008.sea31.amazon.com x-amz-request-id: AF1DD829D3B49707 Date: Thu, 03 Feb 2011 22:10:26 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteBucketWebsite) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteBucketWebsite) # DeleteObject Removes an object from a bucket. The behavior depends on the bucket's versioning state: + If bucket versioning is not enabled, the operation permanently deletes the object. + If bucket versioning is enabled, the operation inserts a delete marker, which becomes the current version of the object. To permanently delete an object in a versioned bucket, you must include the object’s `versionId` in the request. For more information about versioning-enabled buckets, see [Deleting object versions from a versioning-enabled bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html). + If bucket versioning is suspended, the operation removes the object that has a null `versionId`, if there is one, and inserts a delete marker that becomes the current version of the object. If there isn't an object with a null `versionId`, and all versions of the object have a `versionId`, Amazon S3 does not remove the object and only inserts a delete marker. To permanently delete an object that has a `versionId`, you must include the object’s `versionId` in the request. For more information about versioning-suspended buckets, see [Deleting objects from versioning-suspended buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectsfromVersioningSuspendedBuckets.html). **Note** **Directory buckets** - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the `null` value of the version ID is supported by directory buckets. You can only specify `null` to the `versionId` query parameter in the request. **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. To remove a specific version, you must use the `versionId` query parameter. Using this query parameter permanently deletes the version. If the object deleted is a delete marker, Amazon S3 sets the response header `x-amz-delete-marker` to true. If the object you want to delete is in a bucket where the bucket versioning configuration is MFA Delete enabled, you must include the `x-amz-mfa` request header in the DELETE `versionId` request. Requests that include `x-amz-mfa` must use HTTPS. For more information about MFA Delete, see [Using MFA Delete](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html) in the *Amazon S3 User Guide*. To see sample requests that use versioning, see [Sample Request](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete). **Note** **Directory buckets** - MFA delete is not supported by directory buckets. You can delete objects by explicitly calling DELETE Object or calling ([PutBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html)) to enable Amazon S3 to remove them for you. If you want to block users or accounts from removing or deleting objects from your bucket, you must deny them the `s3:DeleteObject`, `s3:DeleteObjectVersion`, and `s3:PutLifeCycleConfiguration` actions. **Note** **Directory buckets** - S3 Lifecycle is not supported by directory buckets. Permissions + **General purpose bucket permissions** - The following permissions are required in your policies when your `DeleteObjects` request includes specific headers. + ** `s3:DeleteObject` ** - To delete an object from a bucket, you must always have the `s3:DeleteObject` permission. + ** `s3:DeleteObjectVersion` ** - To delete a specific version of an object from a versioning-enabled bucket, you must have the `s3:DeleteObjectVersion` permission. **Note** If the `s3:DeleteObject` or `s3:DeleteObjectVersion` permissions are explicitly denied in your bucket policy, attempts to delete any unversioned objects result in a `403 Access Denied` error. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following action is related to `DeleteObject`: + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. **Note** The `If-Match` header is supported for both general purpose and directory buckets. `IfMatchLastModifiedTime` and `IfMatchSize` is only supported for directory buckets. ## Request Syntax ``` DELETE /Key+?versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-mfa: MFA x-amz-request-payer: RequestPayer x-amz-bypass-governance-retention: BypassGovernanceRetention x-amz-expected-bucket-owner: ExpectedBucketOwner If-Match: IfMatch x-amz-if-match-last-modified-time: IfMatchLastModifiedTime x-amz-if-match-size: IfMatchSize ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteObject_RequestSyntax) ** The bucket name of the bucket containing the object. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [If-Match](#API_DeleteObject_RequestSyntax) ** Deletes the object if the ETag (entity tag) value provided during the delete operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a `412 Precondition Failed` error. Expects the ETag value as a string. `If-Match` does accept a string value of an '\$1' (asterisk) character to denote a match of any ETag. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [Key](#API_DeleteObject_RequestSyntax) ** Key name of the object to delete. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_DeleteObject_RequestSyntax) ** Version ID used to reference a specific version of the object. For directory buckets in this API operation, only the `null` value of the version ID is supported. ** [x-amz-bypass-governance-retention](#API_DeleteObject_RequestSyntax) ** Indicates whether S3 Object Lock should bypass Governance-mode restrictions to process this operation. To use this header, you must have the `s3:BypassGovernanceRetention` permission. This functionality is not supported for directory buckets. ** [x-amz-expected-bucket-owner](#API_DeleteObject_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-if-match-last-modified-time](#API_DeleteObject_RequestSyntax) ** If present, the object is deleted only if its modification times matches the provided `Timestamp`. If the `Timestamp` values do not match, the operation returns a `412 Precondition Failed` error. If the `Timestamp` matches or if the object doesn’t exist, the operation returns a `204 Success (No Content)` response. This functionality is only supported for directory buckets. ** [x-amz-if-match-size](#API_DeleteObject_RequestSyntax) ** If present, the object is deleted only if its size matches the provided size in bytes. If the `Size` value does not match, the operation returns a `412 Precondition Failed` error. If the `Size` matches or if the object doesn’t exist, the operation returns a `204 Success (No Content)` response. This functionality is only supported for directory buckets. You can use the `If-Match`, `x-amz-if-match-last-modified-time` and `x-amz-if-match-size` conditional headers in conjunction with each-other or individually. ** [x-amz-mfa](#API_DeleteObject_RequestSyntax) ** The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled. This functionality is not supported for directory buckets. ** [x-amz-request-payer](#API_DeleteObject_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 x-amz-delete-marker: DeleteMarker x-amz-version-id: VersionId x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response. The response returns the following HTTP headers. ** [x-amz-delete-marker](#API_DeleteObject_ResponseSyntax) ** Indicates whether the specified object version that was permanently deleted was (true) or was not (false) a delete marker before deletion. In a simple DELETE, this header indicates whether (true) or not (false) the current version of the object is a delete marker. To learn more about delete markers, see [Working with delete markers](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeleteMarker.html). This functionality is not supported for directory buckets. ** [x-amz-request-charged](#API_DeleteObject_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-version-id](#API_DeleteObject_ResponseSyntax) ** Returns the version ID of the delete marker created as a result of the DELETE operation. This functionality is not supported for directory buckets. ## Examples ### Sample Request for general purpose buckets The following request deletes the object `my-second-image.jpg`. ``` DELETE /my-second-image.jpg HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: text/plain ``` ### Sample Response for general purpose buckets This example illustrates one usage of DeleteObject. ``` HTTP/1.1 204 NoContent x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC Date: Wed, 12 Oct 2009 17:50:00 GMT Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Request for general purpose buckets: Deleting a specified version of an object The following request deletes the specified version of the object `my-third-image.jpg`. ``` DELETE /my-third-image.jpg?versionId=UIORUnfndfiufdisojhr398493jfdkjFJjkndnqUifhnw89493jJFJ HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: 0 ``` ### Sample Response for general purpose buckets This example illustrates one usage of DeleteObject. ``` HTTP/1.1 204 NoContent x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC x-amz-version-id: UIORUnfndfiufdisojhr398493jfdkjFJjkndnqUifhnw89493jJFJ Date: Wed, 12 Oct 2009 17:50:00 GMT Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Response for general purpose buckets: If the object deleted is a delete marker This example illustrates one usage of DeleteObject. ``` HTTP/1.1 204 NoContent x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC x-amz-version-id: 3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo x-amz-delete-marker: true Date: Wed, 12 Oct 2009 17:50:00 GMT Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Request for general purpose buckets: Deleting a specified version of an object in an MFA-enabled bucket The following request deletes the specified version of the object `my-third-image.jpg`, which is stored in an MFA-enabled bucket. ``` DELETE /my-third-image.jpg?versionId=UIORUnfndfiuf HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT x-amz-mfa:[SerialNumber] [AuthenticationCode] Authorization: authorization string Content-Type: text/plain Content-Length: 0 ``` ### Sample Response for general purpose buckets This example illustrates one usage of DeleteObject. ``` HTTP/1.1 204 NoContent x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC x-amz-version-id: UIORUnfndfiuf Date: Wed, 12 Oct 2009 17:50:00 GMT Content-Length: 0 Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteObject) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteObject) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteObject) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteObject) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteObject) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteObject) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteObject) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteObject) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteObject) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteObject) # DeleteObjects This operation enables you to delete multiple objects from a bucket using a single HTTP request. If you know the object keys that you want to delete, then this operation provides a suitable alternative to sending individual delete requests, reducing per-request overhead. The request can contain a list of up to 1,000 keys that you want to delete. In the XML, you provide the object key names, and optionally, version IDs if you want to delete a specific version of the object from a versioning-enabled bucket. For each key, Amazon S3 performs a delete operation and returns the result of that delete, success or failure, in the response. If the object specified in the request isn't found, Amazon S3 confirms the deletion by returning the result as deleted. **Note** **Directory buckets** - S3 Versioning isn't enabled and supported for directory buckets. **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. The operation supports two modes for the response: verbose and quiet. By default, the operation uses verbose mode in which the response includes the result of deletion of each key in your request. In quiet mode the response includes only keys where the delete operation encountered an error. For a successful deletion in a quiet mode, the operation does not return any information about the delete in the response body. When performing this action on an MFA Delete enabled bucket, that attempts to delete any versioned objects, you must include an MFA token. If you do not provide one, the entire request will fail, even if there are non-versioned objects you are trying to delete. If you provide an invalid token, whether there are versioned keys in the request or not, the entire Multi-Object Delete request will fail. For information about MFA Delete, see [MFA Delete](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) in the *Amazon S3 User Guide*. **Note** **Directory buckets** - MFA delete is not supported by directory buckets. Permissions + **General purpose bucket permissions** - The following permissions are required in your policies when your `DeleteObjects` request includes specific headers. + ** `s3:DeleteObject` ** - To delete an object from a bucket, you must always specify the `s3:DeleteObject` permission. + ** `s3:DeleteObjectVersion` ** - To delete a specific version of an object from a versioning-enabled bucket, you must specify the `s3:DeleteObjectVersion` permission. **Note** If the `s3:DeleteObject` or `s3:DeleteObjectVersion` permissions are explicitly denied in your bucket policy, attempts to delete any unversioned objects result in a `403 Access Denied` error. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). Content-MD5 request header + **General purpose bucket** - The Content-MD5 request header is required for all Multi-Object Delete requests. Amazon S3 uses the header value to ensure that your request body has not been altered in transit. + **Directory bucket** - The Content-MD5 request header or a additional checksum request header (including `x-amz-checksum-crc32`, `x-amz-checksum-crc32c`, `x-amz-checksum-sha1`, or `x-amz-checksum-sha256`) is required for all Multi-Object Delete requests. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `DeleteObjects`: + [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) + [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) + [CompleteMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) + [AbortMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /?delete HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-mfa: MFA x-amz-request-payer: RequestPayer x-amz-bypass-governance-retention: BypassGovernanceRetention x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-sdk-checksum-algorithm: ChecksumAlgorithm

... boolean ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteObjects_RequestSyntax) ** The bucket name containing the objects to delete. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [x-amz-bypass-governance-retention](#API_DeleteObjects_RequestSyntax) ** Specifies whether you want to delete this object even if it has a Governance-type Object Lock in place. To use this header, you must have the `s3:BypassGovernanceRetention` permission. This functionality is not supported for directory buckets. ** [x-amz-expected-bucket-owner](#API_DeleteObjects_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-mfa](#API_DeleteObjects_RequestSyntax) ** The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled. When performing the `DeleteObjects` operation on an MFA delete enabled bucket, which attempts to delete the specified versioned objects, you must include an MFA token. If you don't provide an MFA token, the entire request will fail, even if there are non-versioned objects that you are trying to delete. If you provide an invalid token, whether there are versioned object keys in the request or not, the entire Multi-Object Delete request will fail. For information about MFA Delete, see [ MFA Delete](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-request-payer](#API_DeleteObjects_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_DeleteObjects_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum-algorithm ` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with the supported algorithm from the following list: + `CRC32` + `CRC32C` + `CRC64NVME` + `SHA1` + `SHA256` For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If the individual checksum value you provide through `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you set through `x-amz-sdk-checksum-algorithm`, Amazon S3 fails the request with a `BadDigest` error. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [Delete](#API_DeleteObjects_RequestSyntax) ** Root level tag for the Delete parameters. Required: Yes ** [Object](#API_DeleteObjects_RequestSyntax) ** The object to delete. **Directory buckets** - For directory buckets, an object that's composed entirely of whitespace characters is not supported by the `DeleteObjects` API operation. The request will receive a `400 Bad Request` error and none of the objects in the request will be deleted. Type: Array of [ObjectIdentifier](API_ObjectIdentifier.md) data types Required: Yes ** [Quiet](#API_DeleteObjects_RequestSyntax) ** Element to enable quiet mode for the request. When you add this element, you must set its value to `true`. Type: Boolean Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged boolean string string string ... string string string string ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_DeleteObjects_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [DeleteResult](#API_DeleteObjects_ResponseSyntax) ** Root level tag for the DeleteResult parameters. Required: Yes ** [Deleted](#API_DeleteObjects_ResponseSyntax) ** Container element for a successful delete. It identifies the object that was successfully deleted. Type: Array of [DeletedObject](API_DeletedObject.md) data types ** [Error](#API_DeleteObjects_ResponseSyntax) ** Container for a failed delete action that describes the object that Amazon S3 attempted to delete and the error it encountered. Type: Array of [Error](API_Error.md) data types ## Examples ### Sample Request for general purpose buckets: Multi-object delete resulting in mixed success/error response This example illustrates a Multi-Object Delete request to delete objects that result in mixed success and errors response. The following request deletes two objects from a bucket (`amzn-s3-demo-bucket`). In this example, the requester does not have permission to delete the `sample2.txt` object. ``` POST /?delete HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 125 Connection: Keep-Alive

``` ### Sample Response for general purpose buckets The response includes a `DeleteResult` element that includes a `Deleted` element for the item that Amazon S3 successfully deleted and an `Error` element that Amazon S3 did not delete because you didn't have permission to delete the object. ``` HTTP/1.1 200 OK x-amz-id-2: 5h4FxSNCUS7wP5z92eGCWDshNpMnRuXvETa4HH3LvvH6VAIr0jU7tH9kM7X+njXx x-amz-request-id: A437B3B641629AEE Date: Fri, 02 Dec 2011 01:53:42 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 251 sample1.txt sample2.txt AccessDenied Access Denied ``` ### Sample Request for general purpose buckets: Deleting an object from a versioned bucket If you delete an item from a versioning enabled bucket, all versions of that object remain in the bucket. However, Amazon S3 inserts a delete marker. For more information, see [ Object Versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectVersioning.html). The following scenarios describe the behavior of a multi-object Delete request when versioning is enabled for your bucket. Case 1 - Simple Delete: In the following sample request, the multi-object delete request specifies only one key. ``` POST /?delete HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 79 Connection: Keep-Alive

``` ### Sample Response for general purpose buckets Because versioning is enabled on the bucket, Amazon S3 does not delete the object. Instead, it adds a delete marker for this object. The following response indicates that a delete marker was added (the `DeleteMarker` element in the response as a value of true) and the version number of the delete marker it added. ``` HTTP/1.1 200 OK x-amz-id-2: P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111ab+ x-amz-request-id: 264A17BF16E9E80A Date: Wed, 30 Nov 2011 03:39:32 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 276 SampleDocument.txt true NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s ``` ### Case 2 for general purpose buckets - Versioned Delete The following request attempts to delete a specific version of an object. ``` POST /?delete HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIxx= Content-Length: 140 Connection: Keep-Alive

``` ### Sample Response for general purpose buckets In this case, Amazon S3 deletes the specific object version from the bucket and returns the following response. In the response, Amazon S3 returns the key and version ID of the object deleted. ``` HTTP/1.1 400 Bad Request x-amz-id-2: P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111xx+ x-amz-request-id: 264A17BF16E9E80A Date: Wed, 30 Nov 2011 03:39:32 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 219 SampleDocument.txt OYcLXagmS.WaD..oyH4KRguB95_YhLs7 ``` ### Case 3 for general purpose buckets - Versioned delete of a delete marker In the preceding example, the request refers to a delete marker (instead of an object), then Amazon S3 deletes the delete marker. The effect of this action is to make your object reappear in your bucket. Amazon S3 returns a response that indicates the delete marker it deleted (`DeleteMarker` element with value true) and the version ID of the delete marker. ``` HTTP/1.1 200 OK x-amz-id-2: IIPUZrtolxDEmWsKOae9JlSZe6yWfTye3HQ3T2iAe0ZE4XHa6NKvAJcPp51zZaBr x-amz-request-id: D6B284CEC9B05E4E Date: Wed, 30 Nov 2011 03:43:25 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 331 SampleDocument.txt NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s true NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s ``` ### Sample Response for general purpose buckets In general, when a multi-object Delete request results in Amazon S3 either adding a delete marker or removing a delete marker, the response returns the following elements. ``` true NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s ``` ### Sample Request for general purpose buckets: Malformed XML in the request This example shows how Amazon S3 responds to a request that includes a malformed XML document. The following request sends a malformed XML document (missing the Delete end element). ``` POST /?delete HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 104 Connection: Keep-Alive

``` ### Sample Response for general purpose buckets The response returns the error messages that describe the error. ``` HTTP/1.1 200 OK x-amz-id-2: P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111ab+ x-amz-request-id: 264A17BF16E9E80A Date: Wed, 30 Nov 2011 03:39:32 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 207 MalformedXML The XML you provided was not well-formed or did not validate against our published schema 264A17BF16E9E80A P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111ab+ ``` ### Sample Request for general purpose buckets: DeleteObjects containing a carriage return The following example illustrates the use of an XML entity code as a substitution for a carriage return. This `DeleteObjects` request deletes an object with the `key` parameter: `/some/prefix/objectwith\rcarriagereturn` (where the `\r` is the carriage return). ```

``` ### Sample Request for directory buckets: Conditional deletes The following example shows a multi-object delete request. Each object sub-section in the XML also includes one or more preconditions around that object's `Etag`, `Last-Modified-Time` and `Size` that need to hold true for its deletion to succeed. ``` POST /?delete HTTP/1.1 Host: amzn-s3-demo-bucket.s3express-az_id.Region.amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 125 Connection: Keep-Alive

``` ### Sample Response for directory buckets: Conditional deletes The response returns acknowledgments of the deleted objects. ``` HTTP/1.1 204 Success (No Content) Content-Type: application/xml Server: AmazonS3 x-amz-request-id: 264A17BF16E9E80A x-amz-id-2: swzHZOuhs7DpyZEDu transfer-encoding: chunked date: Wed, 30 Nov 2011 03:39:11 GMT keyname1 keyname2 keyname3 ``` ### Sample Request for general purpose buckets: Conditional deletes The following example shows a multi-object delete request to evaluate if the objects are unchanged using the `ETag` value. ``` POST /?delete HTTP/1.1 Host: amzn-s3-demo-bucket.s3.Region.amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 125 Connection: Keep-Alive

``` ### Sample Response for general purpose buckets: Conditional deletes The response returns acknowledgments of the deleted objects. ``` HTTP/1.1 200 OK Content-Type: application/xml Server: AmazonS3 x-amz-request-id: 264A17BF16E9E80A x-amz-id-2: swzHZOuhs7DpyZEDu transfer-encoding: chunked date: Wed, 30 Nov 2011 03:39:11 GMT keyname1 keyname2 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteObjects) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteObjects) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteObjects) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteObjects) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteObjects) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteObjects) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteObjects) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteObjects) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteObjects) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteObjects) # DeleteObjectTagging **Note** This operation is not supported for directory buckets. Removes the entire tag set from the specified object. For more information about managing object tags, see [ Object Tagging](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). To use this operation, you must have permission to perform the `s3:DeleteObjectTagging` action. To delete tags of a specific object version, add the `versionId` query parameter in the request. You will need permission for the `s3:DeleteObjectVersionTagging` action. The following operations are related to `DeleteObjectTagging`: + [PutObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) + [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /{Key+}?tagging&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeleteObjectTagging_RequestSyntax) ** The bucket name containing the objects from which to remove the tags. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_DeleteObjectTagging_RequestSyntax) ** The key that identifies the object in the bucket from which to remove all tags. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_DeleteObjectTagging_RequestSyntax) ** The versionId of the object that the tag-set will be removed from. ** [x-amz-expected-bucket-owner](#API_DeleteObjectTagging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 x-amz-version-id: VersionId ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response. The response returns the following HTTP headers. ** [x-amz-version-id](#API_DeleteObjectTagging_ResponseSyntax) ** The versionId of the object the tag-set was removed from. ## Examples ### Sample Request The following DELETE request deletes the tag set from the specified object. ``` DELETE /exampleobject?tagging HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 25 Nov 2016 12:00:00 GMT Authorization: signatureValue ``` ### Sample Response The following successful response shows Amazon S3 returning a 204 No Content response. The tag set for the object has been removed. ``` HTTP/1.1 204 No Content x-amz-version-id: VersionId Date: Wed, 25 Nov 2016 12:00:00 GMT Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeleteObjectTagging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeleteObjectTagging) # DeletePublicAccessBlock **Note** This operation is not supported for directory buckets. Removes the `PublicAccessBlock` configuration for an Amazon S3 bucket. This operation removes the bucket-level configuration only. The effective public access behavior will still be governed by account-level settings (which may inherit from organization-level policies). To use this operation, you must have the `s3:PutBucketPublicAccessBlock` permission. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). The following operations are related to `DeletePublicAccessBlock`: + [Using Amazon S3 Block Public Access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) + [GetPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) + [PutPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) + [GetBucketPolicyStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` DELETE /?publicAccessBlock HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_DeletePublicAccessBlock_RequestSyntax) ** The Amazon S3 bucket whose `PublicAccessBlock` configuration you want to delete. Required: Yes ** [x-amz-expected-bucket-owner](#API_DeletePublicAccessBlock_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 204 ``` ## Response Elements If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/DeletePublicAccessBlock) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/DeletePublicAccessBlock) # GetBucketAbac Returns the attribute-based access control (ABAC) property of the general purpose bucket. If ABAC is enabled on your bucket, you can use tags on the bucket for access control. For more information, see [Enabling ABAC in general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html). ## Request Syntax ``` GET /?abac HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketAbac_RequestSyntax) ** The name of the general purpose bucket. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketAbac_RequestSyntax) ** The AWS account ID of the general purpose bucket's owner. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [AbacStatus](#API_GetBucketAbac_ResponseSyntax) ** Root level tag for the AbacStatus parameters. Required: Yes ** [Status](#API_GetBucketAbac_ResponseSyntax) ** The ABAC status of the general purpose bucket. Type: String Valid Values: `Enabled | Disabled` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketAbac) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketAbac) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketAbac) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketAbac) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketAbac) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketAbac) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketAbac) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketAbac) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketAbac) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketAbac) # GetBucketAccelerateConfiguration **Note** This operation is not supported for directory buckets. This implementation of the GET action uses the `accelerate` subresource to return the Transfer Acceleration state of a bucket, which is either `Enabled` or `Suspended`. Amazon S3 Transfer Acceleration is a bucket-level feature that enables you to perform faster data transfers to and from Amazon S3. To use this operation, you must have permission to perform the `s3:GetAccelerateConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. You set the Transfer Acceleration state of an existing bucket to `Enabled` or `Suspended` by using the [PutBucketAccelerateConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html) operation. A GET `accelerate` request does not return a state value for a bucket that has no transfer acceleration state. A bucket has no Transfer Acceleration state if a state has never been set on the bucket. For more information about transfer acceleration, see [Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the Amazon S3 User Guide. The following operations are related to `GetBucketAccelerateConfiguration`: + [PutBucketAccelerateConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?accelerate HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-request-payer: RequestPayer ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketAccelerateConfiguration_RequestSyntax) ** The name of the bucket for which the accelerate configuration is retrieved. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketAccelerateConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_GetBucketAccelerateConfiguration_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_GetBucketAccelerateConfiguration_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [AccelerateConfiguration](#API_GetBucketAccelerateConfiguration_ResponseSyntax) ** Root level tag for the AccelerateConfiguration parameters. Required: Yes ** [Status](#API_GetBucketAccelerateConfiguration_ResponseSyntax) ** The accelerate configuration of the bucket. Type: String Valid Values: `Enabled | Suspended` ## Examples This implementation of the GET action returns the following responses. ### Example If the transfer acceleration state is set to `Enabled` on a bucket, the response is as follows: ``` Enabled ``` ### Example If the transfer acceleration state is set to `Suspended` on a bucket, the response is as follows: ``` Suspended ``` ### Example If the transfer acceleration state on a bucket has never been set to `Enabled` or `Suspended`, the response is as follows: ``` ``` ### Retrieve the transfer acceleration configuration for a bucket The following example shows a GET /?`accelerate` request to retrieve the transfer acceleration state of the bucket named `amzn-s3-demo-bucket`. ``` GET /?accelerate HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Mon, 11 Apr 2016 12:00:00 GMT Authorization: authorization string Content-Type: text/plain ``` ### Example The following is a sample of the response body (only) that shows bucket transfer acceleration is enabled. ``` Enabled ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketAccelerateConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketAccelerateConfiguration) # GetBucketAcl **Note** This operation is not supported for directory buckets. This implementation of the `GET` action uses the `acl` subresource to return the access control list (ACL) of a bucket. To use `GET` to return the ACL of the bucket, you must have the `READ_ACP` access to the bucket. If `READ_ACP` permission is granted to the anonymous user, you can return the ACL of the bucket without using an authorization header. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). **Note** If your bucket uses the bucket owner enforced setting for S3 Object Ownership, requests to read ACLs are still supported and return the `bucket-owner-full-control` ACL with the owner being the account that created the bucket. For more information, see [ Controlling object ownership and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. The following operations are related to `GetBucketAcl`: + [ListObjects](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) ## Request Syntax ``` GET /?acl HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketAcl_RequestSyntax) ** Specifies the S3 bucket whose ACL is being requested. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketAcl_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [AccessControlPolicy](#API_GetBucketAcl_ResponseSyntax) ** Root level tag for the AccessControlPolicy parameters. Required: Yes ** [Grants](#API_GetBucketAcl_ResponseSyntax) ** A list of grants. Type: Array of [Grant](API_Grant.md) data types ** [Owner](#API_GetBucketAcl_ResponseSyntax) ** Container for the bucket owner's ID. Type: [Owner](API_Owner.md) data type ## Examples ### Sample Request The following request returns the ACL of the specified bucket. ``` GET ?acl HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string ``` ### Sample Response ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT Content-Length: 124 Content-Type: text/plain Connection: close Server: AmazonS3 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a FULL_CONTROL ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketAcl) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketAcl) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketAcl) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketAcl) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketAcl) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketAcl) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketAcl) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketAcl) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketAcl) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketAcl) # GetBucketAnalyticsConfiguration **Note** This operation is not supported for directory buckets. This implementation of the GET action returns an analytics configuration (identified by the analytics configuration ID) from the bucket. To use this operation, you must have permissions to perform the `s3:GetAnalyticsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [ Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. For information about Amazon S3 analytics feature, see [Amazon S3 Analytics – Storage Class Analysis](https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) in the *Amazon S3 User Guide*. The following operations are related to `GetBucketAnalyticsConfiguration`: + [DeleteBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) + [ListBucketAnalyticsConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) + [PutBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?analytics&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketAnalyticsConfiguration_RequestSyntax) ** The name of the bucket from which an analytics configuration is retrieved. Required: Yes ** [id](#API_GetBucketAnalyticsConfiguration_RequestSyntax) ** The ID that identifies the analytics configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketAnalyticsConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string ... string string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [AnalyticsConfiguration](#API_GetBucketAnalyticsConfiguration_ResponseSyntax) ** Root level tag for the AnalyticsConfiguration parameters. Required: Yes ** [Filter](#API_GetBucketAnalyticsConfiguration_ResponseSyntax) ** The filter used to describe a set of objects for analyses. A filter must have exactly one prefix, one tag, or one conjunction (AnalyticsAndOperator). If no filter is provided, all objects will be considered in any analysis. Type: [AnalyticsFilter](API_AnalyticsFilter.md) data type ** [Id](#API_GetBucketAnalyticsConfiguration_ResponseSyntax) ** The ID that identifies the analytics configuration. Type: String ** [StorageClassAnalysis](#API_GetBucketAnalyticsConfiguration_ResponseSyntax) ** Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes. Type: [StorageClassAnalysis](API_StorageClassAnalysis.md) data type ## Examples ### Configure an Analytics Report The following GET request for the bucket `amzn-s3-demo-bucket` returns the inventory configuration with the ID `list1`: ``` GET /?analytics&id=list1 HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Mon, 31 Oct 2016 12:00:00 GMT Authorization: authorization string ``` ### Example The following is a sample response to the preceding GET request. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A02 Date: Mon, 31 Oct 2016 12:00:00 GMT Server: AmazonS3 Content-Length: length list1 images/ dog corgi V_1 CSV 123456789012 arn:aws:s3:::destination-bucket destination-prefix ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketAnalyticsConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketAnalyticsConfiguration) # GetBucketCors **Note** This operation is not supported for directory buckets. Returns the Cross-Origin Resource Sharing (CORS) configuration information set for the bucket. To use this operation, you must have permission to perform the `s3:GetBucketCORS` action. By default, the bucket owner has this permission and can grant it to others. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). For more information about CORS, see [ Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). The following operations are related to `GetBucketCors`: + [PutBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) + [DeleteBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?cors HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketCors_RequestSyntax) ** The bucket name for which to get the cors configuration. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketCors_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string ... string ... string ... string ... string integer ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [CORSConfiguration](#API_GetBucketCors_ResponseSyntax) ** Root level tag for the CORSConfiguration parameters. Required: Yes ** [CORSRule](#API_GetBucketCors_ResponseSyntax) ** A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration. Type: Array of [CORSRule](API_CORSRule.md) data types ## Examples ### Configure CORS Sample Request The following PUT request adds the `cors` subresource to a bucket (`amzn-s3-demo-bucket`). ``` PUT /?cors HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Tue, 21 Aug 2012 17:54:50 GMT Content-MD5: 8dYiLewFWZyGgV2Q5FNI4W== Authorization: authorization string Content-Length: 216 http://www.example.com PUT POST DELETE * 3000 x-amz-server-side-encryption * GET * 3000 ``` ### Example This is the sample response to the preceding request. ``` HTTP/1.1 200 OK x-amz-id-2: CCshOvbOPfxzhwOADyC4qHj/Ck3F9Q0viXKw3rivZ+GcBoZSOOahvEJfPisZB7B x-amz-request-id: BDC4B83DF5096BBE Date: Tue, 21 Aug 2012 17:54:50 GMT Server: AmazonS3 ``` ### Sample Request: Retrieve cors subresource The following example gets the cors subresource of a bucket. ``` GET /?cors HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Tue, 13 Dec 2011 19:14:42 GMT Authorization: signatureValue ``` ### Example Sample Response ``` HTTP/1.1 200 OK x-amz-id-2: 0FmFIWsh/PpBuzZ0JFRC55ZGVmQW4SHJ7xVDqKwhEdJmf3q63RtrvH8ZuxW1Bol5 x-amz-request-id: 0CF038E9BCF63097 Date: Tue, 13 Dec 2011 19:14:42 GMT Server: AmazonS3 Content-Length: 280 http://www.example.com GET 3000 x-amz-server-side-encryption ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketCors) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketCors) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketCors) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketCors) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketCors) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketCors) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketCors) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketCors) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketCors) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketCors) # GetBucketEncryption Returns the default encryption configuration for an Amazon S3 bucket. By default, all buckets have a default encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). This operation also returns the [BucketKeyEnabled](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ServerSideEncryptionRule.html#AmazonS3-Type-ServerSideEncryptionRule-BucketKeyEnabled) and [BlockedEncryptionTypes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ServerSideEncryptionRule.html#AmazonS3-Type-ServerSideEncryptionRule-BlockedEncryptionTypes) statuses. **Note** **General purpose buckets** - For information about the bucket default encryption feature, see [Amazon S3 Bucket Default Encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html) in the *Amazon S3 User Guide*. **Directory buckets** - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. For information about the default encryption configuration in directory buckets, see [Setting default server-side encryption behavior for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html). Permissions + **General purpose bucket permissions** - The `s3:GetEncryptionConfiguration` permission is required in a policy. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:GetEncryptionConfiguration` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following operations are related to `GetBucketEncryption`: + [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) + [DeleteBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?encryption HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketEncryption_RequestSyntax) ** The name of the bucket from which the server-side encryption configuration is retrieved. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketEncryption_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string ... boolean ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ServerSideEncryptionConfiguration](#API_GetBucketEncryption_ResponseSyntax) ** Root level tag for the ServerSideEncryptionConfiguration parameters. Required: Yes ** [Rule](#API_GetBucketEncryption_ResponseSyntax) ** Container for information about a particular server-side encryption configuration rule. Type: Array of [ServerSideEncryptionRule](API_ServerSideEncryptionRule.md) data types ## Examples ### Sample Request: Retrieve the encryption configuration for an S3 general purpose bucket The following example shows a GET /?encryption request. ``` GET /?encryption HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 06 Sep 2017 12:00:00 GMT Authorization: authorization string Content-Length: length ``` ### Sample Response for a general purpose bucket This example illustrates one usage of `GetBucketEncryption`. ``` HTTP/1.1 200 OK x-amz-id-2: kDmqsuw5FDmgLmxQaUkd9A4NJ/PIiE0c1rAU/ue2Yp60toXs4I5k5fqlwZsA6fV+wJQCzRRwygQ= x-amz-request-id: 5D8706FCB2673B7D Date: Wed, 19 Nov 2025 12:00:00 GMT Transfer-Encoding: chunked Server: AmazonS3 aws:kms arn:aws:kms:us-east-1:1234/5678example SSE-C ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketEncryption) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketEncryption) # GetBucketIntelligentTieringConfiguration **Note** This operation is not supported for directory buckets. Gets the S3 Intelligent-Tiering configuration from the specified bucket. The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities. The S3 Intelligent-Tiering storage class is the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class. For more information, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). Operations related to `GetBucketIntelligentTieringConfiguration` include: + [DeleteBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) + [PutBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) + [ListBucketIntelligentTieringConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?intelligent-tiering&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketIntelligentTieringConfiguration_RequestSyntax) ** The name of the Amazon S3 bucket whose configuration you want to modify or retrieve. Required: Yes ** [id](#API_GetBucketIntelligentTieringConfiguration_RequestSyntax) ** The ID used to identify the S3 Intelligent-Tiering configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketIntelligentTieringConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string ... string string string string string integer ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [IntelligentTieringConfiguration](#API_GetBucketIntelligentTieringConfiguration_ResponseSyntax) ** Root level tag for the IntelligentTieringConfiguration parameters. Required: Yes ** [Filter](#API_GetBucketIntelligentTieringConfiguration_ResponseSyntax) ** Specifies a bucket filter. The configuration only includes objects that meet the filter's criteria. Type: [IntelligentTieringFilter](API_IntelligentTieringFilter.md) data type ** [Id](#API_GetBucketIntelligentTieringConfiguration_ResponseSyntax) ** The ID used to identify the S3 Intelligent-Tiering configuration. Type: String ** [Status](#API_GetBucketIntelligentTieringConfiguration_ResponseSyntax) ** Specifies the status of the configuration. Type: String Valid Values: `Enabled | Disabled` ** [Tiering](#API_GetBucketIntelligentTieringConfiguration_ResponseSyntax) ** Specifies the S3 Intelligent-Tiering storage class tier of the configuration. Type: Array of [Tiering](API_Tiering.md) data types ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketIntelligentTieringConfiguration) # GetBucketInventoryConfiguration **Note** This operation is not supported for directory buckets. Returns an S3 Inventory configuration (identified by the inventory configuration ID) from the bucket. To use this operation, you must have permissions to perform the `s3:GetInventoryConfiguration` action. The bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). For information about the Amazon S3 inventory feature, see [Amazon S3 Inventory](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html). The following operations are related to `GetBucketInventoryConfiguration`: + [DeleteBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) + [ListBucketInventoryConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) + [PutBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?inventory&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketInventoryConfiguration_RequestSyntax) ** The name of the bucket containing the inventory configuration to retrieve. Required: Yes ** [id](#API_GetBucketInventoryConfiguration_RequestSyntax) ** The ID used to identify the inventory configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketInventoryConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string

string

string string boolean string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [InventoryConfiguration](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** Root level tag for the InventoryConfiguration parameters. Required: Yes ** [Destination](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** Contains information about where to publish the inventory results. Type: [InventoryDestination](API_InventoryDestination.md) data type ** [Filter](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria. Type: [InventoryFilter](API_InventoryFilter.md) data type ** [Id](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** The ID used to identify the inventory configuration. Type: String ** [IncludedObjectVersions](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** Object versions to include in the inventory list. If set to `All`, the list includes all the object versions, which adds the version-related fields `VersionId`, `IsLatest`, and `DeleteMarker` to the list. If set to `Current`, the list does not contain these version-related fields. Type: String Valid Values: `All | Current` ** [IsEnabled](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** Specifies whether the inventory is enabled or disabled. If set to `True`, an inventory list is generated. If set to `False`, no inventory list is generated. Type: Boolean ** [OptionalFields](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** Contains the optional fields that are included in the inventory results. Type: Array of strings Valid Values: `Size | LastModifiedDate | StorageClass | ETag | IsMultipartUploaded | ReplicationStatus | EncryptionStatus | ObjectLockRetainUntilDate | ObjectLockMode | ObjectLockLegalHoldStatus | IntelligentTieringAccessTier | BucketKeyStatus | ChecksumAlgorithm | ObjectAccessControlList | ObjectOwner | LifecycleExpirationDate` ** [Schedule](#API_GetBucketInventoryConfiguration_ResponseSyntax) ** Specifies the schedule for generating inventory results. Type: [InventorySchedule](API_InventorySchedule.md) data type ## Examples ### Sample Request: Configure an inventory report The following GET request for the bucket `examplebucket` returns the inventory configuration with the ID `list1`. ``` GET /?inventory&id=list1 HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Mon, 31 Oct 2016 12:00:00 GMT Authorization: authorization string ``` ### Sample Response This example illustrates one usage of GetBucketInventoryConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A02 Date: Mon, 31 Oct 2016 12:00:00 GMT Server: AmazonS3 Content-Length: length report1 true CSV 123456789012 arn:aws:s3:::destination-bucket prefix1

Daily myprefix/ All Size LastModifiedDate ETag StorageClass IsMultipartUploaded ReplicationStatus ObjectLockRetainUntilDate ObjectLockMode ObjectLockLegalHoldStatus ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketInventoryConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketInventoryConfiguration) # GetBucketLifecycle **Important** For an updated version of this API, see [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html). If you configured a bucket lifecycle using the `filter` element, you should see the updated version of this topic. This topic is provided for backward compatibility. **Note** This operation is not supported for directory buckets. Returns the lifecycle configuration information set on the bucket. For information about lifecycle configuration, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). To use this operation, you must have permission to perform the `s3:GetLifecycleConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). `GetBucketLifecycle` has the following special error: + Error code: `NoSuchLifecycleConfiguration` + Description: The lifecycle configuration does not exist. + HTTP Status Code: 404 Not Found + SOAP Fault Code Prefix: Client The following operations are related to `GetBucketLifecycle`: + [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) + [PutBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) + [DeleteBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?lifecycle HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketLifecycle_RequestSyntax) ** The name of the bucket for which to get the lifecycle information. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketLifecycle_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 integer timestamp integer boolean string integer integer integer integer string string string timestamp integer string ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [LifecycleConfiguration](#API_GetBucketLifecycle_ResponseSyntax) ** Root level tag for the LifecycleConfiguration parameters. Required: Yes ** [Rule](#API_GetBucketLifecycle_ResponseSyntax) ** Container for a lifecycle rule. Type: Array of [Rule](API_Rule.md) data types ## Examples ### Sample Request: Retrieve a lifecycle subresource This example is a GET request to retrieve the lifecycle subresource from the specified bucket, and an example response with the returned lifecycle configuration. ``` GET /?lifecycle HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2012 00:17:21 GMT Authorization: signatureValue ``` ### Sample Response This example illustrates one usage of GetBucketLifecycle. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4RyTmXa3rPi4hklTXouTf0hccUjo0iCPjz6FnfIutBj3M7fPGlWO2SEWp x-amz-request-id: 51991C342C575321 Date: Thu, 15 Nov 2012 00:17:23 GMT Server: AmazonS3 Content-Length: 358 Archive and then delete rule projectdocs/ Enabled 30 STANDARD_IA 365 GLACIER 3650 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketLifecycle) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketLifecycle) # GetBucketLifecycleConfiguration Returns the lifecycle configuration information set on the bucket. For information about lifecycle configuration, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). Bucket lifecycle configuration now supports specifying a lifecycle rule using an object key name prefix, one or more object tags, object size, or any combination of these. Accordingly, this section describes the latest API, which is compatible with the new functionality. The previous version of the API supported filtering based only on an object key name prefix, which is supported for general purpose buckets for backward compatibility. For the related API description, see [GetBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html). **Note** Lifecyle configurations for directory buckets only support expiring objects and cancelling multipart uploads. Expiring of versioned objects, transitions and tag filters are not supported. Permissions + **General purpose bucket permissions** - By default, all Amazon S3 resources are private, including buckets, objects, and related subresources (for example, lifecycle configuration and website configuration). Only the resource owner (that is, the AWS account that created it) can access the resource. The resource owner can optionally grant access permissions to others by writing an access policy. For this operation, a user must have the `s3:GetLifecycleConfiguration` permission. For more information about permissions, see [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **Directory bucket permissions** - You must have the `s3express:GetLifecycleConfiguration` permission in an IAM identity-based policy to use this operation. Cross-account access to this API operation isn't supported. The resource owner can optionally grant access permissions to others by creating a role or user for them as long as they are within the same account as the owner and resource. For more information about directory bucket policies and permissions, see [Authorizing Regional endpoint APIs with IAM](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`. `GetBucketLifecycleConfiguration` has the following special error: + Error code: `NoSuchLifecycleConfiguration` + Description: The lifecycle configuration does not exist. + HTTP Status Code: 404 Not Found + SOAP Fault Code Prefix: Client The following operations are related to `GetBucketLifecycleConfiguration`: + [GetBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html) + [PutBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) + [DeleteBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?lifecycle HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketLifecycleConfiguration_RequestSyntax) ** The name of the bucket for which to get the lifecycle information. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketLifecycleConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). This parameter applies to general purpose buckets only. It is not supported for directory bucket lifecycle configurations. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-transition-default-minimum-object-size: TransitionDefaultMinimumObjectSize integer timestamp integer boolean long long string string string ... long long string string string string integer integer integer integer string ... string string timestamp integer string ... ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-transition-default-minimum-object-size](#API_GetBucketLifecycleConfiguration_ResponseSyntax) ** Indicates which default minimum object size behavior is applied to the lifecycle configuration. This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations. + `all_storage_classes_128K` - Objects smaller than 128 KB will not transition to any storage class by default. + `varies_by_storage_class` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB. To customize the minimum object size for any transition you can add a filter that specifies a custom `ObjectSizeGreaterThan` or `ObjectSizeLessThan` in the body of your transition rule. Custom filters always take precedence over the default transition behavior. Valid Values: `varies_by_storage_class | all_storage_classes_128K` The following data is returned in XML format by the service. ** [LifecycleConfiguration](#API_GetBucketLifecycleConfiguration_ResponseSyntax) ** Root level tag for the LifecycleConfiguration parameters. Required: Yes ** [Rule](#API_GetBucketLifecycleConfiguration_ResponseSyntax) ** Container for a lifecycle rule. Type: Array of [LifecycleRule](API_LifecycleRule.md) data types ## Examples ### Example 1: Get lifecycle configuration - general purpose bucket This example illustrates how to use `GetBucketLifecycleConfiguration` to retrieve the lifecycle configuration for a general purpose bucket: ``` GET /?lifecycle HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2012 00:17:21 GMT Authorization: signatureValue ``` ### Sample Response This example shows the response from the preceeding `GetBucketLifecycleConfiguration` request: ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4RyTmXa3rPi4hklTXouTf0hccUjo0iCPjz6FnfIutBj3M7fPGlWO2SEWp x-amz-request-id: 51991C342C575321 Date: Thu, 15 Nov 2012 00:17:23 GMT Server: AmazonS3 Content-Length: 358 Archive and then delete rule projectdocs/ Enabled 30 STANDARD_IA 365 GLACIER 3650 ``` ### Example 2: Get lifecycle configuration - directory bucket This example illustrates how to use `GetBucketLifecycleConfiguration` to retrieve the lifecycle configuration for a directory bucket: ``` GET /?lifecycle HTTP/1.1 Host:s3express-control.us-west-2.amazonaws.com ``` ### Sample Response This example shows the response from the preceeding `GetBucketLifecycleConfiguration` request: ``` Lifecycle expiration rule myprefix/ 500 64000 Enabled 7 MPU Rule another_prefix Enabled 3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketLifecycleConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketLifecycleConfiguration) # GetBucketLocation **Important** Using the `GetBucketLocation` operation is no longer a best practice. To return the Region that a bucket resides in, we recommend that you use the [HeadBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html) operation instead. For backward compatibility, Amazon S3 continues to support the `GetBucketLocation` operation. Returns the Region the bucket resides in. You set the bucket's Region using the `LocationConstraint` request parameter in a `CreateBucket` request. For more information, see [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html). **Note** In a bucket's home Region, calls to the `GetBucketLocation` operation are governed by the bucket's policy. In other Regions, the bucket policy doesn't apply, which means that cross-account access won't be authorized. However, calls to the `HeadBucket` operation always return the bucket’s location through an HTTP response header, whether access to the bucket is authorized or not. Therefore, we recommend using the `HeadBucket` operation for bucket Region discovery and to avoid using the `GetBucketLocation` operation. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). **Note** This operation is not supported for directory buckets. The following operations are related to `GetBucketLocation`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?location HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketLocation_RequestSyntax) ** The name of the bucket for which to get the location. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketLocation_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [LocationConstraint](#API_GetBucketLocation_ResponseSyntax) ** Root level tag for the LocationConstraint parameters. Required: Yes ** [LocationConstraint](#API_GetBucketLocation_ResponseSyntax) ** Specifies the Region where the bucket resides. For a list of all the Amazon S3 supported location constraints by Region, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region). Buckets in Region `us-east-1` have a LocationConstraint of `null`. Buckets with a LocationConstraint of `EU` reside in `eu-west-1`. Type: String Valid Values: `af-south-1 | ap-east-1 | ap-northeast-1 | ap-northeast-2 | ap-northeast-3 | ap-south-1 | ap-south-2 | ap-southeast-1 | ap-southeast-2 | ap-southeast-3 | ap-southeast-4 | ap-southeast-5 | ca-central-1 | cn-north-1 | cn-northwest-1 | EU | eu-central-1 | eu-central-2 | eu-north-1 | eu-south-1 | eu-south-2 | eu-west-1 | eu-west-2 | eu-west-3 | il-central-1 | me-central-1 | me-south-1 | sa-east-1 | us-east-2 | us-gov-east-1 | us-gov-west-1 | us-west-1 | us-west-2` ## Examples ### Sample Request The following request returns the Region of the specified bucket. ``` GET /?location HTTP/1.1 Host: amzn-s3-demo-bucket.s3.amazonaws.com Date: Tue, 09 Oct 2007 20:26:04 +0000 Authorization: signatureValue ``` ### Sample Response This example illustrates one usage of GetBucketLocation. ``` us-west-2 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketLocation) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketLocation) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketLocation) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketLocation) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketLocation) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketLocation) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketLocation) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketLocation) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketLocation) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketLocation) # GetBucketLogging **Note** This operation is not supported for directory buckets. Returns the logging status of a bucket and the permissions users have to view and modify that status. The following operations are related to `GetBucketLogging`: + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [PutBucketLogging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLogging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?logging HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketLogging_RequestSyntax) ** The bucket name for which to get the logging information. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketLogging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [BucketLoggingStatus](#API_GetBucketLogging_ResponseSyntax) ** Root level tag for the BucketLoggingStatus parameters. Required: Yes ** [LoggingEnabled](#API_GetBucketLogging_ResponseSyntax) ** Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For more information, see [PUT Bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the *Amazon S3 API Reference*. Type: [LoggingEnabled](API_LoggingEnabled.md) data type ## Examples ### Sample Request The following request returns the logging status for `amzn-s3-demo-bucket`. ``` GET ?logging HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 25 Nov 2009 12:00:00 GMT Authorization: authorization string ``` ### Sample Response: Showing an enabled logging status This example illustrates one usage of GetBucketLogging. ``` HTTP/1.1 200 OK Date: Wed, 25 Nov 2009 12:00:00 GMT Connection: close Server: AmazonS3 amzn-s3-demo-bucket mybucket-access_log-/ 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be READ ``` ### Sample Response: Showing a disabled logging status This example illustrates one usage of GetBucketLogging. ``` HTTP/1.1 200 OK Date: Wed, 25 Nov 2009 12:00:00 GMT Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketLogging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketLogging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketLogging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketLogging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketLogging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketLogging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketLogging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketLogging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketLogging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketLogging) # GetBucketMetadataConfiguration Retrieves the S3 Metadata configuration for a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. **Note** You can use the V2 `GetBucketMetadataConfiguration` API operation with V1 or V2 metadata configurations. However, if you try to use the V1 `GetBucketMetadataTableConfiguration` API operation with V2 configurations, you will receive an HTTP `405 Method Not Allowed` error. Permissions To use this operation, you must have the `s3:GetBucketMetadataTableConfiguration` permission. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. The IAM policy action name is the same for the V1 and V2 API operations. The following operations are related to `GetBucketMetadataConfiguration`: + [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) + [DeleteBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html) + [UpdateBucketMetadataInventoryTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html) + [UpdateBucketMetadataJournalTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?metadataConfiguration HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketMetadataConfiguration_RequestSyntax) ** The general purpose bucket that corresponds to the metadata configuration that you want to retrieve. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketMetadataConfiguration_RequestSyntax) ** The expected owner of the general purpose bucket that you want to retrieve the metadata table configuration for. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string string string string string string string string integer string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [GetBucketMetadataConfigurationResult](#API_GetBucketMetadataConfiguration_ResponseSyntax) ** Root level tag for the GetBucketMetadataConfigurationResult parameters. Required: Yes ** [MetadataConfigurationResult](#API_GetBucketMetadataConfiguration_ResponseSyntax) ** The metadata configuration for a general purpose bucket. Type: [MetadataConfigurationResult](API_MetadataConfigurationResult.md) data type ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketMetadataConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketMetadataConfiguration) # GetBucketMetadataTableConfiguration **Important** We recommend that you retrieve your S3 Metadata configurations by using the V2 [GetBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html) API operation. We no longer recommend using the V1 `GetBucketMetadataTableConfiguration` API operation. If you created your S3 Metadata configuration before July 15, 2025, we recommend that you delete and re-create your configuration by using [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) so that you can expire journal table records and create a live inventory table. Retrieves the V1 S3 Metadata configuration for a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. **Note** You can use the V2 `GetBucketMetadataConfiguration` API operation with V1 or V2 metadata table configurations. However, if you try to use the V1 `GetBucketMetadataTableConfiguration` API operation with V2 configurations, you will receive an HTTP `405 Method Not Allowed` error. Make sure that you update your processes to use the new V2 API operations (`CreateBucketMetadataConfiguration`, `GetBucketMetadataConfiguration`, and `DeleteBucketMetadataConfiguration`) instead of the V1 API operations. Permissions To use this operation, you must have the `s3:GetBucketMetadataTableConfiguration` permission. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. The following operations are related to `GetBucketMetadataTableConfiguration`: + [CreateBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataTableConfiguration.html) + [DeleteBucketMetadataTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?metadataTable HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketMetadataTableConfiguration_RequestSyntax) ** The general purpose bucket that corresponds to the metadata table configuration that you want to retrieve. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketMetadataTableConfiguration_RequestSyntax) ** The expected owner of the general purpose bucket that you want to retrieve the metadata table configuration for. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [GetBucketMetadataTableConfigurationResult](#API_GetBucketMetadataTableConfiguration_ResponseSyntax) ** Root level tag for the GetBucketMetadataTableConfigurationResult parameters. Required: Yes ** [Error](#API_GetBucketMetadataTableConfiguration_ResponseSyntax) ** If the `CreateBucketMetadataTableConfiguration` request succeeds, but S3 Metadata was unable to create the table, this structure contains the error code and error message. Type: [ErrorDetails](API_ErrorDetails.md) data type ** [MetadataTableConfigurationResult](#API_GetBucketMetadataTableConfiguration_ResponseSyntax) ** The V1 S3 Metadata configuration for a general purpose bucket. Type: [MetadataTableConfigurationResult](API_MetadataTableConfigurationResult.md) data type ** [Status](#API_GetBucketMetadataTableConfiguration_ResponseSyntax) ** The status of the metadata table. The status values are: + `CREATING` - The metadata table is in the process of being created in the specified table bucket. + `ACTIVE` - The metadata table has been created successfully, and records are being delivered to the table. + `FAILED` - Amazon S3 is unable to create the metadata table, or Amazon S3 is unable to deliver records. See `ErrorDetails` for details. Type: String ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketMetadataTableConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketMetadataTableConfiguration) # GetBucketMetricsConfiguration Gets a metrics configuration (specified by the metrics configuration ID) from the bucket. Note that this doesn't include the daily storage metrics. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions To use this operation, you must have permissions to perform the `s3:GetMetricsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **General purpose bucket permissions** - The `s3:GetMetricsConfiguration` permission is required in a policy. For more information about general purpose buckets permissions, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:GetMetricsConfiguration` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. For information about CloudWatch request metrics for Amazon S3, see [Monitoring Metrics with Amazon CloudWatch](https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). The following operations are related to `GetBucketMetricsConfiguration`: + [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) + [DeleteBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) + [ListBucketMetricsConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) + [Monitoring Metrics with Amazon CloudWatch](https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?metrics&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketMetricsConfiguration_RequestSyntax) ** The name of the bucket containing the metrics configuration to retrieve. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [id](#API_GetBucketMetricsConfiguration_RequestSyntax) ** The ID used to identify the metrics configuration. The ID has a 64 character limit and can only contain letters, numbers, periods, dashes, and underscores. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketMetricsConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string string string ... string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [MetricsConfiguration](#API_GetBucketMetricsConfiguration_ResponseSyntax) ** Root level tag for the MetricsConfiguration parameters. Required: Yes ** [Filter](#API_GetBucketMetricsConfiguration_ResponseSyntax) ** Specifies a metrics configuration filter. The metrics configuration will only include objects that meet the filter's criteria. A filter must be a prefix, an object tag, an access point ARN, or a conjunction (MetricsAndOperator). Metrics configurations for directory buckets do not support tag filters. Type: [MetricsFilter](API_MetricsFilter.md) data type ** [Id](#API_GetBucketMetricsConfiguration_ResponseSyntax) ** The ID used to identify the metrics configuration. The ID has a 64 character limit and can only contain letters, numbers, periods, dashes, and underscores. Type: String ## Examples ### First Sample Request Retrieve a metrics configuration that filters metrics based on a specified prefix. ``` GET /?metrics&id=Documents HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2016 00:17:21 GMT Authorization: signatureValue ``` ### First Sample Response This example illustrates one usage of GetBucketMetricsConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 180 Documents documents/ ``` ### Second Sample Request Retrieve a metrics configuration that enables metrics for objects that start with a particular prefix and have specific tags applied. ``` GET /?metrics&id=ImportantBlueDocuments HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2016 00:17:21 GMT Authorization: signatureValue ``` ### Second Sample Response This example illustrates one usage of GetBucketMetricsConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 480 ImportantBlueDocuments documents/ priority high class blue ``` ### Third Sample Request Retrieve a metrics configuration that enables metrics for a specific access point. ``` GET /?metrics&id=ImportantDocumentsAccessPoint HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Thu, 26 Aug 2021 00:17:21 GMT Authorization: signatureValue ``` ### Third Sample Response This example illustrates one usage of GetBucketMetricsConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 26 Aug 2021 00:17:22 GMT Server: AmazonS3 Content-Length: 480 ImportantDocumentsAccessPoint arn:aws:s3:us-west-2:123456789012:accesspoint/test ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketMetricsConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketMetricsConfiguration) # GetBucketNotification **Note** This operation is not supported for directory buckets. No longer used, see [GetBucketNotificationConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html). ## Request Syntax ``` GET /?notification HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketNotification_RequestSyntax) ** The name of the bucket for which to get the notification configuration. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketNotification_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string ... string string string string ... string string string string string ... string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [NotificationConfiguration](#API_GetBucketNotification_ResponseSyntax) ** Root level tag for the NotificationConfiguration parameters. Required: Yes ** [CloudFunctionConfiguration](#API_GetBucketNotification_ResponseSyntax) ** Container for specifying the AWS Lambda notification configuration. Type: [CloudFunctionConfiguration](API_CloudFunctionConfiguration.md) data type ** [QueueConfiguration](#API_GetBucketNotification_ResponseSyntax) ** This data type is deprecated. This data type specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events. Type: [QueueConfigurationDeprecated](API_QueueConfigurationDeprecated.md) data type ** [TopicConfiguration](#API_GetBucketNotification_ResponseSyntax) ** This data type is deprecated. A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events. Type: [TopicConfigurationDeprecated](API_TopicConfigurationDeprecated.md) data type ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketNotification) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketNotification) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketNotification) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketNotification) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketNotification) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketNotification) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketNotification) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketNotification) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketNotification) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketNotification) # GetBucketNotificationConfiguration **Note** This operation is not supported for directory buckets. Returns the notification configuration of a bucket. If notifications are not enabled on the bucket, the action returns an empty `NotificationConfiguration` element. By default, you must be the bucket owner to read the notification configuration of a bucket. However, the bucket owner can use a bucket policy to grant permission to other users to read this configuration with the `s3:GetBucketNotification` permission. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). For more information about setting and reading the notification configuration on a bucket, see [Setting Up Notification of Bucket Events](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). For more information about bucket policies, see [Using Bucket Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). The following action is related to `GetBucketNotification`: + [PutBucketNotification](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotification.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?notification HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketNotificationConfiguration_RequestSyntax) ** The name of the bucket for which to get the notification configuration. When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketNotificationConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string ... string string ... string string ... string ... string string ... string string ... string ... string string ... string string ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [NotificationConfiguration](#API_GetBucketNotificationConfiguration_ResponseSyntax) ** Root level tag for the NotificationConfiguration parameters. Required: Yes ** [CloudFunctionConfiguration](#API_GetBucketNotificationConfiguration_ResponseSyntax) ** Describes the AWS Lambda functions to invoke and the events for which to invoke them. Type: Array of [LambdaFunctionConfiguration](API_LambdaFunctionConfiguration.md) data types ** [EventBridgeConfiguration](#API_GetBucketNotificationConfiguration_ResponseSyntax) ** Enables delivery of events to Amazon EventBridge. Type: [EventBridgeConfiguration](API_EventBridgeConfiguration.md) data type ** [QueueConfiguration](#API_GetBucketNotificationConfiguration_ResponseSyntax) ** The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages. Type: Array of [QueueConfiguration](API_QueueConfiguration.md) data types ** [TopicConfiguration](#API_GetBucketNotificationConfiguration_ResponseSyntax) ** The topic to which notifications are sent and the events for which notifications are generated. Type: Array of [TopicConfiguration](API_TopicConfiguration.md) data types ## Examples ### Sample Request This request returns the notification configuration on the bucket `amzn-s3-demo-bucket.s3..amazonaws.com`. ``` GET ?notification HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 15 Oct 2014 16:59:03 GMT Authorization: authorization string ``` ### Sample Response This response returns that the notification configuration for the specified bucket. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A02 Date: Wed, 15 Oct 2014 16:59:04 GMT Server: AmazonS3 YjVkM2Y0YmUtNGI3NC00ZjQyLWEwNGItNDIyYWUxY2I0N2M4 arn:aws:sns:us-east-1:account-id:s3notificationtopic2 s3:ReducedRedundancyLostObject s3:ObjectCreated:* ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketNotificationConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketNotificationConfiguration) # GetBucketOwnershipControls **Note** This operation is not supported for directory buckets. Retrieves `OwnershipControls` for an Amazon S3 bucket. To use this operation, you must have the `s3:GetBucketOwnershipControls` permission. For more information about Amazon S3 permissions, see [Specifying permissions in a policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html). **Note** A bucket doesn't have `OwnershipControls` settings in the following cases: The bucket was created before the `BucketOwnerEnforced` ownership setting was introduced and you've never explicitly applied this value You've manually deleted the bucket ownership control value using the `DeleteBucketOwnershipControls` API operation. By default, Amazon S3 sets `OwnershipControls` for all newly created buckets. For information about Amazon S3 Object Ownership, see [Using Object Ownership](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html). The following operations are related to `GetBucketOwnershipControls`: + [PutBucketOwnershipControls](API_PutBucketOwnershipControls.md) + [DeleteBucketOwnershipControls](API_DeleteBucketOwnershipControls.md) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?ownershipControls HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketOwnershipControls_RequestSyntax) ** The name of the Amazon S3 bucket whose `OwnershipControls` you want to retrieve. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketOwnershipControls_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [OwnershipControls](#API_GetBucketOwnershipControls_ResponseSyntax) ** Root level tag for the OwnershipControls parameters. Required: Yes ** [Rule](#API_GetBucketOwnershipControls_ResponseSyntax) ** The container element for an ownership control rule. Type: Array of [OwnershipControlsRule](API_OwnershipControlsRule.md) data types ## Examples ### Sample GetBucketOwnershipControls Request for BucketOwnerEnforced This example illustrates one usage of GetBucketOwnershipControls. ``` GET /amzn-s3-demo-bucket?/ownershipControls HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Mon, 29 Nov 2021 00:17:22 GMT Authorization: signatureValue; ``` ### Sample GetBucketOwnershipControls Response This example illustrates one usage of GetBucketOwnershipControls. ``` HTTP/1.1 200 OK x-amz-id-2: Adphn7MaAHDEg9mh5JmcTN8mzyVX0JhIztSiQNaqTxnXXcYi4uiZbYdwWC3JXmh/XXVUUQwO4Vs= x-amz-request-id: 252631E05F84A415 Date: Mon, 29 Nov 2021 00:17:22 GMT Server: AmazonS3 Content-Length: 194 BucketOwnerEnforced ``` ### Sample GetBucketOwnershipControls Request for BucketOwnerPreferred This example illustrates one usage of GetBucketOwnershipControls. ``` GET /amzn-s3-demo-bucket?/ownershipControls HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Thu, 18 Jun 2017 00:17:22 GMT Authorization: signatureValue; ``` ### Sample GetBucketOwnershipControls Response This example illustrates one usage of GetBucketOwnershipControls. ``` HTTP/1.1 200 OK x-amz-id-2: Adphn7MaAHDEg9mh5JmcTN8mzyVX0JhIztSiQNaqTxnXXcYi4uiZbYdwWC3JXmh/XXVUUQwO4Vs= x-amz-request-id: 252631E05F84A415 Date: Thu, 18 Jun 2020 00:17:22 GMT Server: AmazonS3 Content-Length: 194 BucketOwnerPreferred ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketOwnershipControls) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketOwnershipControls) # GetBucketPolicy Returns the policy of a specified bucket. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must both have the `GetBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation. If you don't have `GetBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error. To ensure that bucket owners don't inadvertently lock themselves out of their own buckets, the root principal in a bucket owner's AWS account can perform the `GetBucketPolicy`, `PutBucketPolicy`, and `DeleteBucketPolicy` API actions, even if their bucket policy explicitly denies the root principal's access. Bucket owner root principals can only be blocked from performing these API actions by VPC endpoint policies and AWS Organizations policies. + **General purpose bucket permissions** - The `s3:GetBucketPolicy` permission is required in a policy. For more information about general purpose buckets bucket policies, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:GetBucketPolicy` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. Example bucket policies **General purpose buckets example bucket policies** - See [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide*. **Directory bucket example bucket policies** - See [Example bucket policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following action is related to `GetBucketPolicy`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?policy HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketPolicy_RequestSyntax) ** The bucket name to get the bucket policy for. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* **Access points** - When you use this API operation with an access point, provide the alias of the access point in place of the bucket name. **Object Lambda access points** - When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Object Lambda access points are not supported by directory buckets. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketPolicy_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 { Policy in JSON format } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [Policy](#API_GetBucketPolicy_ResponseSyntax) ** ## Examples ### Sample Request for general purpose buckets The following request returns the policy of the specified bucket. ``` GET ?policy HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of GetBucketPolicy. ``` HTTP/1.1 200 OK x-amz-id-2: Uuag1LuByru9pO4SAMPLEAtRPfTaOFg== x-amz-request-id: 656c76696e67SAMPLE57374 Date: Tue, 04 Apr 2010 20:34:56 GMT Connection: keep-alive Server: AmazonS3 { "Version":"2008-10-17", "Id":"aaaa-bbbb-cccc-dddd", "Statement" : [ { "Effect":"Deny", "Sid":"1", "Principal" : { "AWS":["111122223333","444455556666"] }, "Action":["s3:*"], "Resource":"arn:aws:s3:::bucket/*" } ] } ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketPolicy) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketPolicy) # GetBucketPolicyStatus **Note** This operation is not supported for directory buckets. Retrieves the policy status for an Amazon S3 bucket, indicating whether the bucket is public. In order to use this operation, you must have the `s3:GetBucketPolicyStatus` permission. For more information about Amazon S3 permissions, see [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). For more information about when Amazon S3 considers a bucket public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status). The following operations are related to `GetBucketPolicyStatus`: + [Using Amazon S3 Block Public Access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) + [GetPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) + [PutPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) + [DeletePublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?policyStatus HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketPolicyStatus_RequestSyntax) ** The name of the Amazon S3 bucket whose policy status you want to retrieve. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketPolicyStatus_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 boolean ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [PolicyStatus](#API_GetBucketPolicyStatus_ResponseSyntax) ** Root level tag for the PolicyStatus parameters. Required: Yes ** [IsPublic](#API_GetBucketPolicyStatus_ResponseSyntax) ** The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public. Type: Boolean ## Examples ### Sample Request The following request gets a bucket policy status. ``` GET /?policyStatus HTTP/1.1 Host: .s3..amazonaws.com x-amz-date: Authorization: ``` ### Sample Response This example illustrates one usage of GetBucketPolicyStatus. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 0 TRUE ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketPolicyStatus) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketPolicyStatus) # GetBucketReplication **Note** This operation is not supported for directory buckets. Returns the replication configuration of a bucket. **Note** It can take a while to propagate the put or delete a replication configuration to all Amazon S3 systems. Therefore, a get request soon after put or delete can return a wrong result. For information about replication configuration, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*. This action requires permissions for the `s3:GetReplicationConfiguration` action. For more information about permissions, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). If you include the `Filter` element in a replication configuration, you must also include the `DeleteMarkerReplication` and `Priority` elements. The response also returns those elements. For information about `GetBucketReplication` errors, see [List of replication-related error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ReplicationErrorCodeList) The following operations are related to `GetBucketReplication`: + [PutBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) + [DeleteBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?replication HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketReplication_RequestSyntax) ** The bucket name for which to get the replication information. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketReplication_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string string string integer string string integer string string string string string ... string string string string string integer string string string ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ReplicationConfiguration](#API_GetBucketReplication_ResponseSyntax) ** Root level tag for the ReplicationConfiguration parameters. Required: Yes ** [Role](#API_GetBucketReplication_ResponseSyntax) ** The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*. Type: String ** [Rule](#API_GetBucketReplication_ResponseSyntax) ** A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules. Type: Array of [ReplicationRule](API_ReplicationRule.md) data types ## Examples ### Sample Request: Retrieve replication configuration information The following GET request retrieves information about the replication configuration set for the `amzn-s3-demo-bucket` bucket: ``` GET /?replication HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Tue, 10 Feb 2015 00:17:21 GMT Authorization: authorization string ``` ### Sample Response The following response shows that replication is enabled on the bucket. The empty prefix indicates that Amazon S3 will replicate all objects that are created in the `amzn-s3-demo-bucket` bucket. The `Destination` element identifies the target bucket where Amazon S3 creates the object replicas, and the storage class (STANDARD\$1IA) that Amazon S3 uses when creating replicas. Amazon S3 assumes the specified IAM role to replicate objects on behalf of the bucket owner, which is the AWS account that created the bucket. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4RyTmXa3rPi4hklTXouTf0hccUjo0iCPjz6FnfIutBj3M7fPGlWO2SEWp x-amz-request-id: 51991C342example Date: Tue, 10 Feb 2015 00:17:23 GMT Server: AmazonS3 Content-Length: contentlength arn:aws:iam::35667example:role/CrossRegionReplicationRoleForS3 rule1 Enabled 1 Disabled TaxDocs key1 value1 key1 value1 arn:aws:s3:::exampletargetbucket ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketReplication) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketReplication) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketReplication) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketReplication) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketReplication) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketReplication) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketReplication) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketReplication) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketReplication) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketReplication) # GetBucketRequestPayment **Note** This operation is not supported for directory buckets. Returns the request payment configuration of a bucket. To use this version of the operation, you must be the bucket owner. For more information, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html). The following operations are related to `GetBucketRequestPayment`: + [ListObjects](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?requestPayment HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketRequestPayment_RequestSyntax) ** The name of the bucket for which to get the payment request configuration Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketRequestPayment_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [RequestPaymentConfiguration](#API_GetBucketRequestPayment_ResponseSyntax) ** Root level tag for the RequestPaymentConfiguration parameters. Required: Yes ** [Payer](#API_GetBucketRequestPayment_ResponseSyntax) ** Specifies who pays for the download and request fees. Type: String Valid Values: `Requester | BucketOwner` ## Examples ### Sample Request The following request returns the payer for the bucket, `amzn-s3-demo-bucket`. ``` GET ?requestPayment HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 01 Mar 2009 12:00:00 GMT Authorization: authorization string ``` ### Sample Response This response shows that the bucket is a Requester Pays bucket, meaning the person requesting a download from this bucket pays the transfer fees. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2009 12:00:00 GMT Content-Type: [type] Content-Length: 0 Connection: close Server: AmazonS3 Requester ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketRequestPayment) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketRequestPayment) # GetBucketTagging **Note** This operation is not supported for directory buckets. Returns the tag set associated with the general purpose bucket. To use this operation, you must have permission to perform the `s3:GetBucketTagging` action. By default, the bucket owner has this permission and can grant this permission to others. `GetBucketTagging` has the following special error: + Error code: `NoSuchTagSet` + Description: There is no tag set associated with the bucket. The following operations are related to `GetBucketTagging`: + [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) + [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?tagging HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketTagging_RequestSyntax) ** The name of the bucket for which to get the tagging information. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketTagging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [Tagging](#API_GetBucketTagging_ResponseSyntax) ** Root level tag for the Tagging parameters. Required: Yes ** [TagSet](#API_GetBucketTagging_ResponseSyntax) ** Contains the tag set. Type: Array of [Tag](API_Tag.md) data types ## Examples ### Sample Request The following request returns the tag set of the specified bucket. ``` GET ?tagging HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string ``` ### Sample Response Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` HTTP/1.1 200 OK Date: Wed, 25 Nov 2009 12:00:00 GMT Connection: close Server: AmazonS3 Project Project One User jsmith ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketTagging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketTagging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketTagging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketTagging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketTagging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketTagging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketTagging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketTagging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketTagging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketTagging) # GetBucketVersioning **Note** This operation is not supported for directory buckets. Returns the versioning state of a bucket. To retrieve the versioning state of a bucket, you must be the bucket owner. This implementation also returns the MFA Delete status of the versioning state. If the MFA Delete status is `enabled`, the bucket owner must use an authentication device to change the versioning state of the bucket. The following operations are related to `GetBucketVersioning`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [DeleteObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?versioning HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketVersioning_RequestSyntax) ** The name of the bucket for which to get the versioning information. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketVersioning_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [VersioningConfiguration](#API_GetBucketVersioning_ResponseSyntax) ** Root level tag for the VersioningConfiguration parameters. Required: Yes ** [MFADelete](#API_GetBucketVersioning_ResponseSyntax) ** Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is only returned if the bucket has been configured with MFA delete. If the bucket has never been so configured, this element is not returned. Type: String Valid Values: `Enabled | Disabled` ** [Status](#API_GetBucketVersioning_ResponseSyntax) ** The versioning state of the bucket. Type: String Valid Values: `Enabled | Suspended` ## Examples ### Example This example returns the versioning state of `amzn-s3-demo-bucket`. ``` GET /?versioning HTTP/1.1 Host:amzn-s3-demo-bucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: text/plain ``` ### Example There are three versioning states: If you enabled versioning on a bucket, the response is: ``` Enabled ``` ### Example If you suspended versioning on a bucket, the response is: ``` Suspended ``` ### Example If you never enabled (or suspended) versioning on a bucket, the response is: ``` ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketVersioning) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketVersioning) # GetBucketWebsite **Note** This operation is not supported for directory buckets. Returns the website configuration for a bucket. To host website on Amazon S3, you can configure a bucket as website by adding a website configuration. For more information about hosting websites, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). This GET action requires the `S3:GetBucketWebsite` permission. By default, only the bucket owner can read the bucket website configuration. However, bucket owners can allow other users to read the website configuration by writing a bucket policy granting them the `S3:GetBucketWebsite` permission. The following operations are related to `GetBucketWebsite`: + [DeleteBucketWebsite](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html) + [PutBucketWebsite](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?website HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetBucketWebsite_RequestSyntax) ** The bucket name for which to get the website configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetBucketWebsite_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string string string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [WebsiteConfiguration](#API_GetBucketWebsite_ResponseSyntax) ** Root level tag for the WebsiteConfiguration parameters. Required: Yes ** [ErrorDocument](#API_GetBucketWebsite_ResponseSyntax) ** The object key name of the website error document to use for 4XX class errors. Type: [ErrorDocument](API_ErrorDocument.md) data type ** [IndexDocument](#API_GetBucketWebsite_ResponseSyntax) ** The name of the index document for the website (for example `index.html`). Type: [IndexDocument](API_IndexDocument.md) data type ** [RedirectAllRequestsTo](#API_GetBucketWebsite_ResponseSyntax) ** Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket. Type: [RedirectAllRequestsTo](API_RedirectAllRequestsTo.md) data type ** [RoutingRules](#API_GetBucketWebsite_ResponseSyntax) ** Rules that define when a redirect is applied and the redirect behavior. Type: Array of [RoutingRule](API_RoutingRule.md) data types ## Examples ### Sample Request This request retrieves website configuration on the specified bucket. ``` GET ?website HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Thu, 27 Jan 2011 00:49:20 GMT Authorization: AWS AKIAIOSFODNN7EXAMPLE:n0Nhek72Ufg/u7Sm5C1dqRLs8XX= ``` ### Sample Response This example illustrates one usage of GetBucketWebsite. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 3848CD259D811111 Date: Thu, 27 Jan 2011 00:49:26 GMT Content-Length: 240 Content-Type: application/xml Transfer-Encoding: chunked Server: AmazonS3 index.html 404.html ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketWebsite) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketWebsite) # GetObject Retrieves an object from Amazon S3. In the `GetObject` request, specify the full key name for the object. **General purpose buckets** - Both the virtual-hosted-style requests and the path-style requests are supported. For a virtual hosted-style request example, if you have the object `photos/2006/February/sample.jpg`, specify the object key name as `/photos/2006/February/sample.jpg`. For a path-style request example, if you have the object `photos/2006/February/sample.jpg` in the bucket named `examplebucket`, specify the object key name as `/examplebucket/photos/2006/February/sample.jpg`. For more information about request types, see [HTTP Host Header Bucket Specification](https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket) in the *Amazon S3 User Guide*. **Directory buckets** - Only virtual-hosted-style requests are supported. For a virtual hosted-style request example, if you have the object `photos/2006/February/sample.jpg` in the bucket named `amzn-s3-demo-bucket--usw2-az1--x-s3`, specify the object key name as `/photos/2006/February/sample.jpg`. Also, when you make requests to this API operation, your requests are sent to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - You must have the required permissions in a policy. To use `GetObject`, you must have the `READ` access to the object (or version). If you grant `READ` access to the anonymous user, the `GetObject` operation returns the object without using an authorization header. For more information, see [Specifying permissions in a policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) in the *Amazon S3 User Guide*. If you include a `versionId` in your request header, you must have the `s3:GetObjectVersion` permission to access a specific version of an object. The `s3:GetObject` permission is not required in this scenario. If you request the current version of an object without a specific `versionId` in the request header, only the `s3:GetObject` permission is required. The `s3:GetObjectVersion` permission is not required in this scenario. If the object that you request doesn’t exist, the error that Amazon S3 returns depends on whether you also have the `s3:ListBucket` permission. + If you have the `s3:ListBucket` permission on the bucket, Amazon S3 returns an HTTP status code `404 Not Found` error. + If you don’t have the `s3:ListBucket` permission, Amazon S3 returns an HTTP status code `403 Access Denied` error. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). If the object is encrypted using SSE-KMS, you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key. Storage classes If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, before you can retrieve the object you must first restore a copy using [RestoreObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). Otherwise, this operation returns an `InvalidObjectState` error. For information about restoring archived objects, see [Restoring Archived Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) in the *Amazon S3 User Guide*. **Directory buckets ** - Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. Unsupported storage class values won't write a destination object and will respond with the HTTP status code `400 Bad Request`. Encryption Encryption request headers, like `x-amz-server-side-encryption`, should not be sent for the `GetObject` requests, if your object uses server-side encryption with Amazon S3 managed encryption keys (SSE-S3), server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), or dual-layer server-side encryption with AWS KMS keys (DSSE-KMS). If you include the header in your `GetObject` requests for the object that uses these types of keys, you’ll get an HTTP `400 Bad Request` error. **Directory buckets** - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. Overriding response header values through the request There are times when you want to override certain response header values of a `GetObject` response. For example, you might override the `Content-Disposition` response header value through your `GetObject` request. You can override values for a set of response headers. These modified response header values are included only in a successful response, that is, when the HTTP status code `200 OK` is returned. The headers you can override using the following query parameters in the request are a subset of the headers that Amazon S3 accepts when you create an object. The response headers that you can override for the `GetObject` response are `Cache-Control`, `Content-Disposition`, `Content-Encoding`, `Content-Language`, `Content-Type`, and `Expires`. To override values for a set of response headers in the `GetObject` response, you can use the following query parameters in the request. + `response-cache-control` + `response-content-disposition` + `response-content-encoding` + `response-content-language` + `response-content-type` + `response-expires` When you use these parameters, you must sign the request by using either an Authorization header or a presigned URL. These parameters cannot be used with an unsigned (anonymous) request. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `GetObject`: + [ListBuckets](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) + [GetObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /Key+?partNumber=PartNumber&response-cache-control=ResponseCacheControl&response-content-disposition=ResponseContentDisposition&response-content-encoding=ResponseContentEncoding&response-content-language=ResponseContentLanguage&response-content-type=ResponseContentType&response-expires=ResponseExpires&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com If-Match: IfMatch If-Modified-Since: IfModifiedSince If-None-Match: IfNoneMatch If-Unmodified-Since: IfUnmodifiedSince Range: Range x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-checksum-mode: ChecksumMode ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObject_RequestSyntax) ** The bucket name containing the object. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. **Object Lambda access points** - When you use this action with an Object Lambda access point, you must direct requests to the Object Lambda access point hostname. The Object Lambda access point hostname takes the form *AccessPointName*-*AccountId*.s3-object-lambda.*Region*.amazonaws.com. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [If-Match](#API_GetObject_RequestSyntax) ** Return the object only if its entity tag (ETag) is the same as the one specified in this header; otherwise, return a `412 Precondition Failed` error. If both of the `If-Match` and `If-Unmodified-Since` headers are present in the request as follows: `If-Match` condition evaluates to `true`, and; `If-Unmodified-Since` condition evaluates to `false`; then, S3 returns `200 OK` and the data requested. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [If-Modified-Since](#API_GetObject_RequestSyntax) ** Return the object only if it has been modified since the specified time; otherwise, return a `304 Not Modified` error. If both of the `If-None-Match` and `If-Modified-Since` headers are present in the request as follows:` If-None-Match` condition evaluates to `false`, and; `If-Modified-Since` condition evaluates to `true`; then, S3 returns `304 Not Modified` status code. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [If-None-Match](#API_GetObject_RequestSyntax) ** Return the object only if its entity tag (ETag) is different from the one specified in this header; otherwise, return a `304 Not Modified` error. If both of the `If-None-Match` and `If-Modified-Since` headers are present in the request as follows:` If-None-Match` condition evaluates to `false`, and; `If-Modified-Since` condition evaluates to `true`; then, S3 returns `304 Not Modified` HTTP status code. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [If-Unmodified-Since](#API_GetObject_RequestSyntax) ** Return the object only if it has not been modified since the specified time; otherwise, return a `412 Precondition Failed` error. If both of the `If-Match` and `If-Unmodified-Since` headers are present in the request as follows: `If-Match` condition evaluates to `true`, and; `If-Unmodified-Since` condition evaluates to `false`; then, S3 returns `200 OK` and the data requested. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [Key](#API_GetObject_RequestSyntax) ** Key of the object to get. Length Constraints: Minimum length of 1. Required: Yes ** [partNumber](#API_GetObject_RequestSyntax) ** Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' GET request for the part specified. Useful for downloading just a part of an object. ** [Range](#API_GetObject_RequestSyntax) ** Downloads the specified byte range of an object. For more information about the HTTP Range header, see [https://www.rfc-editor.org/rfc/rfc9110.html\$1name-range](https://www.rfc-editor.org/rfc/rfc9110.html#name-range). Amazon S3 doesn't support retrieving multiple ranges of data per `GET` request. ** [response-cache-control](#API_GetObject_RequestSyntax) ** Sets the `Cache-Control` header of the response. ** [response-content-disposition](#API_GetObject_RequestSyntax) ** Sets the `Content-Disposition` header of the response. ** [response-content-encoding](#API_GetObject_RequestSyntax) ** Sets the `Content-Encoding` header of the response. ** [response-content-language](#API_GetObject_RequestSyntax) ** Sets the `Content-Language` header of the response. ** [response-content-type](#API_GetObject_RequestSyntax) ** Sets the `Content-Type` header of the response. ** [response-expires](#API_GetObject_RequestSyntax) ** Sets the `Expires` header of the response. ** [versionId](#API_GetObject_RequestSyntax) ** Version ID used to reference a specific version of the object. By default, the `GetObject` operation returns the current version of an object. To return a different version, use the `versionId` subresource. + If you include a `versionId` in your request header, you must have the `s3:GetObjectVersion` permission to access a specific version of an object. The `s3:GetObject` permission is not required in this scenario. + If you request the current version of an object without a specific `versionId` in the request header, only the `s3:GetObject` permission is required. The `s3:GetObjectVersion` permission is not required in this scenario. + **Directory buckets** - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the `null` value of the version ID is supported by directory buckets. You can only specify `null` to the `versionId` query parameter in the request. For more information about versioning, see [PutBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html). ** [x-amz-checksum-mode](#API_GetObject_RequestSyntax) ** To retrieve the checksum, this mode must be enabled. Valid Values: `ENABLED` ** [x-amz-expected-bucket-owner](#API_GetObject_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_GetObject_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption-customer-algorithm](#API_GetObject_RequestSyntax) ** Specifies the algorithm to use when decrypting the object (for example, `AES256`). If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers: + `x-amz-server-side-encryption-customer-algorithm` + `x-amz-server-side-encryption-customer-key` + `x-amz-server-side-encryption-customer-key-MD5` For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_GetObject_RequestSyntax) ** Specifies the customer-provided encryption key that you originally provided for Amazon S3 to encrypt the data before storing it. This value is used to decrypt the object when recovering it and must match the one used when storing the data. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm` header. If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers: + `x-amz-server-side-encryption-customer-algorithm` + `x-amz-server-side-encryption-customer-key` + `x-amz-server-side-encryption-customer-key-MD5` For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_GetObject_RequestSyntax) ** Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers: + `x-amz-server-side-encryption-customer-algorithm` + `x-amz-server-side-encryption-customer-key` + `x-amz-server-side-encryption-customer-key-MD5` For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-delete-marker: DeleteMarker accept-ranges: AcceptRanges x-amz-expiration: Expiration x-amz-restore: Restore Last-Modified: LastModified Content-Length: ContentLength ETag: ETag x-amz-checksum-crc32: ChecksumCRC32 x-amz-checksum-crc32c: ChecksumCRC32C x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-checksum-sha1: ChecksumSHA1 x-amz-checksum-sha256: ChecksumSHA256 x-amz-checksum-type: ChecksumType x-amz-missing-meta: MissingMeta x-amz-version-id: VersionId Cache-Control: CacheControl Content-Disposition: ContentDisposition Content-Encoding: ContentEncoding Content-Language: ContentLanguage Content-Range: ContentRange Content-Type: ContentType Expires: Expires x-amz-website-redirect-location: WebsiteRedirectLocation x-amz-server-side-encryption: ServerSideEncryption x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-storage-class: StorageClass x-amz-request-charged: RequestCharged x-amz-replication-status: ReplicationStatus x-amz-mp-parts-count: PartsCount x-amz-tagging-count: TagCount x-amz-object-lock-mode: ObjectLockMode x-amz-object-lock-retain-until-date: ObjectLockRetainUntilDate x-amz-object-lock-legal-hold: ObjectLockLegalHoldStatus Body ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [accept-ranges](#API_GetObject_ResponseSyntax) ** Indicates that a range of bytes was specified in the request. ** [Cache-Control](#API_GetObject_ResponseSyntax) ** Specifies caching behavior along the request/reply chain. ** [Content-Disposition](#API_GetObject_ResponseSyntax) ** Specifies presentational information for the object. ** [Content-Encoding](#API_GetObject_ResponseSyntax) ** Indicates what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. ** [Content-Language](#API_GetObject_ResponseSyntax) ** The language the content is in. ** [Content-Length](#API_GetObject_ResponseSyntax) ** Size of the body in bytes. ** [Content-Range](#API_GetObject_ResponseSyntax) ** The portion of the object returned in the response. ** [Content-Type](#API_GetObject_ResponseSyntax) ** A standard MIME type describing the format of the object data. ** [ETag](#API_GetObject_ResponseSyntax) ** An entity tag (ETag) is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. ** [Expires](#API_GetObject_ResponseSyntax) ** The date and time at which the object is no longer cacheable. ** [Last-Modified](#API_GetObject_ResponseSyntax) ** Date and time when the object was last modified. **General purpose buckets ** - When you specify a `versionId` of the object in your request, if the specified version in the request is a delete marker, the response returns a `405 Method Not Allowed` error and the `Last-Modified: timestamp` response header. ** [x-amz-checksum-crc32](#API_GetObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32` checksum of the object. This checksum is only present if the object was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc32c](#API_GetObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32C` checksum of the object. This checksum is only present if the checksum was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc64nvme](#API_GetObject_ResponseSyntax) ** The Base64 encoded, 64-bit `CRC64NVME` checksum of the object. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). ** [x-amz-checksum-sha1](#API_GetObject_ResponseSyntax) ** The Base64 encoded, 160-bit `SHA1` digest of the object. This checksum is only present if the checksum was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha256](#API_GetObject_ResponseSyntax) ** The Base64 encoded, 256-bit `SHA256` digest of the object. This checksum is only present if the checksum was uploaded with the object. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-type](#API_GetObject_ResponseSyntax) ** The checksum type, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. You can use this header response to verify that the checksum type that is received is the same checksum type that was specified in the `CreateMultipartUpload` request. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Valid Values: `COMPOSITE | FULL_OBJECT` ** [x-amz-delete-marker](#API_GetObject_ResponseSyntax) ** Indicates whether the object retrieved was (true) or was not (false) a Delete Marker. If false, this response header does not appear in the response. + If the current version of the object is a delete marker, Amazon S3 behaves as if the object was deleted and includes `x-amz-delete-marker: true` in the response. + If the specified version in the request is a delete marker, the response returns a `405 Method Not Allowed` error and the `Last-Modified: timestamp` response header. ** [x-amz-expiration](#API_GetObject_ResponseSyntax) ** If the object expiration is configured (see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), the response includes this header. It includes the `expiry-date` and `rule-id` key-value pairs providing object expiration information. The value of the `rule-id` is URL-encoded. Object expiration information is not returned in directory buckets and this header returns the value "`NotImplemented`" in all responses for directory buckets. ** [x-amz-missing-meta](#API_GetObject_ResponseSyntax) ** This is set to the number of metadata entries not returned in the headers that are prefixed with `x-amz-meta-`. This can happen if you create metadata using an API like SOAP that supports more flexible metadata than the REST API. For example, using SOAP, you can create metadata whose values are not legal HTTP headers. This functionality is not supported for directory buckets. ** [x-amz-mp-parts-count](#API_GetObject_ResponseSyntax) ** The count of parts this object has. This value is only returned if you specify `partNumber` in your request and the object was uploaded as a multipart upload. ** [x-amz-object-lock-legal-hold](#API_GetObject_ResponseSyntax) ** Indicates whether this object has an active legal hold. This field is only returned if you have permission to view an object's legal hold status. This functionality is not supported for directory buckets. Valid Values: `ON | OFF` ** [x-amz-object-lock-mode](#API_GetObject_ResponseSyntax) ** The Object Lock mode that's currently in place for this object. This functionality is not supported for directory buckets. Valid Values: `GOVERNANCE | COMPLIANCE` ** [x-amz-object-lock-retain-until-date](#API_GetObject_ResponseSyntax) ** The date and time when this object's Object Lock will expire. This functionality is not supported for directory buckets. ** [x-amz-replication-status](#API_GetObject_ResponseSyntax) ** Amazon S3 can return this if your request involves a bucket that is either a source or destination in a replication rule. This functionality is not supported for directory buckets. Valid Values: `COMPLETE | PENDING | FAILED | REPLICA | COMPLETED` ** [x-amz-request-charged](#API_GetObject_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-restore](#API_GetObject_ResponseSyntax) ** Provides information about object restoration action and expiration time of the restored object copy. This functionality is not supported for directory buckets. Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. ** [x-amz-server-side-encryption](#API_GetObject_ResponseSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_GetObject_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_GetObject_ResponseSyntax) ** Indicates whether the object uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-server-side-encryption-customer-algorithm](#API_GetObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_GetObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key. This functionality is not supported for directory buckets. ** [x-amz-storage-class](#API_GetObject_ResponseSyntax) ** Provides storage class information of the object. Amazon S3 returns this header for all objects except for S3 Standard storage class objects. **Directory buckets ** - Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` ** [x-amz-tagging-count](#API_GetObject_ResponseSyntax) ** The number of tags, if any, on the object, when you have the relevant permission to read object tags. You can use [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) to retrieve the tag set associated with an object. This functionality is not supported for directory buckets. ** [x-amz-version-id](#API_GetObject_ResponseSyntax) ** Version ID of the object. This functionality is not supported for directory buckets. ** [x-amz-website-redirect-location](#API_GetObject_ResponseSyntax) ** If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. This functionality is not supported for directory buckets. The following data is returned in binary format by the service. ** [Body](#API_GetObject_ResponseSyntax) ** ## Errors ** InvalidObjectState ** Object is archived and inaccessible until restored. If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, before you can retrieve the object you must first restore a copy using [RestoreObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). Otherwise, this operation returns an `InvalidObjectState` error. For information about restoring archived objects, see [Restoring Archived Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) in the *Amazon S3 User Guide*. HTTP Status Code: 403 ** NoSuchKey ** The specified key does not exist. HTTP Status Code: 404 ## Examples ### Sample Request for general purpose buckets The following request returns the object `my-image.jpg`. ``` GET /my-image.jpg HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Date: Mon, 3 Oct 2016 22:32:00 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of GetObject. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 Date: Mon, 3 Oct 2016 22:32:00 GMT Last-Modified: Wed, 12 Oct 2009 17:50:00 GMT ETag: "fba9dede5f27731c9771645a39863328" Content-Length: 434234 [434234 bytes of object data] ``` ### Sample Response for general purpose buckets: Object with associated tags If the object had tags associated with it, Amazon S3 returns the `x-amz-tagging-count` header with tag count. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 Date: Mon, 3 Oct 2016 22:32:00 GMT Last-Modified: Wed, 12 Oct 2009 17:50:00 GMT ETag: "fba9dede5f27731c9771645a39863328" Content-Length: 434234 x-amz-tagging-count: 2 [434234 bytes of object data] ``` ### Sample Response for general purpose buckets: Object with an expiration If the object had expiration set using lifecycle configuration, you get the following response with the `x-amz-expiration` header. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Wed, 12 Oct 2009 17:50:00 GMT x-amz-expiration: expiry-date="Fri, 23 Dec 2012 00:00:00 GMT", rule-id="picture-deletion-rule" ETag: "fba9dede5f27731c9771645a39863328" Content-Length: 434234 Content-Type: text/plain [434234 bytes of object data] ``` ### Sample Response for general purpose buckets: If an object is archived in the S3 Glacier Flexible Retrieval or S3 Glacier Deep Archive storage classes If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval or S3 Glacier Deep Archive storage classes, you must first restore a copy using [RestoreObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). Otherwise, this action returns an `InvalidObjectState` error. ``` HTTP/1.1 403 Forbidden x-amz-request-id: CD4BD8A1310A11B3 x-amz-id-2: m9RDbQU0+RRBTjOUN1ChQ1eqMUnr9dv8b+KP6I2gHfRJZSTSrMCoRP8RtPRzX9mb Content-Type: application/xml Date: Mon, 12 Nov 2012 23:53:21 GMT Server: Amazon S3 Content-Length: 231 InvalidObjectState The action is not valid for the object's storage class 9FEFFF118E15B86F WVQ5kzhiT+oiUfDCOiOYv8W4Tk9eNcxWi/MK+hTS/av34Xy4rBU3zsavf0aaaaa ``` ### Sample Response for general purpose buckets: If an object is archived with the S3 Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep Archive tiers If the object you are retrieving is stored in the S3 Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep Archive tiers, you must first restore a copy using [RestoreObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). Otherwise, this action returns an `InvalidObjectState` error. When restoring from Archive Access or Deep Archive Access tiers, the response will include `StorageClass` and `AccessTier` elements. Access tier valid values are `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS`. There is no syntax change if there is an ongoing restore. ``` HTTP/1.1 403 Forbidden x-amz-request-id: CB6AW8C4332B23B7 x-amz-id-2: n3RRfT90+PJDUhut3nhGW2ehfhfNU5f55c+a2ceCC36ab7c7fe3a71Q273b9Q45b1R5 Content-Type: application/xml Date: Mon, 12 Nov 2012 23:53:21 GMT Server: Amazon S3 Content-Length: 231 InvalidObjectState The action is not valid for the object's access tier INTELLIGENT_TIERING ARCHIVE_ACCESS 9FEFFF118E15B86F WVQ5kzhiT+oiUfDCOiOYv8W4Tk9eNcxWi/MK+hTS/av34Xy4rBU3zsavf0aaaaa ``` ### Sample Response for general purpose buckets: If the Latest Object Is a Delete Marker Notice that the delete marker returns a 404 Not Found error. ``` HTTP/1.1 404 Not Found x-amz-request-id: 318BC8BC148832E5 x-amz-id-2: eftixk72aD6Ap51Tnqzj7UDNEHGran x-amz-version-id: 3GL4kqtJlcpXroDTDm3vjVBH40Nr8X8g x-amz-delete-marker: true Date: Wed, 28 Oct 2009 22:32:00 GMT Content-Type: text/plain Connection: close Server: AmazonS3 ``` ### Sample Request for general purpose buckets: Getting a specified version of an object The following request returns the specified version of an object. ``` GET /myObject?versionId=3/L4kqtJlcpXroDTDmpUMLUo HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets: GET a versioned object This example illustrates one usage of GetObject. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap54OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT x-amz-version-id: 3/L4kqtJlcpXroDTDmJ+rmSpXd3QBpUMLUo ETag: "fba9dede5f27731c9771645a39863328" Content-Length: 434234 Content-Type: text/plain Connection: close Server: AmazonS3 [434234 bytes of object data] ``` ### Sample Request for general purpose buckets: Parameters altering response header values The following request specifies all the query string parameters in a GET request overriding the response header values. ``` GET /Junk3.txt?response-cache-control=No-cache&response-content-disposition=attachment%3B%20filename%3Dtesting.txt&response-content-encoding=x-gzip&response-content-language=mi%2C%20en&response-expires=Thu%2C%2001%20Dec%201994%2016:00:00%20GMT HTTP/1.1 x-amz-date: Sun, 19 Dec 2010 01:53:44 GMT Accept: */* Authorization: AWS AKIAIOSFODNN7EXAMPLE:aaStE6nKnw8ihhiIdReoXYlMamW= ``` ### Sample Response for general purpose buckets: With overridden response header values The following request specifies all the query string parameters in a GET request overriding the response header values. ``` HTTP/1.1 200 OK x-amz-id-2: SIidWAK3hK+Il3/Qqiu1ZKEuegzLAAspwsgwnwygb9GgFseeFHL5CII8NXSrfWW2 x-amz-request-id: 881B1CBD9DF17WA1 Date: Sun, 19 Dec 2010 01:54:01 GMT x-amz-meta-param1: value 1 x-amz-meta-param2: value 2 Cache-Control: No-cache Content-Language: mi, en Expires: Thu, 01 Dec 1994 16:00:00 GMT Content-Disposition: attachment; filename=testing.txt Content-Encoding: x-gzip Last-Modified: Fri, 17 Dec 2010 18:10:41 GMT ETag: "0332bee1a7bf845f176c5c0d1ae7cf07" Accept-Ranges: bytes Content-Type: text/plain Content-Length: 22 Server: AmazonS3 [object data not shown] ``` ### Sample Request for general purpose buckets: Range header The following request specifies the HTTP Range header to retrieve the first 10 bytes of an object. For more information about the HTTP Range header, see [https://www.rfc-editor.org/rfc/rfc9110.html\$1name-range](https://www.rfc-editor.org/rfc/rfc9110.html#name-range). **Note** Amazon S3 doesn't support retrieving multiple ranges of data per `GET` request. ``` GET /example-object HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: Fri, 28 Jan 2011 21:32:02 GMT Range: bytes=0-9 Authorization: AWS AKIAIOSFODNN7EXAMPLE:Yxg83MZaEgh3OZ3l0rLo5RTX11o= Sample Response with Specified Range of the Object Bytes ``` ### Sample Response for general purpose buckets In the following sample response, note that the header values are set to the values specified in the true request. ``` HTTP/1.1 206 Partial Content x-amz-id-2: MzRISOwyjmnupCzjI1WC06l5TTAzm7/JypPGXLh0OVFGcJaaO3KW/hRAqKOpIEEp x-amz-request-id: 47622117804B3E11 Date: Fri, 28 Jan 2011 21:32:09 GMT x-amz-meta-title: the title Last-Modified: Fri, 28 Jan 2011 20:10:32 GMT ETag: "b2419b1e3fd45d596ee22bdf62aaaa2f" Accept-Ranges: bytes Content-Range: bytes 0-9/443 Content-Type: text/plain Content-Length: 10 Server: AmazonS3 [10 bytes of object data] ``` ### Sample Request for general purpose buckets: Get an object stored using server-side encryption with customer-provided encryption keys If an object is stored in Amazon S3 using server-side encryption with customer-provided encryption keys, Amazon S3 needs encryption information so that it can decrypt the object before sending it to you in response to a GET request. You provide the encryption information in your GET request using the relevant headers, as shown in the following example request. ``` GET /example-object HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com Accept: */* Authorization:authorization string Date: Wed, 28 May 2014 19:24:44 +0000 x-amz-server-side-encryption-customer-key:g0lCfA3Dv40jZz5SQJ1ZukLRFqtI5WorC/8SEKEXAMPLE x-amz-server-side-encryption-customer-key-MD5:ZjQrne1X/iTcskbY2m3example x-amz-server-side-encryption-customer-algorithm:AES256 ``` ### Sample Response for general purpose buckets The following sample response shows some of the response headers Amazon S3 returns. Note that it includes the encryption information in the response. ``` HTTP/1.1 200 OK x-amz-id-2: ka5jRm8X3N12ZiY29Z989zg2tNSJPMcK+to7jNjxImXBbyChqc6tLAv+sau7Vjzh x-amz-request-id: 195157E3E073D3F9 Date: Wed, 28 May 2014 19:24:45 GMT Last-Modified: Wed, 28 May 2014 19:21:01 GMT ETag: "c12022c9a3c6d3a28d29d90933a2b096" x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key-MD5: ZjQrne1X/iTcskbY2m3example ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObject) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObject) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObject) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObject) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObject) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObject) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObject) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObject) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObject) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObject) # GetObjectAcl **Note** This operation is not supported for directory buckets. Returns the access control list (ACL) of an object. To use this operation, you must have `s3:GetObjectAcl` permissions or `READ_ACP` access to the object. For more information, see [Mapping of ACL permissions and access policy permissions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#acl-access-policy-permission-mapping) in the *Amazon S3 User Guide* This functionality is not supported for Amazon S3 on Outposts. By default, GET returns ACL information about the current version of an object. To return ACL information about a different version, use the versionId subresource. **Note** If your bucket uses the bucket owner enforced setting for S3 Object Ownership, requests to read ACLs are still supported and return the `bucket-owner-full-control` ACL with the owner being the account that created the bucket. For more information, see [ Controlling object ownership and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. The following operations are related to `GetObjectAcl`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [GetObjectAttributes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) + [DeleteObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /{Key+}?acl&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObjectAcl_RequestSyntax) ** The bucket name that contains the object for which to get the ACL information. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_GetObjectAcl_RequestSyntax) ** The key of the object for which to get the ACL information. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_GetObjectAcl_RequestSyntax) ** Version ID used to reference a specific version of the object. This functionality is not supported for directory buckets. ** [x-amz-expected-bucket-owner](#API_GetObjectAcl_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_GetObjectAcl_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged string string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_GetObjectAcl_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [AccessControlPolicy](#API_GetObjectAcl_ResponseSyntax) ** Root level tag for the AccessControlPolicy parameters. Required: Yes ** [Grants](#API_GetObjectAcl_ResponseSyntax) ** A list of grants. Type: Array of [Grant](API_Grant.md) data types ** [Owner](#API_GetObjectAcl_ResponseSyntax) ** Container for the bucket owner's ID. Type: [Owner](API_Owner.md) data type ## Errors ** NoSuchKey ** The specified key does not exist. HTTP Status Code: 404 ## Examples ### Sample Request The following request returns information, including the ACL, of the object `my-image.jpg`. ``` GET /my-image.jpg?acl HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string ``` ### Sample Response This example illustrates one usage of GetObjectAcl. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 x-amz-version-id: 4HL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nrjfkd Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT Content-Length: 124 Content-Type: text/plain Connection: close Server: AmazonS3 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a CanonicalUser FULL_CONTROL ``` ### Sample Request: Getting the ACL of the specific version of an object The following request returns information, including the ACL, of the specified version of the object, my-image.jpg. ``` GET /my-image.jpg?versionId=3/L4kqtJlcpXroDVBH40Nr8X8gdRQBpUMLUo&acl HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string ``` ### Sample Response: Showing the ACL of the specific version This example illustrates one usage of GetObjectAcl. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT x-amz-version-id: 3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo Content-Length: 124 Content-Type: text/plain Connection: close Server: AmazonS3 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a CanonicalUser FULL_CONTROL ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObjectAcl) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObjectAcl) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObjectAcl) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObjectAcl) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObjectAcl) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObjectAcl) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObjectAcl) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObjectAcl) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObjectAcl) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObjectAcl) # GetObjectAttributes Retrieves all of the metadata from an object without returning the object itself. This operation is useful if you're interested only in an object's metadata. `GetObjectAttributes` combines the functionality of `HeadObject` and `ListParts`. All of the data returned with both of those individual calls can be returned with a single call to `GetObjectAttributes`. **Note** **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - To use `GetObjectAttributes`, you must have READ access to the object. The other permissions that you need to use this operation depend on whether the bucket is versioned and if a version ID is passed in the `GetObjectAttributes` request. + If you pass a version ID in your request, you need both the `s3:GetObjectVersion` and `s3:GetObjectVersionAttributes` permissions. + If you do not pass a version ID in your request, you need the `s3:GetObject` and `s3:GetObjectAttributes` permissions. For more information, see [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) in the *Amazon S3 User Guide*. If the object that you request does not exist, the error Amazon S3 returns depends on whether you also have the `s3:ListBucket` permission. + If you have the `s3:ListBucket` permission on the bucket, Amazon S3 returns an HTTP status code `404 Not Found` ("no such key") error. + If you don't have the `s3:ListBucket` permission, Amazon S3 returns an HTTP status code `403 Forbidden` ("access denied") error. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). If the object is encrypted with SSE-KMS, you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key. Encryption Encryption request headers, like `x-amz-server-side-encryption`, should not be sent for `HEAD` requests if your object uses server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), dual-layer server-side encryption with AWS KMS keys (DSSE-KMS), or server-side encryption with Amazon S3 managed encryption keys (SSE-S3). The `x-amz-server-side-encryption` header is used when you `PUT` an object to S3 and want to specify the encryption method. If you include this header in a `GET` request for an object that uses these types of keys, you’ll get an HTTP `400 Bad Request` error. It's because the encryption method can't be changed when you retrieve the object. If you encrypted an object when you stored the object in Amazon S3 by using server-side encryption with customer-provided encryption keys (SSE-C), then when you retrieve the metadata from the object, you must use the following headers. These headers provide the server with the encryption key required to retrieve the object's metadata. The headers are: + `x-amz-server-side-encryption-customer-algorithm` + `x-amz-server-side-encryption-customer-key` + `x-amz-server-side-encryption-customer-key-MD5` For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. **Directory bucket permissions** - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your `CreateSession` requests or `PUT` object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. For more information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with AWS KMS for new object uploads](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html). Versioning **Directory buckets** - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the `null` value of the version ID is supported by directory buckets. You can only specify `null` to the `versionId` query parameter in the request. Conditional request headers Consider the following when using request headers: + If both of the `If-Match` and `If-Unmodified-Since` headers are present in the request as follows, then Amazon S3 returns the HTTP status code `200 OK` and the data requested: + `If-Match` condition evaluates to `true`. + `If-Unmodified-Since` condition evaluates to `false`. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). + If both of the `If-None-Match` and `If-Modified-Since` headers are present in the request as follows, then Amazon S3 returns the HTTP status code `304 Not Modified`: + `If-None-Match` condition evaluates to `false`. + `If-Modified-Since` condition evaluates to `true`. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following actions are related to `GetObjectAttributes`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [GetObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) + [GetObjectLegalHold](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html) + [GetObjectLockConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLockConfiguration.html) + [GetObjectRetention](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html) + [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) + [HeadObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadObject.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /{Key+}?attributes&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-max-parts: MaxParts x-amz-part-number-marker: PartNumberMarker x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-object-attributes: ObjectAttributes ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObjectAttributes_RequestSyntax) ** The name of the bucket that contains the object. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_GetObjectAttributes_RequestSyntax) ** The object key. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_GetObjectAttributes_RequestSyntax) ** The version ID used to reference a specific version of the object. S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the `null` value of the version ID is supported by directory buckets. You can only specify `null` to the `versionId` query parameter in the request. ** [x-amz-expected-bucket-owner](#API_GetObjectAttributes_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-max-parts](#API_GetObjectAttributes_RequestSyntax) ** Sets the maximum number of parts to return. For more information, see [Uploading and copying objects using multipart upload in Amazon S3 ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html) in the *Amazon Simple Storage Service user guide*. ** [x-amz-object-attributes](#API_GetObjectAttributes_RequestSyntax) ** Specifies the fields at the root level that you want returned in the response. Fields that you do not specify are not returned. Valid Values: `ETag | Checksum | ObjectParts | StorageClass | ObjectSize` Required: Yes ** [x-amz-part-number-marker](#API_GetObjectAttributes_RequestSyntax) ** Specifies the part after which listing should begin. Only parts with higher part numbers will be listed. For more information, see [Uploading and copying objects using multipart upload in Amazon S3 ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html) in the *Amazon Simple Storage Service user guide*. ** [x-amz-request-payer](#API_GetObjectAttributes_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption-customer-algorithm](#API_GetObjectAttributes_RequestSyntax) ** Specifies the algorithm to use when encrypting the object (for example, AES256). This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_GetObjectAttributes_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm` header. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_GetObjectAttributes_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported for directory buckets. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-delete-marker: DeleteMarker Last-Modified: LastModified x-amz-version-id: VersionId x-amz-request-charged: RequestCharged string string string string string string string boolean integer integer integer string string string string string integer long ... integer string long ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [Last-Modified](#API_GetObjectAttributes_ResponseSyntax) ** Date and time when the object was last modified. ** [x-amz-delete-marker](#API_GetObjectAttributes_ResponseSyntax) ** Specifies whether the object retrieved was (`true`) or was not (`false`) a delete marker. If `false`, this response header does not appear in the response. To learn more about delete markers, see [Working with delete markers](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeleteMarker.html). This functionality is not supported for directory buckets. ** [x-amz-request-charged](#API_GetObjectAttributes_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-version-id](#API_GetObjectAttributes_ResponseSyntax) ** The version ID of the object. This functionality is not supported for directory buckets. The following data is returned in XML format by the service. ** [GetObjectAttributesResponse](#API_GetObjectAttributes_ResponseSyntax) ** Root level tag for the GetObjectAttributesResponse parameters. Required: Yes ** [Checksum](#API_GetObjectAttributes_ResponseSyntax) ** The checksum or digest of the object. Type: [Checksum](API_Checksum.md) data type ** [ETag](#API_GetObjectAttributes_ResponseSyntax) ** An ETag is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. Type: String ** [ObjectParts](#API_GetObjectAttributes_ResponseSyntax) ** A collection of parts associated with a multipart upload. Type: [GetObjectAttributesParts](API_GetObjectAttributesParts.md) data type ** [ObjectSize](#API_GetObjectAttributes_ResponseSyntax) ** The size of the object in bytes. Type: Long ** [StorageClass](#API_GetObjectAttributes_ResponseSyntax) ** Provides the storage class information of the object. Amazon S3 returns this header for all objects except for S3 Standard storage class objects. For more information, see [Storage Classes](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html). **Directory buckets** - Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. Type: String Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` ## Errors ** NoSuchKey ** The specified key does not exist. HTTP Status Code: 404 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObjectAttributes) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObjectAttributes) # GetObjectLegalHold **Note** This operation is not supported for directory buckets. Gets an object's current legal hold status. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). This functionality is not supported for Amazon S3 on Outposts. The following action is related to `GetObjectLegalHold`: + [GetObjectAttributes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /{Key+}?legal-hold&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObjectLegalHold_RequestSyntax) ** The bucket name containing the object whose legal hold status you want to retrieve. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_GetObjectLegalHold_RequestSyntax) ** The key name for the object whose legal hold status you want to retrieve. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_GetObjectLegalHold_RequestSyntax) ** The version ID of the object whose legal hold status you want to retrieve. ** [x-amz-expected-bucket-owner](#API_GetObjectLegalHold_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_GetObjectLegalHold_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [LegalHold](#API_GetObjectLegalHold_ResponseSyntax) ** Root level tag for the LegalHold parameters. Required: Yes ** [Status](#API_GetObjectLegalHold_ResponseSyntax) ** Indicates whether the specified object has a legal hold in place. Type: String Valid Values: `ON | OFF` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObjectLegalHold) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObjectLegalHold) # GetObjectLockConfiguration **Note** This operation is not supported for directory buckets. Gets the Object Lock configuration for a bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). The following action is related to `GetObjectLockConfiguration`: + [GetObjectAttributes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?object-lock HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObjectLockConfiguration_RequestSyntax) ** The bucket whose Object Lock configuration you want to retrieve. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetObjectLockConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string integer string integer ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ObjectLockConfiguration](#API_GetObjectLockConfiguration_ResponseSyntax) ** Root level tag for the ObjectLockConfiguration parameters. Required: Yes ** [ObjectLockEnabled](#API_GetObjectLockConfiguration_ResponseSyntax) ** Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket. Type: String Valid Values: `Enabled` ** [Rule](#API_GetObjectLockConfiguration_ResponseSyntax) ** Specifies the Object Lock rule for the specified object. Enable the this rule when you apply `ObjectLockConfiguration` to a bucket. Bucket settings require both a mode and a period. The period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time. Type: [ObjectLockRule](API_ObjectLockRule.md) data type ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObjectLockConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObjectLockConfiguration) # GetObjectRetention **Note** This operation is not supported for directory buckets. Retrieves an object's retention settings. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). This functionality is not supported for Amazon S3 on Outposts. The following action is related to `GetObjectRetention`: + [GetObjectAttributes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /{Key+}?retention&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObjectRetention_RequestSyntax) ** The bucket name containing the object whose retention settings you want to retrieve. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_GetObjectRetention_RequestSyntax) ** The key name for the object whose retention settings you want to retrieve. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_GetObjectRetention_RequestSyntax) ** The version ID for the object whose retention settings you want to retrieve. ** [x-amz-expected-bucket-owner](#API_GetObjectRetention_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_GetObjectRetention_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string timestamp ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [Retention](#API_GetObjectRetention_ResponseSyntax) ** Root level tag for the Retention parameters. Required: Yes ** [Mode](#API_GetObjectRetention_ResponseSyntax) ** Indicates the Retention mode for the specified object. Type: String Valid Values: `GOVERNANCE | COMPLIANCE` ** [RetainUntilDate](#API_GetObjectRetention_ResponseSyntax) ** The date on which this Object Lock Retention will expire. Type: Timestamp ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObjectRetention) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObjectRetention) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObjectRetention) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObjectRetention) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObjectRetention) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObjectRetention) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObjectRetention) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObjectRetention) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObjectRetention) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObjectRetention) # GetObjectTagging **Note** This operation is not supported for directory buckets. Returns the tag-set of an object. You send the GET request against the tagging subresource associated with the object. To use this operation, you must have permission to perform the `s3:GetObjectTagging` action. By default, the GET action returns information about current version of an object. For a versioned bucket, you can have multiple versions of an object in your bucket. To retrieve tags of any other version, use the versionId query parameter. You also need permission for the `s3:GetObjectVersionTagging` action. By default, the bucket owner has this permission and can grant this permission to others. For information about the Amazon S3 object tagging feature, see [Object Tagging](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). The following actions are related to `GetObjectTagging`: + [DeleteObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html) + [GetObjectAttributes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) + [PutObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /{Key+}?tagging&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-request-payer: RequestPayer ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObjectTagging_RequestSyntax) ** The bucket name containing the object for which to get the tagging information. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_GetObjectTagging_RequestSyntax) ** Object key for which to get the tagging information. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_GetObjectTagging_RequestSyntax) ** The versionId of the object for which to get the tagging information. ** [x-amz-expected-bucket-owner](#API_GetObjectTagging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_GetObjectTagging_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-version-id: VersionId string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-version-id](#API_GetObjectTagging_ResponseSyntax) ** The versionId of the object for which you got the tagging information. The following data is returned in XML format by the service. ** [Tagging](#API_GetObjectTagging_ResponseSyntax) ** Root level tag for the Tagging parameters. Required: Yes ** [TagSet](#API_GetObjectTagging_ResponseSyntax) ** Contains the tag set. Type: Array of [Tag](API_Tag.md) data types ## Examples ### Sample Request The following request returns the tag set of the specified object. ``` GET /example-object?tagging HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Thu, 22 Sep 2016 21:33:08 GMT Authorization: authorization string ``` ### Sample Response This example illustrates one usage of GetObjectTagging. ``` HTTP/1.1 200 OK Date: Thu, 22 Sep 2016 21:33:08 GMT Connection: close Server: AmazonS3 tag1 val1 tag2 val2 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObjectTagging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObjectTagging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObjectTagging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObjectTagging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObjectTagging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObjectTagging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObjectTagging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObjectTagging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObjectTagging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObjectTagging) # GetObjectTorrent **Note** This operation is not supported for directory buckets. Returns torrent files from a bucket. BitTorrent can save you bandwidth when you're distributing large files. **Note** You can get torrent only for objects that are less than 5 GB in size, and that are not encrypted using server-side encryption with a customer-provided encryption key. To use GET, you must have READ access to the object. This functionality is not supported for Amazon S3 on Outposts. The following action is related to `GetObjectTorrent`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /{Key+}?torrent HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetObjectTorrent_RequestSyntax) ** The name of the bucket containing the object for which to get the torrent files. Required: Yes ** [Key](#API_GetObjectTorrent_RequestSyntax) ** The object key for which to get the information. Length Constraints: Minimum length of 1. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetObjectTorrent_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_GetObjectTorrent_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged Body ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_GetObjectTorrent_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in binary format by the service. ** [Body](#API_GetObjectTorrent_ResponseSyntax) ** ## Examples ### Getting torrent files in a bucket This example retrieves the `Torrent` file for the `Nelson` object in the `quotes` bucket. ``` GET /quotes/Nelson?torrent HTTP/1.0 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string ``` ### Sample Response This example illustrates one usage of GetObjectTorrent. ``` HTTP/1.1 200 OK x-amz-request-id: 7CD745EBB7AB5ED9 Date: Wed, 25 Nov 2009 12:00:00 GMT Content-Disposition: attachment; filename=Nelson.torrent; Content-Type: application/x-bittorrent Content-Length: 537 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetObjectTorrent) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetObjectTorrent) # GetPublicAccessBlock **Note** This operation is not supported for directory buckets. Retrieves the `PublicAccessBlock` configuration for an Amazon S3 bucket. This operation returns the bucket-level configuration only. To understand the effective public access behavior, you must also consider account-level settings (which may inherit from organization-level policies). To use this operation, you must have the `s3:GetBucketPublicAccessBlock` permission. For more information about Amazon S3 permissions, see [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). **Important** When Amazon S3 evaluates the `PublicAccessBlock` configuration for a bucket or an object, it checks the `PublicAccessBlock` configuration for both the bucket (or the bucket that contains the object) and the bucket owner's account. Account-level settings automatically inherit from organization-level policies when present. If the `PublicAccessBlock` settings are different between the bucket and the account, Amazon S3 uses the most restrictive combination of the bucket-level and account-level settings. For more information about when Amazon S3 considers a bucket or an object public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status). The following operations are related to `GetPublicAccessBlock`: + [Using Amazon S3 Block Public Access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) + [PutPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) + [GetPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) + [DeletePublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?publicAccessBlock HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_GetPublicAccessBlock_RequestSyntax) ** The name of the Amazon S3 bucket whose `PublicAccessBlock` configuration you want to retrieve. Required: Yes ** [x-amz-expected-bucket-owner](#API_GetPublicAccessBlock_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 boolean boolean boolean boolean ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [PublicAccessBlockConfiguration](#API_GetPublicAccessBlock_ResponseSyntax) ** Root level tag for the PublicAccessBlockConfiguration parameters. Required: Yes ** [BlockPublicAcls](#API_GetPublicAccessBlock_ResponseSyntax) ** Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior: + PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public. + PUT Object calls fail if the request includes a public ACL. + PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs. Type: Boolean ** [BlockPublicPolicy](#API_GetPublicAccessBlock_ResponseSyntax) ** Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. Type: Boolean ** [IgnorePublicAcls](#API_GetPublicAccessBlock_ResponseSyntax) ** Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. Type: Boolean ** [RestrictPublicBuckets](#API_GetPublicAccessBlock_ResponseSyntax) ** Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. Type: Boolean ## Examples ### Sample Request The following request gets a bucket `PublicAccessBlock` configuration. ``` GET /?publicAccessBlock HTTP/1.1 Host: .s3..amazonaws.com x-amz-date: Authorization: ``` ### Sample Response This example illustrates one usage of GetPublicAccessBlock. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 0 TRUE FALSE FALSE FALSE ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetPublicAccessBlock) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetPublicAccessBlock) # HeadBucket You can use this operation to determine if a bucket exists and if you have permission to access it. The action returns a `200 OK` HTTP status code if the bucket exists and you have permission to access it. You can make a `HeadBucket` call on any bucket name to any Region in the partition, and regardless of the permissions on the bucket, you will receive a response header with the correct bucket location so that you can then make a proper, signed request to the appropriate Regional endpoint. **Note** If the bucket doesn't exist or you don't have permission to access it, the `HEAD` request returns a generic `400 Bad Request`, `403 Forbidden`, or `404 Not Found` HTTP status code. A message body isn't included, so you can't determine the exception beyond these HTTP response codes. Authentication and authorization **General purpose buckets** - Request to public buckets that grant the s3:ListBucket permission publicly do not need to be signed. All other `HeadBucket` requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the `x-amz-` prefix, including `x-amz-copy-source`, must be signed. For more information, see [REST Authentication](https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). **Directory buckets** - You must use IAM credentials to authenticate and authorize your access to the `HeadBucket` API operation, instead of using the temporary security credentials through the `CreateSession` API operation. AWS CLI or SDKs handles authentication and authorization on your behalf. Permissions + **General purpose bucket permissions** - To use this operation, you must have permissions to perform the `s3:ListBucket` action. The bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - You must have the ** `s3express:CreateSession` ** permission in the `Action` element of a policy. If no session mode is specified, the session will be created with the maximum allowable privilege, attempting `ReadWrite` first, then `ReadOnly` if `ReadWrite` is not permitted. If you want to explicitly restrict the access to be read-only, you can set the `s3express:SessionMode` condition key to `ReadOnly` on the bucket. For more information about example bucket policies, see [Example bucket policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) and [AWS Identity and Access Management (IAM) identity-based policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` HEAD / HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_HeadBucket_RequestSyntax) ** The bucket name. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. **Object Lambda access points** - When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code `InvalidAccessPointAliasError` is returned. For more information about `InvalidAccessPointAliasError`, see [List of Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [x-amz-expected-bucket-owner](#API_HeadBucket_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-bucket-arn: BucketArn x-amz-bucket-location-type: BucketLocationType x-amz-bucket-location-name: BucketLocationName x-amz-bucket-region: BucketRegion x-amz-access-point-alias: AccessPointAlias ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-access-point-alias](#API_HeadBucket_ResponseSyntax) ** Indicates whether the bucket name used in the request is an access point alias. For directory buckets, the value of this field is `false`. ** [x-amz-bucket-arn](#API_HeadBucket_ResponseSyntax) ** The Amazon Resource Name (ARN) of the S3 bucket. ARNs uniquely identify AWS resources across all of AWS. This parameter is only supported for S3 directory buckets. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html). Length Constraints: Minimum length of 1. Maximum length of 128. Pattern: `arn:[^:]+:(s3|s3express):.*` ** [x-amz-bucket-location-name](#API_HeadBucket_ResponseSyntax) ** The name of the location where the bucket will be created. For directory buckets, the Zone ID of the Availability Zone or the Local Zone where the bucket is created. An example Zone ID value for an Availability Zone is `usw2-az1`. This functionality is only supported by directory buckets. ** [x-amz-bucket-location-type](#API_HeadBucket_ResponseSyntax) ** The type of location where the bucket is created. This functionality is only supported by directory buckets. Valid Values: `AvailabilityZone | LocalZone` ** [x-amz-bucket-region](#API_HeadBucket_ResponseSyntax) ** The Region that the bucket is located. Length Constraints: Minimum length of 0. Maximum length of 20. ## Errors ** NoSuchBucket ** The specified bucket does not exist. HTTP Status Code: 404 ## Examples ### Sample Request for general purpose buckets This example illustrates one usage of HeadBucket. ``` HEAD / HTTP/1.1 Date: Fri, 10 Feb 2012 21:34:55 GMT Authorization: authorization string Host: myawsbucket.s3.amazonaws.com Connection: Keep-Alive ``` ### Sample responses for general purpose buckets This example illustrates one usage of HeadBucket. ``` HTTP/1.1 200 OK x-amz-id-2: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY x-amz-request-id: 28PG2CEB32F5EE25 x-amz-bucket-region: us-west-2 x-amz-access-point-alias: false Date: Fri, 10 2012 21:34:56 GMT Server: AmazonS3 ``` ``` HTTP/1.1 301 Moved Permanantly x-amz-id-2: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY x-amz-request-id: M8H3G2AJ0V6NQ8AJ Date: Tue, 06 May 2025 21:29:41 GMT x-amz-bucket-region: us-east-1 x-amz-access-point-alias: false Server: AmazonS3 ``` ``` HTTP/1.1 403 Forbidden x-amz-bucket-region: us-east-1 x-amz-request-id: P6K9QSW8EN5YEPS x-amz-id-2: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY Date: Tue, 06 May 2025 21:24:51 GMT Server: AmazonS3 ``` ### Example of anonymous request response This example illustrates one usage of HeadBucket. ``` HTTP/1.1 403 Forbidden x-amz-bucket-region: us-east-1 x-amz-request-id: 7B3WF90PGN6J8F2 x-amz-id-2: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY Date: Tue, 06 May 2025 21:55:02 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/HeadBucket) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/HeadBucket) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/HeadBucket) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/HeadBucket) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/HeadBucket) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/HeadBucket) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/HeadBucket) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/HeadBucket) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/HeadBucket) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/HeadBucket) # HeadObject The `HEAD` operation retrieves metadata from an object without returning the object itself. This operation is useful if you're interested only in an object's metadata. **Note** A `HEAD` request has the same options as a `GET` operation on an object. The response is identical to the `GET` response except that there is no response body. Because of this, if the `HEAD` request generates an error, it returns a generic code, such as `400 Bad Request`, `403 Forbidden`, `404 Not Found`, `405 Method Not Allowed`, `412 Precondition Failed`, or `304 Not Modified`. It's not possible to retrieve the exact exception of these error codes. Request headers are limited to 8 KB in size. For more information, see [Common Request Headers](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html). Permissions + **General purpose bucket permissions** - To use `HEAD`, you must have the `s3:GetObject` permission. You need the relevant read object (or version) permission for this operation. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) in the *Amazon S3 User Guide*. For more information about the permissions to S3 API operations by S3 resource types, see [Required permissions for Amazon S3 API operations](/AmazonS3/latest/userguide/using-with-s3-policy-actions.html) in the *Amazon S3 User Guide*. If the object you request doesn't exist, the error that Amazon S3 returns depends on whether you also have the `s3:ListBucket` permission. + If you have the `s3:ListBucket` permission on the bucket, Amazon S3 returns an HTTP status code `404 Not Found` error. + If you don’t have the `s3:ListBucket` permission, Amazon S3 returns an HTTP status code `403 Forbidden` error. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). If you enable `x-amz-checksum-mode` in the request and the object is encrypted with AWS Key Management Service (AWS KMS), you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key to retrieve the checksum of the object. Encryption Encryption request headers, like `x-amz-server-side-encryption`, should not be sent for `HEAD` requests if your object uses server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), dual-layer server-side encryption with AWS KMS keys (DSSE-KMS), or server-side encryption with Amazon S3 managed encryption keys (SSE-S3). The `x-amz-server-side-encryption` header is used when you `PUT` an object to S3 and want to specify the encryption method. If you include this header in a `HEAD` request for an object that uses these types of keys, you’ll get an HTTP `400 Bad Request` error. It's because the encryption method can't be changed when you retrieve the object. If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve the metadata from the object, you must use the following headers to provide the encryption key for the server to be able to retrieve the object's metadata. The headers are: + `x-amz-server-side-encryption-customer-algorithm` + `x-amz-server-side-encryption-customer-key` + `x-amz-server-side-encryption-customer-key-MD5` For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. **Directory bucket ** - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. Versioning + If the current version of the object is a delete marker, Amazon S3 behaves as if the object was deleted and includes `x-amz-delete-marker: true` in the response. + If the specified version is a delete marker, the response returns a `405 Method Not Allowed` error and the `Last-Modified: timestamp` response header. + **Directory buckets** - Delete marker is not supported for directory buckets. + **Directory buckets** - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the `null` value of the version ID is supported by directory buckets. You can only specify `null` to the `versionId` query parameter in the request. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. The following actions are related to `HeadObject`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [GetObjectAttributes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` HEAD /Key+?partNumber=PartNumber&response-cache-control=ResponseCacheControl&response-content-disposition=ResponseContentDisposition&response-content-encoding=ResponseContentEncoding&response-content-language=ResponseContentLanguage&response-content-type=ResponseContentType&response-expires=ResponseExpires&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com If-Match: IfMatch If-Modified-Since: IfModifiedSince If-None-Match: IfNoneMatch If-Unmodified-Since: IfUnmodifiedSince Range: Range x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-checksum-mode: ChecksumMode ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_HeadObject_RequestSyntax) ** The name of the bucket that contains the object. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [If-Match](#API_HeadObject_RequestSyntax) ** Return the object only if its entity tag (ETag) is the same as the one specified; otherwise, return a 412 (precondition failed) error. If both of the `If-Match` and `If-Unmodified-Since` headers are present in the request as follows: + `If-Match` condition evaluates to `true`, and; + `If-Unmodified-Since` condition evaluates to `false`; Then Amazon S3 returns `200 OK` and the data requested. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [If-Modified-Since](#API_HeadObject_RequestSyntax) ** Return the object only if it has been modified since the specified time; otherwise, return a 304 (not modified) error. If both of the `If-None-Match` and `If-Modified-Since` headers are present in the request as follows: + `If-None-Match` condition evaluates to `false`, and; + `If-Modified-Since` condition evaluates to `true`; Then Amazon S3 returns the `304 Not Modified` response code. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [If-None-Match](#API_HeadObject_RequestSyntax) ** Return the object only if its entity tag (ETag) is different from the one specified; otherwise, return a 304 (not modified) error. If both of the `If-None-Match` and `If-Modified-Since` headers are present in the request as follows: + `If-None-Match` condition evaluates to `false`, and; + `If-Modified-Since` condition evaluates to `true`; Then Amazon S3 returns the `304 Not Modified` response code. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [If-Unmodified-Since](#API_HeadObject_RequestSyntax) ** Return the object only if it has not been modified since the specified time; otherwise, return a 412 (precondition failed) error. If both of the `If-Match` and `If-Unmodified-Since` headers are present in the request as follows: + `If-Match` condition evaluates to `true`, and; + `If-Unmodified-Since` condition evaluates to `false`; Then Amazon S3 returns `200 OK` and the data requested. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232). ** [Key](#API_HeadObject_RequestSyntax) ** The object key. Length Constraints: Minimum length of 1. Required: Yes ** [partNumber](#API_HeadObject_RequestSyntax) ** Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' HEAD request for the part specified. Useful querying about the size of the part and the number of parts in this object. ** [Range](#API_HeadObject_RequestSyntax) ** HeadObject returns only the metadata for an object. If the Range is satisfiable, only the `ContentLength` is affected in the response. If the Range is not satisfiable, S3 returns a `416 - Requested Range Not Satisfiable` error. ** [response-cache-control](#API_HeadObject_RequestSyntax) ** Sets the `Cache-Control` header of the response. ** [response-content-disposition](#API_HeadObject_RequestSyntax) ** Sets the `Content-Disposition` header of the response. ** [response-content-encoding](#API_HeadObject_RequestSyntax) ** Sets the `Content-Encoding` header of the response. ** [response-content-language](#API_HeadObject_RequestSyntax) ** Sets the `Content-Language` header of the response. ** [response-content-type](#API_HeadObject_RequestSyntax) ** Sets the `Content-Type` header of the response. ** [response-expires](#API_HeadObject_RequestSyntax) ** Sets the `Expires` header of the response. ** [versionId](#API_HeadObject_RequestSyntax) ** Version ID used to reference a specific version of the object. For directory buckets in this API operation, only the `null` value of the version ID is supported. ** [x-amz-checksum-mode](#API_HeadObject_RequestSyntax) ** To retrieve the checksum, this parameter must be enabled. **General purpose buckets** - If you enable checksum mode and the object is uploaded with a [checksum](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html) and encrypted with an AWS Key Management Service (AWS KMS) key, you must have permission to use the `kms:Decrypt` action to retrieve the checksum. **Directory buckets** - If you enable `ChecksumMode` and the object is encrypted with AWS Key Management Service (AWS KMS), you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key to retrieve the checksum of the object. Valid Values: `ENABLED` ** [x-amz-expected-bucket-owner](#API_HeadObject_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_HeadObject_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption-customer-algorithm](#API_HeadObject_RequestSyntax) ** Specifies the algorithm to use when encrypting the object (for example, AES256). This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_HeadObject_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm` header. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_HeadObject_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported for directory buckets. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-delete-marker: DeleteMarker accept-ranges: AcceptRanges x-amz-expiration: Expiration x-amz-restore: Restore x-amz-archive-status: ArchiveStatus Last-Modified: LastModified Content-Length: ContentLength x-amz-checksum-crc32: ChecksumCRC32 x-amz-checksum-crc32c: ChecksumCRC32C x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-checksum-sha1: ChecksumSHA1 x-amz-checksum-sha256: ChecksumSHA256 x-amz-checksum-type: ChecksumType ETag: ETag x-amz-missing-meta: MissingMeta x-amz-version-id: VersionId Cache-Control: CacheControl Content-Disposition: ContentDisposition Content-Encoding: ContentEncoding Content-Language: ContentLanguage Content-Type: ContentType Content-Range: ContentRange Expires: Expires x-amz-website-redirect-location: WebsiteRedirectLocation x-amz-server-side-encryption: ServerSideEncryption x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-storage-class: StorageClass x-amz-request-charged: RequestCharged x-amz-replication-status: ReplicationStatus x-amz-mp-parts-count: PartsCount x-amz-tagging-count: TagCount x-amz-object-lock-mode: ObjectLockMode x-amz-object-lock-retain-until-date: ObjectLockRetainUntilDate x-amz-object-lock-legal-hold: ObjectLockLegalHoldStatus ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [accept-ranges](#API_HeadObject_ResponseSyntax) ** Indicates that a range of bytes was specified. ** [Cache-Control](#API_HeadObject_ResponseSyntax) ** Specifies caching behavior along the request/reply chain. ** [Content-Disposition](#API_HeadObject_ResponseSyntax) ** Specifies presentational information for the object. ** [Content-Encoding](#API_HeadObject_ResponseSyntax) ** Indicates what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. ** [Content-Language](#API_HeadObject_ResponseSyntax) ** The language the content is in. ** [Content-Length](#API_HeadObject_ResponseSyntax) ** Size of the body in bytes. ** [Content-Range](#API_HeadObject_ResponseSyntax) ** The portion of the object returned in the response for a `GET` request. ** [Content-Type](#API_HeadObject_ResponseSyntax) ** A standard MIME type describing the format of the object data. ** [ETag](#API_HeadObject_ResponseSyntax) ** An entity tag (ETag) is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. ** [Expires](#API_HeadObject_ResponseSyntax) ** The date and time at which the object is no longer cacheable. ** [Last-Modified](#API_HeadObject_ResponseSyntax) ** Date and time when the object was last modified. ** [x-amz-archive-status](#API_HeadObject_ResponseSyntax) ** The archive state of the head object. This functionality is not supported for directory buckets. Valid Values: `ARCHIVE_ACCESS | DEEP_ARCHIVE_ACCESS` ** [x-amz-checksum-crc32](#API_HeadObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32 checksum` of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc32c](#API_HeadObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32C` checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc64nvme](#API_HeadObject_ResponseSyntax) ** The Base64 encoded, 64-bit `CRC64NVME` checksum of the object. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). ** [x-amz-checksum-sha1](#API_HeadObject_ResponseSyntax) ** The Base64 encoded, 160-bit `SHA1` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha256](#API_HeadObject_ResponseSyntax) ** The Base64 encoded, 256-bit `SHA256` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-type](#API_HeadObject_ResponseSyntax) ** The checksum type, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. You can use this header response to verify that the checksum type that is received is the same checksum type that was specified in `CreateMultipartUpload` request. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). Valid Values: `COMPOSITE | FULL_OBJECT` ** [x-amz-delete-marker](#API_HeadObject_ResponseSyntax) ** Specifies whether the object retrieved was (true) or was not (false) a Delete Marker. If false, this response header does not appear in the response. This functionality is not supported for directory buckets. ** [x-amz-expiration](#API_HeadObject_ResponseSyntax) ** If the object expiration is configured (see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), the response includes this header. It includes the `expiry-date` and `rule-id` key-value pairs providing object expiration information. The value of the `rule-id` is URL-encoded. Object expiration information is not returned in directory buckets and this header returns the value "`NotImplemented`" in all responses for directory buckets. ** [x-amz-missing-meta](#API_HeadObject_ResponseSyntax) ** This is set to the number of metadata entries not returned in `x-amz-meta` headers. This can happen if you create metadata using an API like SOAP that supports more flexible metadata than the REST API. For example, using SOAP, you can create metadata whose values are not legal HTTP headers. This functionality is not supported for directory buckets. ** [x-amz-mp-parts-count](#API_HeadObject_ResponseSyntax) ** The count of parts this object has. This value is only returned if you specify `partNumber` in your request and the object was uploaded as a multipart upload. ** [x-amz-object-lock-legal-hold](#API_HeadObject_ResponseSyntax) ** Specifies whether a legal hold is in effect for this object. This header is only returned if the requester has the `s3:GetObjectLegalHold` permission. This header is not returned if the specified version of this object has never had a legal hold applied. For more information about S3 Object Lock, see [Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). This functionality is not supported for directory buckets. Valid Values: `ON | OFF` ** [x-amz-object-lock-mode](#API_HeadObject_ResponseSyntax) ** The Object Lock mode, if any, that's in effect for this object. This header is only returned if the requester has the `s3:GetObjectRetention` permission. For more information about S3 Object Lock, see [Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). This functionality is not supported for directory buckets. Valid Values: `GOVERNANCE | COMPLIANCE` ** [x-amz-object-lock-retain-until-date](#API_HeadObject_ResponseSyntax) ** The date and time when the Object Lock retention period expires. This header is only returned if the requester has the `s3:GetObjectRetention` permission. This functionality is not supported for directory buckets. ** [x-amz-replication-status](#API_HeadObject_ResponseSyntax) ** Amazon S3 can return this header if your request involves a bucket that is either a source or a destination in a replication rule. In replication, you have a source bucket on which you configure replication and destination bucket or buckets where Amazon S3 stores object replicas. When you request an object (`GetObject`) or object metadata (`HeadObject`) from these buckets, Amazon S3 will return the `x-amz-replication-status` header in the response as follows: + **If requesting an object from the source bucket**, Amazon S3 will return the `x-amz-replication-status` header if the object in your request is eligible for replication. For example, suppose that in your replication configuration, you specify object prefix `TaxDocs` requesting Amazon S3 to replicate objects with key prefix `TaxDocs`. Any objects you upload with this key name prefix, for example `TaxDocs/document1.pdf`, are eligible for replication. For any object request with this key name prefix, Amazon S3 will return the `x-amz-replication-status` header with value PENDING, COMPLETED or FAILED indicating object replication status. + **If requesting an object from a destination bucket**, Amazon S3 will return the `x-amz-replication-status` header with value REPLICA if the object in your request is a replica that Amazon S3 created and there is no replica modification replication in progress. + **When replicating objects to multiple destination buckets**, the `x-amz-replication-status` header acts differently. The header of the source object will only return a value of COMPLETED when replication is successful to all destinations. The header will remain at value PENDING until replication has completed for all destinations. If one or more destinations fails replication the header will return FAILED. For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). This functionality is not supported for directory buckets. Valid Values: `COMPLETE | PENDING | FAILED | REPLICA | COMPLETED` ** [x-amz-request-charged](#API_HeadObject_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-restore](#API_HeadObject_ResponseSyntax) ** If the object is an archived object (an object whose storage class is GLACIER), the response includes this header if either the archive restoration is in progress (see [RestoreObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) or an archive copy is already restored. If an archive copy is already restored, the header value indicates when Amazon S3 is scheduled to delete the object copy. For example: `x-amz-restore: ongoing-request="false", expiry-date="Fri, 21 Dec 2012 00:00:00 GMT"` If the object restoration is in progress, the header returns the value `ongoing-request="true"`. For more information about archiving objects, see [Transitioning Objects: General Considerations](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations). This functionality is not supported for directory buckets. Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. ** [x-amz-server-side-encryption](#API_HeadObject_ResponseSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_HeadObject_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_HeadObject_ResponseSyntax) ** Indicates whether the object uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-server-side-encryption-customer-algorithm](#API_HeadObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_HeadObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key. This functionality is not supported for directory buckets. ** [x-amz-storage-class](#API_HeadObject_ResponseSyntax) ** Provides storage class information of the object. Amazon S3 returns this header for all objects except for S3 Standard storage class objects. For more information, see [Storage Classes](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html). **Directory buckets ** - Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` ** [x-amz-tagging-count](#API_HeadObject_ResponseSyntax) ** The number of tags, if any, on the object, when you have the relevant permission to read object tags. You can use [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) to retrieve the tag set associated with an object. This functionality is not supported for directory buckets. ** [x-amz-version-id](#API_HeadObject_ResponseSyntax) ** Version ID of the object. This functionality is not supported for directory buckets. ** [x-amz-website-redirect-location](#API_HeadObject_ResponseSyntax) ** If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. This functionality is not supported for directory buckets. ## Errors ** NoSuchKey ** The specified key does not exist. HTTP Status Code: 404 ## Examples ### Sample Request for general purpose buckets The following request returns the metadata of an object. ``` HEAD /my-image.jpg HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: AWS AKIAIOSFODNN7EXAMPLE:02236Q3V0RonhpaBX5sCYVf1bNRuU= ``` ### Sample Response for general purpose buckets This example illustrates one usage of HeadObject. ``` HTTP/1.1 200 OK x-amz-id-2: ef8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC143432E5 x-amz-version-id: 3HL4kqtJlcpXroDTDmjVBH40Nrjfkd Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT ETag: "fba9dede5f27731c9771645a39863328" Content-Length: 434234 Content-Type: text/plain Connection: close Server: AmazonS3 ``` ### Sample Response for general purpose buckets: With an expiration tag If the object is scheduled to expire according to a lifecycle configuration set on the bucket, the response returns the `x-amz-expiration` tag with information about when Amazon S3 will delete the object. For more information, see [Transitioning Objects: General Considerations](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations). ``` HTTP/1.1 200 OK x-amz-id-2: azQRZtQJ2m1P8R+TIsG9h0VuC/DmiSJmjXUMq7snk+LKSJeurtmfzSlGhR46GzSJ x-amz-request-id: 0EFF61CCE3F24A26 Date: Mon, 17 Dec 2012 02:26:39 GMT Last-Modified: Mon, 17 Dec 2012 02:14:10 GMT x-amz-expiration: expiry-date="Fri, 21 Dec 2012 00:00:00 GMT", rule-id="Rule for testfile.txt" ETag: "54b0c58c7ce9f2a8b551351102ee0938" Accept-Ranges: bytes Content-Type: text/plain Content-Length: 14 Server: AmazonS3 ``` ### Sample Request for general purpose buckets: Getting metadata from a specified version of an object The following request returns the metadata of the specified version of an object. ``` HEAD /my-image.jpg?versionId=3HL4kqCxf3vjVBH40Nrjfkd HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: AWS AKIAIOSFODNN7EXAMPLE:02236Q3V0WpaBX5sCYVf1bNRuU= ``` ### Sample Response for general purpose buckets: To a versioned HEAD request This example illustrates one usage of HeadObject. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8epIszj7UDNEHGran x-amz-request-id: 318BC8BC143432E5 x-amz-version-id: 3HL4kqtJlcpXrof3vjVBH40Nrjfkd Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT ETag: "fba9dede5f27731c9771645a39863328" Content-Length: 434234 Content-Type: text/plain Connection: close Server: AmazonS3 ``` ### Sample Request for general purpose buckets: For an S3 Glacier object For an archived object, the `x-amz-restore` header provides the date when the restored copy expires, as shown in the following response. Even if the object is stored in S3 Glacier, all object metadata is still available. ``` HEAD /my-image.jpg HTTP/1.1 Host: bucket.s3..amazonaws.com Date: 13 Nov 2012 00:28:38 GMT Authorization: AWS AKIAIOSFODNN7EXAMPLE:02236Q3V0RonhpaBX5sCYVf1bNRuU= ``` ### Sample Response for general purpose buckets: S3 Glacier object If the object is already restored, the `x-amz-restore` header provides the date when the restored copy will expire, as shown in the following response. ``` HTTP/1.1 200 OK x-amz-id-2: FSVaTMjrmBp3Izs1NnwBZeu7M19iI8UbxMbi0A8AirHANJBo+hEftBuiESACOMJp x-amz-request-id: E5CEFCB143EB505A Date: Tue, 13 Nov 2012 00:28:38 GMT Last-Modified: Mon, 15 Oct 2012 21:58:07 GMT x-amz-restore: ongoing-request="false", expiry-date="Wed, 07 Nov 2012 00:00:00 GMT" ETag: "1accb31fcf202eba0c0f41fa2f09b4d7" Accept-Ranges: bytes Content-Type: binary/octet-stream Content-Length: 300 Server: AmazonS3 ``` ### Sample Response for general purpose buckets: In-progress restoration If the restoration is in progress, the `x-amz-restore` header returns a message accordingly. ``` HTTP/1.1 200 OK x-amz-id-2: b+V2mDiMHTdy1myoUBpctvmJl95H9U/OSUm/jRtHxjh0+pCk5SvByL4xu2TDv4GM x-amz-request-id: E2E7B6AEE4E9BD2B Date: Tue, 13 Nov 2012 00:43:32 GMT Last-Modified: Sat, 20 Oct 2012 21:28:27 GMT x-amz-restore: ongoing-request="true" ETag: "1accb31fcf202eba0c0f41fa2f09b4d7" Accept-Ranges: bytes Content-Type: binary/octet-stream Content-Length: 300 Server: AmazonS3 ``` ### Sample Response for general purpose buckets: Object archived using S3 Intelligent-Tiering If an object is stored using the S3 Intelligent-Tiering storage class and is currently in one of the archive tiers, then this action shows the current tier using the `x-amz-archive-status` header. ``` HTTP/1.1 200 OK x-amz-id-2: FSVaTMjrmBp3Izs1NnwBZeu7M19iI8UbxMbi0A8AirHANJBo+hEftBuiESACOMJp x-amz-request-id: E5CEFCB143EB505A Date: Fri, 13 Nov 2020 00:28:38 GMT Last-Modified: Mon, 15 Oct 2012 21:58:07 GMT ETag: "1accb31fcf202eba0c0f41fa2f09b4d7" x-amz-storage-class: 'INTELLIGENT_TIERING' x-amz-archive-status: 'ARCHIVE_ACCESS' Accept-Ranges: bytes Content-Type: binary/octet-stream Content-Length: 300 Server: AmazonS3 ``` ### Sample Response for general purpose buckets: Object archived using S3 Intelligent-Tiering with restore in progress If an object is stored using the S3 Intelligent-Tiering storage class and is currently in the process of being restored from one of the archive tiers, then this action shows the current tier using the `x-amz-archive-status` header and the current restore status using the `x-amz-restore` header. ``` HTTP/1.1 200 OK x-amz-id-2: FSVaTMjrmBp3Izs1NnwBZeu7M19iI8UbxMbi0A8AirHANJBo+hEftBuiESACOMJp x-amz-request-id: E5CEFCB143EB505A Date: Fri, 13 Nov 2020 00:28:38 GMT Last-Modified: Mon, 15 Oct 2012 21:58:07 GMT ETag: "1accb31fcf202eba0c0f41fa2f09b4d7" x-amz-storage-class: 'INTELLIGENT_TIERING' x-amz-archive-status: 'ARCHIVE_ACCESS' x-amz-restore: 'ongoing-request="true"' x-amz-restore-request-date: 'Fri, 13 Nov 2020 00:20:00 GMT' Accept-Ranges: bytes Content-Type: binary/octet-stream Content-Length: 300 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/HeadObject) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/HeadObject) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/HeadObject) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/HeadObject) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/HeadObject) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/HeadObject) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/HeadObject) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/HeadObject) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/HeadObject) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/HeadObject) # ListBucketAnalyticsConfigurations **Note** This operation is not supported for directory buckets. Lists the analytics configurations for the bucket. You can have up to 1,000 analytics configurations per bucket. This action supports list pagination and does not return more than 100 configurations at a time. You should always check the `IsTruncated` element in the response. If there are no more configurations to list, `IsTruncated` is set to false. If there are more configurations to list, `IsTruncated` is set to true, and there will be a value in `NextContinuationToken`. You use the `NextContinuationToken` value to continue the pagination of the list by passing the value in continuation-token in the request to `GET` the next page. To use this operation, you must have permissions to perform the `s3:GetAnalyticsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). For information about Amazon S3 analytics feature, see [Amazon S3 Analytics – Storage Class Analysis](https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html). The following operations are related to `ListBucketAnalyticsConfigurations`: + [GetBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) + [DeleteBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) + [PutBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?analytics&continuation-token=ContinuationToken HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListBucketAnalyticsConfigurations_RequestSyntax) ** The name of the bucket from which analytics configurations are retrieved. Required: Yes ** [continuation-token](#API_ListBucketAnalyticsConfigurations_RequestSyntax) ** The `ContinuationToken` that represents a placeholder from where this request should begin. ** [x-amz-expected-bucket-owner](#API_ListBucketAnalyticsConfigurations_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 boolean string string string string string ... string string string string string string string string string ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ListBucketAnalyticsConfigurationResult](#API_ListBucketAnalyticsConfigurations_ResponseSyntax) ** Root level tag for the ListBucketAnalyticsConfigurationResult parameters. Required: Yes ** [AnalyticsConfiguration](#API_ListBucketAnalyticsConfigurations_ResponseSyntax) ** The list of analytics configurations for a bucket. Type: Array of [AnalyticsConfiguration](API_AnalyticsConfiguration.md) data types ** [ContinuationToken](#API_ListBucketAnalyticsConfigurations_ResponseSyntax) ** The marker that is used as a starting point for this analytics configuration list response. This value is present if it was sent in the request. Type: String ** [IsTruncated](#API_ListBucketAnalyticsConfigurations_ResponseSyntax) ** Indicates whether the returned list of analytics configurations is complete. A value of true indicates that the list is not complete and the NextContinuationToken will be provided for a subsequent request. Type: Boolean ** [NextContinuationToken](#API_ListBucketAnalyticsConfigurations_ResponseSyntax) ** `NextContinuationToken` is sent when `isTruncated` is true, which indicates that there are more analytics configurations to list. The next request must include this `NextContinuationToken`. The token is obfuscated and is not a usable value. Type: String ## Examples ### Sample Request Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` GET /?analytics HTTP/1.1 Host: example-bucket.s3..amazonaws.com x-amz-date: 20160430T233541Z Authorization: authorization string ``` ### Sample Response This example illustrates one usage of ListBucketAnalyticsConfigurations. ``` HTTP/1.1 200 OK x-amz-id-2: gyB+3jRPnrkN98ZajxHXr3u7EFM67bNgSAxexeEHndCX/7GRnfTXxReKUQF28IfP x-amz-request-id: 3B3C7C725673C630 Date: Sat, 30 Apr 2016 23:29:37 GMT Content-Length: length Server: AmazonS3 list1 images/ dog corgi V_1 CSV 123456789012 arn:aws:s3:::destination-bucket destination-prefix report1 images/ dog bulldog V_1 CSV 123456789012 arn:aws:s3:::destination-bucket destination-prefix ... false ... true ... ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListBucketAnalyticsConfigurations) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListBucketAnalyticsConfigurations) # ListBucketIntelligentTieringConfigurations **Note** This operation is not supported for directory buckets. Lists the S3 Intelligent-Tiering configuration from the specified bucket. The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities. The S3 Intelligent-Tiering storage class is the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class. For more information, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). Operations related to `ListBucketIntelligentTieringConfigurations` include: + [DeleteBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) + [PutBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) + [GetBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?intelligent-tiering&continuation-token=ContinuationToken HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListBucketIntelligentTieringConfigurations_RequestSyntax) ** The name of the Amazon S3 bucket whose configuration you want to modify or retrieve. Required: Yes ** [continuation-token](#API_ListBucketIntelligentTieringConfigurations_RequestSyntax) ** The `ContinuationToken` that represents a placeholder from where this request should begin. ** [x-amz-expected-bucket-owner](#API_ListBucketIntelligentTieringConfigurations_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 boolean string string string string string ... string string string string string string integer ... ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ListBucketIntelligentTieringConfigurationsOutput](#API_ListBucketIntelligentTieringConfigurations_ResponseSyntax) ** Root level tag for the ListBucketIntelligentTieringConfigurationsOutput parameters. Required: Yes ** [ContinuationToken](#API_ListBucketIntelligentTieringConfigurations_ResponseSyntax) ** The `ContinuationToken` that represents a placeholder from where this request should begin. Type: String ** [IntelligentTieringConfiguration](#API_ListBucketIntelligentTieringConfigurations_ResponseSyntax) ** The list of S3 Intelligent-Tiering configurations for a bucket. Type: Array of [IntelligentTieringConfiguration](API_IntelligentTieringConfiguration.md) data types ** [IsTruncated](#API_ListBucketIntelligentTieringConfigurations_ResponseSyntax) ** Indicates whether the returned list of analytics configurations is complete. A value of `true` indicates that the list is not complete and the `NextContinuationToken` will be provided for a subsequent request. Type: Boolean ** [NextContinuationToken](#API_ListBucketIntelligentTieringConfigurations_ResponseSyntax) ** The marker used to continue this inventory configuration listing. Use the `NextContinuationToken` from this response to continue the listing in a subsequent request. The continuation token is an opaque value that Amazon S3 understands. Type: String ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListBucketIntelligentTieringConfigurations) # ListBucketInventoryConfigurations **Note** This operation is not supported for directory buckets. Returns a list of S3 Inventory configurations for the bucket. You can have up to 1,000 inventory configurations per bucket. This action supports list pagination and does not return more than 100 configurations at a time. Always check the `IsTruncated` element in the response. If there are no more configurations to list, `IsTruncated` is set to false. If there are more configurations to list, `IsTruncated` is set to true, and there is a value in `NextContinuationToken`. You use the `NextContinuationToken` value to continue the pagination of the list by passing the value in continuation-token in the request to `GET` the next page. To use this operation, you must have permissions to perform the `s3:GetInventoryConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). For information about the Amazon S3 inventory feature, see [Amazon S3 Inventory](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) The following operations are related to `ListBucketInventoryConfigurations`: + [GetBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) + [DeleteBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) + [PutBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?inventory&continuation-token=ContinuationToken HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListBucketInventoryConfigurations_RequestSyntax) ** The name of the bucket containing the inventory configurations to retrieve. Required: Yes ** [continuation-token](#API_ListBucketInventoryConfigurations_RequestSyntax) ** The marker used to continue an inventory configuration listing that has been truncated. Use the `NextContinuationToken` from a previously truncated list response to continue the listing. The continuation token is an opaque value that Amazon S3 understands. ** [x-amz-expected-bucket-owner](#API_ListBucketInventoryConfigurations_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string string

string

string string string string string boolean string string ... boolean string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ListInventoryConfigurationsResult](#API_ListBucketInventoryConfigurations_ResponseSyntax) ** Root level tag for the ListInventoryConfigurationsResult parameters. Required: Yes ** [ContinuationToken](#API_ListBucketInventoryConfigurations_ResponseSyntax) ** If sent in the request, the marker that is used as a starting point for this inventory configuration list response. Type: String ** [InventoryConfiguration](#API_ListBucketInventoryConfigurations_ResponseSyntax) ** The list of inventory configurations for a bucket. Type: Array of [InventoryConfiguration](API_InventoryConfiguration.md) data types ** [IsTruncated](#API_ListBucketInventoryConfigurations_ResponseSyntax) ** Tells whether the returned list of inventory configurations is complete. A value of true indicates that the list is not complete and the NextContinuationToken is provided for a subsequent request. Type: Boolean ** [NextContinuationToken](#API_ListBucketInventoryConfigurations_ResponseSyntax) ** The marker used to continue this inventory configuration listing. Use the `NextContinuationToken` from this response to continue the listing in a subsequent request. The continuation token is an opaque value that Amazon S3 understands. Type: String ## Examples ### Sample Request The following request returns the inventory configurations in `example-bucket`. ``` GET /?inventory HTTP/1.1 Host: example-bucket.s3..amazonaws.com x-amz-date: 20160430T233541Z Authorization: authorization string Content-Type: text/plain ``` ### Sample Response Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` HTTP/1.1 200 OK x-amz-id-2: gyB+3jRPnrkN98ZajxHXr3u7EFM67bNgSAxexeEHndCX/7GRnfTXxReKUQF28IfP x-amz-request-id: 3B3C7C725673C630 Date: Sat, 30 Apr 2016 23:29:37 GMT Content-Type: application/xml Content-Length: length Connection: close Server: AmazonS3 report1 true CSV 123456789012 arn:aws:s3:::destination-bucket prefix1 Daily prefix/One All Size LastModifiedDate ETag StorageClass IsMultipartUploaded ReplicationStatus report2 true CSV 123456789012 arn:aws:s3:::bucket2 prefix2 Daily prefix/Two All Size LastModifiedDate ETag StorageClass IsMultipartUploaded ReplicationStatus ObjectLockRetainUntilDate ObjectLockMode ObjectLockLegalHoldStatus report3 true CSV 123456789012 arn:aws:s3:::bucket3 prefix3 Daily prefix/Three All Size LastModifiedDate ETag StorageClass IsMultipartUploaded ReplicationStatus ... false ... true ... ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListBucketInventoryConfigurations) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListBucketInventoryConfigurations) # ListBucketMetricsConfigurations Lists the metrics configurations for the bucket. The metrics configurations are only for the request metrics of the bucket and do not provide information on daily storage metrics. You can have up to 1,000 configurations per bucket. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. This action supports list pagination and does not return more than 100 configurations at a time. Always check the `IsTruncated` element in the response. If there are no more configurations to list, `IsTruncated` is set to false. If there are more configurations to list, `IsTruncated` is set to true, and there is a value in `NextContinuationToken`. You use the `NextContinuationToken` value to continue the pagination of the list by passing the value in `continuation-token` in the request to `GET` the next page. Permissions To use this operation, you must have permissions to perform the `s3:GetMetricsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **General purpose bucket permissions** - The `s3:GetMetricsConfiguration` permission is required in a policy. For more information about general purpose buckets permissions, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:GetMetricsConfiguration` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. For more information about metrics configurations and CloudWatch request metrics, see [Monitoring Metrics with Amazon CloudWatch](https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). The following operations are related to `ListBucketMetricsConfigurations`: + [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) + [GetBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) + [DeleteBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?metrics&continuation-token=ContinuationToken HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListBucketMetricsConfigurations_RequestSyntax) ** The name of the bucket containing the metrics configurations to retrieve. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [continuation-token](#API_ListBucketMetricsConfigurations_RequestSyntax) ** The marker that is used to continue a metrics configuration listing that has been truncated. Use the `NextContinuationToken` from a previously truncated list response to continue the listing. The continuation token is an opaque value that Amazon S3 understands. ** [x-amz-expected-bucket-owner](#API_ListBucketMetricsConfigurations_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 boolean string string string string string string string ... string string string string ... ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ListMetricsConfigurationsResult](#API_ListBucketMetricsConfigurations_ResponseSyntax) ** Root level tag for the ListMetricsConfigurationsResult parameters. Required: Yes ** [ContinuationToken](#API_ListBucketMetricsConfigurations_ResponseSyntax) ** The marker that is used as a starting point for this metrics configuration list response. This value is present if it was sent in the request. Type: String ** [IsTruncated](#API_ListBucketMetricsConfigurations_ResponseSyntax) ** Indicates whether the returned list of metrics configurations is complete. A value of true indicates that the list is not complete and the NextContinuationToken will be provided for a subsequent request. Type: Boolean ** [MetricsConfiguration](#API_ListBucketMetricsConfigurations_ResponseSyntax) ** The list of metrics configurations for a bucket. Type: Array of [MetricsConfiguration](API_MetricsConfiguration.md) data types ** [NextContinuationToken](#API_ListBucketMetricsConfigurations_ResponseSyntax) ** The marker used to continue a metrics configuration listing that has been truncated. Use the `NextContinuationToken` from a previously truncated list response to continue the listing. The continuation token is an opaque value that Amazon S3 understands. Type: String ## Examples ### Sample Request Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` GET /?metrics HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2016 00:17:21 GMT Authorization: signatureValue ``` ### Sample Response Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 758 EntireBucket Documents documents/ BlueDocuments documents/ class blue false ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListBucketMetricsConfigurations) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListBucketMetricsConfigurations) # ListBuckets **Note** This operation is not supported for directory buckets. Returns a list of all buckets owned by the authenticated sender of the request. To grant IAM permission to use this operation, you must add the `s3:ListAllMyBuckets` policy action. For information about Amazon S3 buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html). **Important** We strongly recommend using only paginated `ListBuckets` requests. Unpaginated `ListBuckets` requests are only supported for AWS accounts set to the default general purpose bucket quota of 10,000. If you have an approved general purpose bucket quota above 10,000, you must send paginated `ListBuckets` requests to list your account’s buckets. All unpaginated `ListBuckets` requests will be rejected for AWS accounts with a general purpose bucket quota greater than 10,000. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?bucket-region=BucketRegion&continuation-token=ContinuationToken&max-buckets=MaxBuckets&prefix=Prefix HTTP/1.1 Host: s3.amazonaws.com ``` ## URI Request Parameters The request uses the following URI parameters. ** [bucket-region](#API_ListBuckets_RequestSyntax) ** Limits the response to buckets that are located in the specified AWS Region. The AWS Region must be expressed according to the AWS Region code, such as `us-west-2` for the US West (Oregon) Region. For a list of the valid values for all of the AWS Regions, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region). Requests made to a Regional endpoint that is different from the `bucket-region` parameter are not supported. For example, if you want to limit the response to your buckets in Region `us-west-2`, the request must be made to an endpoint in Region `us-west-2`. ** [continuation-token](#API_ListBuckets_RequestSyntax) ** `ContinuationToken` indicates to Amazon S3 that the list is being continued on this bucket with a token. `ContinuationToken` is obfuscated and is not a real key. You can use this `ContinuationToken` for pagination of the list results. Length Constraints: Minimum length of 0. Maximum length of 1024. Required: No. If you specify the `bucket-region`, `prefix`, or `continuation-token` query parameters without using `max-buckets` to set the maximum number of buckets returned in the response, Amazon S3 applies a default page size of 10,000 and provides a continuation token if there are more buckets. ** [max-buckets](#API_ListBuckets_RequestSyntax) ** Maximum number of buckets to be returned in response. When the number is more than the count of buckets that are owned by an AWS account, return all the buckets in response. Valid Range: Minimum value of 1. Maximum value of 10000. ** [prefix](#API_ListBuckets_RequestSyntax) ** Limits the response to bucket names that begin with the specified bucket name prefix. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string timestamp string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ListAllMyBucketsResult](#API_ListBuckets_ResponseSyntax) ** Root level tag for the ListAllMyBucketsResult parameters. Required: Yes ** [Buckets](#API_ListBuckets_ResponseSyntax) ** The list of buckets owned by the requester. Type: Array of [Bucket](API_Bucket.md) data types ** [ContinuationToken](#API_ListBuckets_ResponseSyntax) ** `ContinuationToken` is included in the response when there are more buckets that can be listed with pagination. The next `ListBuckets` request to Amazon S3 can be continued with this `ContinuationToken`. `ContinuationToken` is obfuscated and is not a real bucket. Type: String ** [Owner](#API_ListBuckets_ResponseSyntax) ** The owner of the buckets listed. Type: [Owner](API_Owner.md) data type ** [Prefix](#API_ListBuckets_ResponseSyntax) ** If `Prefix` was sent with the request, it is included in the response. All bucket names in the response begin with the specified bucket name prefix. Type: String ## Examples ### Example 1: Unpaginated ListBuckets request This example lists all the buckets in your account in a single unpaginated response. Unpaginated requests are only supported for AWS accounts that have the default service quota of 10,000 buckets. If you have an approved general purpose bucket quota that is greater than 10,000 buckets, all unpaginated requests will be rejected for your account. ``` GET / host:s3.us-east-2.amazonaws.com HTTP/1.1 ``` ``` HTTP/1.1 200 OK 2019-12-11T23:32:47+00:00 amzn-s3-demo-bucket 2019-11-10T23:32:13+00:00 amzn-s3-demo-bucket1 AIDACKCEVSQ6C2EXAMPLE ``` ### Example 2: Paginated ListBuckets request The following example request lists all buckets in your account using pagination. It gets the first page of results with the page size set to 1000 buckets. The response returns a `ContinuationToken` that is used in **Example 3** to list the next 1000 buckets. ``` GET /?max-buckets=1000&host:s3.us-east-2.amazonaws.com HTTP/1.1 ``` ``` HTTP/1.1 200 OK 2024-11-14T23:32:47+00:00 amzn-s3-demo-bucket us-east-1 2024-11-14T23:32:13+00:00 amzn-s3-demo-bucket1 us-east-2 AIDACKCEVSQ6C2EXAMPLE eyJNYXJrZXIiOiBudWxsLCAiYm90b190cnVuY2F0ZV9hbW91bnQiOiAxfQ== ``` ### Example 3: Paginated ListBuckets request with continuation token This example request uses the token returned in **Example 2** to return the next 1000 buckets. Continue until there are no more results. If you do not receive a continuation token with your initial paginated ListBuckets request, then your single paginated request returned all of the buckets in your account. ``` GET /?max-buckets=1000&continuation-token=eyJNYXJrZXIiOiBudWxsLCAiYm90b190cnVuY2F0ZV9hbW91bnQiOiAxfQ== host:s3.us-east-2.amazonaws.com HTTP/1.1 ``` ``` HTTP/1.1 200 OK 2024-11-14T23:32:47+00:00 amzn-s3-demo-bucket us-east-1 2024-11-14T23:32:13+00:00 amzn-s3-demo-bucket1 us-east-2 AIDACKCEVSQ6C2EXAMPLE eyJOZXh0VG9rZW4iOiBudWxsLCAiYm90b190cnVuY2F0ZV9hbW91bnQiEXAMPLE= ``` ### Example 4: Paginated ListBuckets request for buckets in US East (Ohio) (us-east-2) The following example lists all the buckets in your account in the `us-east-2` Region. The first paginated response will return up to 1000 buckets. Requests made to a Regional endpoint that is different from the `bucket-region` parameter are not supported. ``` GET /?bucket-region=us-east-2&max-buckets=1000 host:s3.us-east-2.amazonaws.com HTTP/1.1 ``` ``` HTTP/1.1 200 OK 2024-11-14T23:32:47+00:00 DOC-EXAMPLE-BUCKET us-east-2 2024-11-14T23:32:13+00:00 DOC-EXAMPLE-BUCKET1002 us-east-2 AIDACKCEVSQ6C2EXAMPLE eyJOZXh0VG9rZW4iOiBudWxsLCAiYm90b190cnVuY2F0ZV9hbW91bnQiEXAMPLEcd = ``` ### Example 5: Paginated ListBuckets request for buckets in your account that begin with amzn-s3-demo-bucket in US East (Ohio) (us-east-2) The following example lists all the buckets in your account located in the `us-east-2` Region that begin with the `amzn-s3-demo-bucket` bucket prefix. This request uses pagination. ``` GET /?bucket-region=us-east-2&max-buckets=1000&prefix=amzn-s3-demo-bucket host:s3.us-east-2.amazonaws.com HTTP/1.1 ``` ``` HTTP/1.1 200 OK 2024-11-14T23:32:47+00:00 amzn-s3-demo-bucket us-east-2 AIDACKCEVSQ6C2EXAMPLE amzn-s3-demo-bucket eyJOZXh0VG9rZW4iOiBudWxsLCAiYm90b190cnVuY2F0ZV9hbW91bnQiEXAMPLE= ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListBuckets) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListBuckets) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListBuckets) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListBuckets) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListBuckets) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListBuckets) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListBuckets) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListBuckets) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListBuckets) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListBuckets) # ListDirectoryBuckets Returns a list of all Amazon S3 directory buckets owned by the authenticated sender of the request. For more information about directory buckets, see [Directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions You must have the `s3express:ListAllMyDirectoryBuckets` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`. **Note** The `BucketRegion` response element is not part of the `ListDirectoryBuckets` Response Syntax. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?continuation-token=ContinuationToken&max-directory-buckets=MaxDirectoryBuckets HTTP/1.1 Host: s3.amazonaws.com ``` ## URI Request Parameters The request uses the following URI parameters. ** [continuation-token](#API_ListDirectoryBuckets_RequestSyntax) ** `ContinuationToken` indicates to Amazon S3 that the list is being continued on buckets in this account with a token. `ContinuationToken` is obfuscated and is not a real bucket name. You can use this `ContinuationToken` for the pagination of the list results. Length Constraints: Minimum length of 0. Maximum length of 1024. ** [max-directory-buckets](#API_ListDirectoryBuckets_RequestSyntax) ** Maximum number of buckets to be returned in response. When the number is more than the count of buckets that are owned by an AWS account, return all the buckets in response. Valid Range: Minimum value of 0. Maximum value of 1000. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 string string timestamp string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [ListAllMyDirectoryBucketsResult](#API_ListDirectoryBuckets_ResponseSyntax) ** Root level tag for the ListAllMyDirectoryBucketsResult parameters. Required: Yes ** [Buckets](#API_ListDirectoryBuckets_ResponseSyntax) ** The list of buckets owned by the requester. Type: Array of [Bucket](API_Bucket.md) data types ** [ContinuationToken](#API_ListDirectoryBuckets_ResponseSyntax) ** If `ContinuationToken` was sent with the request, it is included in the response. You can use the returned `ContinuationToken` for pagination of the list response. Type: String Length Constraints: Minimum length of 0. Maximum length of 1024. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListDirectoryBuckets) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListDirectoryBuckets) # ListMultipartUploads This operation lists in-progress multipart uploads in a bucket. An in-progress multipart upload is a multipart upload that has been initiated by the `CreateMultipartUpload` request, but has not yet been completed or aborted. **Note** **Directory buckets** - If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed. To delete these in-progress multipart uploads, use the `ListMultipartUploads` operation to list the in-progress multipart uploads in the bucket and use the `AbortMultipartUpload` operation to abort all the in-progress multipart uploads. The `ListMultipartUploads` operation returns a maximum of 1,000 multipart uploads in the response. The limit of 1,000 multipart uploads is also the default value. You can further limit the number of uploads in a response by specifying the `max-uploads` request parameter. If there are more than 1,000 multipart uploads that satisfy your `ListMultipartUploads` request, the response returns an `IsTruncated` element with the value of `true`, a `NextKeyMarker` element, and a `NextUploadIdMarker` element. To list the remaining multipart uploads, you need to make subsequent `ListMultipartUploads` requests. In these requests, include two query parameters: `key-marker` and `upload-id-marker`. Set the value of `key-marker` to the `NextKeyMarker` value from the previous response. Similarly, set the value of `upload-id-marker` to the `NextUploadIdMarker` value from the previous response. **Note** **Directory buckets** - The `upload-id-marker` element and the `NextUploadIdMarker` element aren't supported by directory buckets. To list the additional multipart uploads, you only need to set the value of `key-marker` to the `NextKeyMarker` value from the previous response. For more information about multipart uploads, see [Uploading Objects Using Multipart Upload](https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - For information about permissions required to use the multipart upload API, see [Multipart Upload and Permissions](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). Sorting of multipart uploads in response + **General purpose bucket** - In the `ListMultipartUploads` response, the multipart uploads are sorted based on two criteria: + Key-based sorting - Multipart uploads are initially sorted in ascending order based on their object keys. + Time-based sorting - For uploads that share the same object key, they are further sorted in ascending order based on the upload initiation time. Among uploads with the same key, the one that was initiated first will appear before the ones that were initiated later. + **Directory bucket** - In the `ListMultipartUploads` response, the multipart uploads aren't sorted lexicographically based on the object keys. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `ListMultipartUploads`: + [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) + [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) + [CompleteMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) + [AbortMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?uploads&delimiter=Delimiter&encoding-type=EncodingType&key-marker=KeyMarker&max-uploads=MaxUploads&prefix=Prefix&upload-id-marker=UploadIdMarker HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-request-payer: RequestPayer ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListMultipartUploads_RequestSyntax) ** The name of the bucket to which the multipart upload was initiated. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [delimiter](#API_ListMultipartUploads_RequestSyntax) ** Character you use to group keys. All keys that contain the same string between the prefix, if specified, and the first occurrence of the delimiter after the prefix are grouped under a single result element, `CommonPrefixes`. If you don't specify the prefix parameter, then the substring starts at the beginning of the key. The keys that are grouped under `CommonPrefixes` result element are not returned elsewhere in the response. `CommonPrefixes` is filtered out from results if it is not lexicographically greater than the key-marker. **Directory buckets** - For directory buckets, `/` is the only supported delimiter. ** [encoding-type](#API_ListMultipartUploads_RequestSyntax) ** Encoding type used by Amazon S3 to encode the [object keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) in the response. Responses are encoded only in UTF-8. An object key can contain any Unicode character. However, the XML 1.0 parser can't parse certain characters, such as characters with an ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this parameter to request that Amazon S3 encode the keys in the response. For more information about characters to avoid in object key names, see [Object key naming guidelines](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines). When using the URL encoding type, non-ASCII characters that are used in an object's key name will be percent-encoded according to UTF-8 code values. For example, the object `test_file(3).png` will appear as `test_file%283%29.png`. Valid Values: `url` ** [key-marker](#API_ListMultipartUploads_RequestSyntax) ** Specifies the multipart upload after which listing should begin. + **General purpose buckets** - For general purpose buckets, `key-marker` is an object key. Together with `upload-id-marker`, this parameter specifies the multipart upload after which listing should begin. If `upload-id-marker` is not specified, only the keys lexicographically greater than the specified `key-marker` will be included in the list. If `upload-id-marker` is specified, any multipart uploads for a key equal to the `key-marker` might also be included, provided those multipart uploads have upload IDs lexicographically greater than the specified `upload-id-marker`. + **Directory buckets** - For directory buckets, `key-marker` is obfuscated and isn't a real object key. The `upload-id-marker` parameter isn't supported by directory buckets. To list the additional multipart uploads, you only need to set the value of `key-marker` to the `NextKeyMarker` value from the previous response. In the `ListMultipartUploads` response, the multipart uploads aren't sorted lexicographically based on the object keys. ** [max-uploads](#API_ListMultipartUploads_RequestSyntax) ** Sets the maximum number of multipart uploads, from 1 to 1,000, to return in the response body. 1,000 is the maximum number of uploads that can be returned in a response. ** [prefix](#API_ListMultipartUploads_RequestSyntax) ** Lists in-progress uploads only for those keys that begin with the specified prefix. You can use prefixes to separate a bucket into different grouping of keys. (You can think of using `prefix` to make groups in the same way that you'd use a folder in a file system.) **Directory buckets** - For directory buckets, only prefixes that end in a delimiter (`/`) are supported. ** [upload-id-marker](#API_ListMultipartUploads_RequestSyntax) ** Together with key-marker, specifies the multipart upload after which listing should begin. If key-marker is not specified, the upload-id-marker parameter is ignored. Otherwise, any multipart uploads for a key equal to the key-marker might be included in the list only if they have an upload ID lexicographically greater than the specified `upload-id-marker`. This functionality is not supported for directory buckets. ** [x-amz-expected-bucket-owner](#API_ListMultipartUploads_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_ListMultipartUploads_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged string string string string string string string integer boolean string string timestamp string string string string string string string ... string ... string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_ListMultipartUploads_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [ListMultipartUploadsResult](#API_ListMultipartUploads_ResponseSyntax) ** Root level tag for the ListMultipartUploadsResult parameters. Required: Yes ** [Bucket](#API_ListMultipartUploads_ResponseSyntax) ** The name of the bucket to which the multipart upload was initiated. Does not return the access point ARN or access point alias if used. Type: String ** [CommonPrefixes](#API_ListMultipartUploads_ResponseSyntax) ** If you specify a delimiter in the request, then the result returns each distinct key prefix containing the delimiter in a `CommonPrefixes` element. The distinct key prefixes are returned in the `Prefix` child element. **Directory buckets** - For directory buckets, only prefixes that end in a delimiter (`/`) are supported. Type: Array of [CommonPrefix](API_CommonPrefix.md) data types ** [Delimiter](#API_ListMultipartUploads_ResponseSyntax) ** Contains the delimiter you specified in the request. If you don't specify a delimiter in your request, this element is absent from the response. **Directory buckets** - For directory buckets, `/` is the only supported delimiter. Type: String ** [EncodingType](#API_ListMultipartUploads_ResponseSyntax) ** Encoding type used by Amazon S3 to encode object keys in the response. If you specify the `encoding-type` request parameter, Amazon S3 includes this element in the response, and returns encoded key name values in the following response elements: `Delimiter`, `KeyMarker`, `Prefix`, `NextKeyMarker`, `Key`. Type: String Valid Values: `url` ** [IsTruncated](#API_ListMultipartUploads_ResponseSyntax) ** Indicates whether the returned list of multipart uploads is truncated. A value of true indicates that the list was truncated. The list can be truncated if the number of multipart uploads exceeds the limit allowed or specified by max uploads. Type: Boolean ** [KeyMarker](#API_ListMultipartUploads_ResponseSyntax) ** The key at or after which the listing began. Type: String ** [MaxUploads](#API_ListMultipartUploads_ResponseSyntax) ** Maximum number of multipart uploads that could have been included in the response. Type: Integer ** [NextKeyMarker](#API_ListMultipartUploads_ResponseSyntax) ** When a list is truncated, this element specifies the value that should be used for the key-marker request parameter in a subsequent request. Type: String ** [NextUploadIdMarker](#API_ListMultipartUploads_ResponseSyntax) ** When a list is truncated, this element specifies the value that should be used for the `upload-id-marker` request parameter in a subsequent request. This functionality is not supported for directory buckets. Type: String ** [Prefix](#API_ListMultipartUploads_ResponseSyntax) ** When a prefix is provided in the request, this field contains the specified prefix. The result contains only keys starting with the specified prefix. **Directory buckets** - For directory buckets, only prefixes that end in a delimiter (`/`) are supported. Type: String ** [Upload](#API_ListMultipartUploads_ResponseSyntax) ** Container for elements related to a particular multipart upload. A response can contain zero or more `Upload` elements. Type: Array of [MultipartUpload](API_MultipartUpload.md) data types ** [UploadIdMarker](#API_ListMultipartUploads_ResponseSyntax) ** Together with key-marker, specifies the multipart upload after which listing should begin. If key-marker is not specified, the upload-id-marker parameter is ignored. Otherwise, any multipart uploads for a key equal to the key-marker might be included in the list only if they have an upload ID lexicographically greater than the specified `upload-id-marker`. This functionality is not supported for directory buckets. Type: String ## Examples ### Sample Request for general purpose buckets The following request lists three multipart uploads. The request specifies the `max-uploads` request parameter to set the maximum number of multipart uploads to return in the response body. ``` GET /?uploads&max-uploads=3 HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets The following sample response indicates that the multipart upload list was truncated and provides the `NextKeyMarker` and the `NextUploadIdMarker` elements. You specify these values in your subsequent requests to read the next set of multipart uploads. That is, send a subsequent request specifying `key-marker=my-movie2.m2ts` (value of the `NextKeyMarker` element) and `upload-id-marker=YW55IGlkZWEgd2h5IGVsdmluZydzIHVwbG9hZCBmYWlsZWQ` (value of the `NextUploadIdMarker`). The sample response also shows a case of two multipart uploads in progress with the same key (`my-movie.m2ts`). That is, the response shows two uploads with the same key. This response shows the uploads sorted by key, and within each key the uploads are sorted in ascending order by the time the multipart upload was initiated. ``` HTTP/1.1 200 OK x-amz-id-2: Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT Content-Length: 1330 Connection: keep-alive Server: AmazonS3 bucket my-movie.m2ts YW55IGlkZWEgd2h5IGVsdmluZydzIHVwbG9hZCBmYWlsZWQ 3 true my-divisor XMgbGlrZSBlbHZpbmcncyBub3QgaGF2aW5nIG11Y2ggbHVjaw arn:aws:iam::111122223333:user/user1-11111a31-17b5-4fb7-9df5-b111111f13de 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD 2010-11-10T20:48:33.000Z my-movie.m2ts VXBsb2FkIElEIGZvciBlbHZpbmcncyBteS1tb3ZpZS5tMnRzIHVwbG9hZA b1d16700c70b0b05597d7acd6a3f92be b1d16700c70b0b05597d7acd6a3f92be STANDARD 2010-11-10T20:48:33.000Z my-movie.m2ts YW55IGlkZWEgd2h5IGVsdmluZydzIHVwbG9hZCBmYWlsZWQ arn:aws:iam::444455556666:user/user1-22222a31-17b5-4fb7-9df5-b222222f13de b1d16700c70b0b05597d7acd6a3f92be STANDARD 2010-11-10T20:49:33.000Z ``` ### Sample Request for general purpose buckets: Using the delimiter and the prefix parameters Assume you have a multipart upload in progress for the following keys in your bucket, `example-bucket`. + photos/2006/January/sample.jpg + photos/2006/February/sample.jpg + photos/2006/March/sample.jpg + videos/2006/March/sample.wmv + sample.jpg The following list multipart upload request specifies the delimiter parameter with value "/". ``` GET /?uploads&delimiter=/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets The following sample response lists multipart uploads on the specified bucket, `example-bucket`. The response returns multipart upload for the `sample.jpg` key in an `` element. However, because all the other keys contain the specified delimiter, a distinct substring, from the beginning of the key to the first occurrence of the delimiter, from each of these keys is returned in a element. The key substrings, `photos/` and `videos/` in the element, indicate that there are one or more in-progress multipart uploads with these key prefixes. This is a useful scenario if you use key prefixes for your objects to create a logical folder like structure. In this case, you can interpret the result as the folders `photos/` and `videos/` have one or more multipart uploads in progress. ``` example-bucket sample.jpg Agw4MJT6ZPAVxpY0SAuGN7q4uWJJM22ZYg1N99trdp4tpO88.PT6.MhO0w2E17eutfAvQfQWoajgE_W2gpcxQw-- / 1000 false sample.jpg Agw4MJT6ZPAVxpY0SAuGN7q4uWJJM22ZYg1N99trdp4tpO88.PT6.MhO0w2E17eutfAvQfQWoajgE_W2gpcxQw-- 314133b66967d86f031c7249d1d9a80249109428335cd0ef1cdc487b4566cb1b 314133b66967d86f031c7249d1d9a80249109428335cd0ef1cdc487b4566cb1b STANDARD 2010-11-26T19:24:17.000Z photos/ videos/ ``` ### Sample Request for general purpose buckets In addition to the delimiter parameter, you can filter results by adding a prefix parameter as shown in the following request. ``` GET /?uploads&delimiter=/&prefix=photos/2006/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets In this case, the response will include only multipart uploads for keys that start with the specified prefix. The value returned in the element is a substring from the beginning of the key to the first occurrence of the specified delimiter after the prefix. ``` example-bucket / photos/2006/ 1000 false photos/2006/February/ photos/2006/January/ photos/2006/March/ ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListMultipartUploads) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListMultipartUploads) # ListObjects **Note** This operation is not supported for directory buckets. Returns some or all (up to 1,000) of the objects in a bucket. You can use the request parameters as selection criteria to return a subset of the objects in a bucket. A 200 OK response can contain valid or invalid XML. Be sure to design your application to parse the contents of the response and handle it appropriately. **Important** This action has been revised. We recommend that you use the newer version, [ListObjectsV2](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html), when developing applications. For backward compatibility, Amazon S3 continues to support `ListObjects`. The following operations are related to `ListObjects`: + [ListObjectsV2](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [ListBuckets](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?delimiter=Delimiter&encoding-type=EncodingType&marker=Marker&max-keys=MaxKeys&prefix=Prefix HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-optional-object-attributes: OptionalObjectAttributes ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListObjects_RequestSyntax) ** The name of the bucket containing the objects. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [delimiter](#API_ListObjects_RequestSyntax) ** A delimiter is a character that you use to group keys. `CommonPrefixes` is filtered out from results if it is not lexicographically greater than the key-marker. ** [encoding-type](#API_ListObjects_RequestSyntax) ** Encoding type used by Amazon S3 to encode the [object keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) in the response. Responses are encoded only in UTF-8. An object key can contain any Unicode character. However, the XML 1.0 parser can't parse certain characters, such as characters with an ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this parameter to request that Amazon S3 encode the keys in the response. For more information about characters to avoid in object key names, see [Object key naming guidelines](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines). When using the URL encoding type, non-ASCII characters that are used in an object's key name will be percent-encoded according to UTF-8 code values. For example, the object `test_file(3).png` will appear as `test_file%283%29.png`. Valid Values: `url` ** [marker](#API_ListObjects_RequestSyntax) ** Marker is where you want Amazon S3 to start listing from. Amazon S3 starts listing after this specified key. Marker can be any key in the bucket. ** [max-keys](#API_ListObjects_RequestSyntax) ** Sets the maximum number of keys returned in the response. By default, the action returns up to 1,000 key names. The response might contain fewer keys but will never contain more. ** [prefix](#API_ListObjects_RequestSyntax) ** Limits the response to keys that begin with the specified prefix. ** [x-amz-expected-bucket-owner](#API_ListObjects_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-optional-object-attributes](#API_ListObjects_RequestSyntax) ** Specifies the optional fields that you want returned in the response. Fields that you do not specify are not returned. Valid Values: `RestoreStatus` ** [x-amz-request-payer](#API_ListObjects_RequestSyntax) ** Confirms that the requester knows that she or he will be charged for the list objects request. Bucket owners need not specify this parameter in their requests. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged boolean string string string ... string string string timestamp string string boolean timestamp long string ... string string string integer string ... string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_ListObjects_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [ListBucketResult](#API_ListObjects_ResponseSyntax) ** Root level tag for the ListBucketResult parameters. Required: Yes ** [CommonPrefixes](#API_ListObjects_ResponseSyntax) ** All of the keys (up to 1,000) rolled up in a common prefix count as a single return when calculating the number of returns. A response can contain `CommonPrefixes` only if you specify a delimiter. `CommonPrefixes` contains all (if there are any) keys between `Prefix` and the next occurrence of the string specified by the delimiter. `CommonPrefixes` lists keys that act like subdirectories in the directory specified by `Prefix`. For example, if the prefix is `notes/` and the delimiter is a slash (`/`), as in `notes/summer/july`, the common prefix is `notes/summer/`. All of the keys that roll up into a common prefix count as a single return when calculating the number of returns. Type: Array of [CommonPrefix](API_CommonPrefix.md) data types ** [Contents](#API_ListObjects_ResponseSyntax) ** Metadata about each object returned. Type: Array of [Object](API_Object.md) data types ** [Delimiter](#API_ListObjects_ResponseSyntax) ** Causes keys that contain the same string between the prefix and the first occurrence of the delimiter to be rolled up into a single result element in the `CommonPrefixes` collection. These rolled-up keys are not returned elsewhere in the response. Each rolled-up result counts as only one return against the `MaxKeys` value. Type: String ** [EncodingType](#API_ListObjects_ResponseSyntax) ** Encoding type used by Amazon S3 to encode the [object keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) in the response. Responses are encoded only in UTF-8. An object key can contain any Unicode character. However, the XML 1.0 parser can't parse certain characters, such as characters with an ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this parameter to request that Amazon S3 encode the keys in the response. For more information about characters to avoid in object key names, see [Object key naming guidelines](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines). When using the URL encoding type, non-ASCII characters that are used in an object's key name will be percent-encoded according to UTF-8 code values. For example, the object `test_file(3).png` will appear as `test_file%283%29.png`. Type: String Valid Values: `url` ** [IsTruncated](#API_ListObjects_ResponseSyntax) ** A flag that indicates whether Amazon S3 returned all of the results that satisfied the search criteria. Type: Boolean ** [Marker](#API_ListObjects_ResponseSyntax) ** Indicates where in the bucket listing begins. Marker is included in the response if it was sent with the request. Type: String ** [MaxKeys](#API_ListObjects_ResponseSyntax) ** The maximum number of keys returned in the response body. Type: Integer ** [Name](#API_ListObjects_ResponseSyntax) ** The bucket name. Type: String ** [NextMarker](#API_ListObjects_ResponseSyntax) ** When the response is truncated (the `IsTruncated` element value in the response is `true`), you can use the key name in this field as the `marker` parameter in the subsequent request to get the next set of objects. Amazon S3 lists objects in alphabetical order. This element is returned only if you have the `delimiter` request parameter specified. If the response does not include the `NextMarker` element and it is truncated, you can use the value of the last `Key` element in the response as the `marker` parameter in the subsequent request to get the next set of object keys. Type: String ** [Prefix](#API_ListObjects_ResponseSyntax) ** Keys that begin with the indicated prefix. Type: String ## Errors ** NoSuchBucket ** The specified bucket does not exist. HTTP Status Code: 404 ## Examples ### Sample Request This request returns the objects in `BucketName`. ``` GET / HTTP/1.1 Host: BucketName.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: text/plain ``` ### Sample Response This example illustrates one usage of ListObjects. ``` bucket 1000 false my-image.jpg 2009-10-12T17:50:30.000Z "fba9dede5f27731c9771645a39863328" 434234 STANDARD 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a my-third-image.jpg 2009-10-12T17:50:30.000Z "1b2cf535f27731c974343645a3985328" 64994 STANDARD_IA 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a ``` ### Sample Request: Using request parameters This example lists up to 40 keys in the `quotes` bucket that start with `N` and occur lexicographically after `Ned`. ``` GET /?prefix=N&marker=Ned&max-keys=40 HTTP/1.1 Host: quotes.s3..amazonaws.com Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string ``` ### Sample Response This example illustrates one usage of ListObjects. ``` HTTP/1.1 200 OK x-amz-id-2: gyB+3jRPnrkN98ZajxHXr3u7EFM67bNgSAxexeEHndCX/7GRnfTXxReKUQF28IfP x-amz-request-id: 3B3C7C725673C630 Date: Wed, 01 Mar 2006 12:00:00 GMT Content-Type: application/xml Content-Length: 302 Connection: close Server: AmazonS3 quotes N Ned 40 false Nelson 2006-01-01T12:00:00.000Z "828ef3fdfa96f00ad9f27c383fc9ac7f" 5 STANDARD bcaf161ca5fb16fd081034f Neo 2006-01-01T12:00:00.000Z "828ef3fdfa96f00ad9f27c383fc9ac7f" 4 STANDARD bcaf1ffd86a5fb16fd081034f ``` ### Sample Request: Using a prefix and delimiter For this example, we assume that you have the following keys in your bucket: + `sample.jpg` + `photos/2006/January/sample.jpg` + `photos/2006/February/sample2.jpg` + `photos/2006/February/sample3.jpg` + `photos/2006/February/sample4.jpg` The following `GET` request specifies the `delimiter` parameter with a value of `/`. ``` GET /?delimiter=/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string ``` ### Sample Response The key `sample.jpg` does not contain the delimiter character, and Amazon S3 returns it in the `Contents` element in the response. However, all of the other keys contain the delimiter character. Amazon S3 groups these keys and returns a single `CommonPrefixes` element with the `Prefix` value `photos/`, which is a substring from the beginning of these keys to the first occurrence of the specified delimiter. ``` example-bucket 1000 / false sample.jpg 2011-02-26T01:56:20.000Z "bf1d737a4d46a19f3bced6905cc8b902" 142863 canonical-user-id STANDARD photos/ ``` ### Sample Request The following `GET` request specifies the `delimiter` parameter with the value `/`, and the `prefix` parameter with the value `photos/2006/`. ``` GET /?prefix=photos/2006/&delimiter=/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string ``` ### Sample Response In response, Amazon S3 returns only the keys that start with the specified prefix. Amazon S3 uses the delimiter character to group keys that contain the same substring until the first occurrence of the delimiter character after the specified prefix. For each such key group, Amazon S3 returns one `CommonPrefixes` element in the response. The keys grouped under this `CommonPrefixes` element are not returned elsewhere in the response. The value returned in the `CommonPrefixes` element is a substring that starts at the beginning of the key and ends at the first occurrence of the specified delimiter after the prefix. ``` example-bucket photos/2006/ 1000 / false photos/2006/February/ photos/2006/January/ ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListObjects) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListObjects) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListObjects) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListObjects) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListObjects) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListObjects) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListObjects) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListObjects) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListObjects) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListObjects) # ListObjectsV2 Returns some or all (up to 1,000) of the objects in a bucket with each request. You can use the request parameters as selection criteria to return a subset of the objects in a bucket. A `200 OK` response can contain valid or invalid XML. Make sure to design your application to parse the contents of the response and handle it appropriately. For more information about listing objects, see [Listing object keys programmatically](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html) in the *Amazon S3 User Guide*. To get a list of your buckets, see [ListBuckets](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html). **Note** **General purpose bucket** - For general purpose buckets, `ListObjectsV2` doesn't return prefixes that are related only to in-progress multipart uploads. **Directory buckets** - For directory buckets, `ListObjectsV2` response includes the prefixes that are related only to in-progress multipart uploads. **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - To use this operation, you must have READ access to the bucket. You must have permission to perform the `s3:ListBucket` action. The bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). Sorting order of returned objects + **General purpose bucket** - For general purpose buckets, `ListObjectsV2` returns objects in lexicographical order based on their key names. + **Directory bucket** - For directory buckets, `ListObjectsV2` does not return objects in lexicographical order. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. **Important** This section describes the latest revision of this action. We recommend that you use this revised API operation for application development. For backward compatibility, Amazon S3 continues to support the prior version of this API operation, [ListObjects](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html). The following operations are related to `ListObjectsV2`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?list-type=2&continuation-token=ContinuationToken&delimiter=Delimiter&encoding-type=EncodingType&fetch-owner=FetchOwner&max-keys=MaxKeys&prefix=Prefix&start-after=StartAfter HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-optional-object-attributes: OptionalObjectAttributes ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListObjectsV2_RequestSyntax) ** **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [continuation-token](#API_ListObjectsV2_RequestSyntax) ** `ContinuationToken` indicates to Amazon S3 that the list is being continued on this bucket with a token. `ContinuationToken` is obfuscated and is not a real key. You can use this `ContinuationToken` for pagination of the list results. ** [delimiter](#API_ListObjectsV2_RequestSyntax) ** A delimiter is a character that you use to group keys. `CommonPrefixes` is filtered out from results if it is not lexicographically greater than the `StartAfter` value. + **Directory buckets** - For directory buckets, `/` is the only supported delimiter. + **Directory buckets ** - When you query `ListObjectsV2` with a delimiter during in-progress multipart uploads, the `CommonPrefixes` response parameter contains the prefixes that are associated with the in-progress multipart uploads. For more information about multipart uploads, see [Multipart Upload Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the *Amazon S3 User Guide*. ** [encoding-type](#API_ListObjectsV2_RequestSyntax) ** Encoding type used by Amazon S3 to encode the [object keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) in the response. Responses are encoded only in UTF-8. An object key can contain any Unicode character. However, the XML 1.0 parser can't parse certain characters, such as characters with an ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this parameter to request that Amazon S3 encode the keys in the response. For more information about characters to avoid in object key names, see [Object key naming guidelines](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines). When using the URL encoding type, non-ASCII characters that are used in an object's key name will be percent-encoded according to UTF-8 code values. For example, the object `test_file(3).png` will appear as `test_file%283%29.png`. Valid Values: `url` ** [fetch-owner](#API_ListObjectsV2_RequestSyntax) ** The owner field is not present in `ListObjectsV2` by default. If you want to return the owner field with each key in the result, then set the `FetchOwner` field to `true`. **Directory buckets** - For directory buckets, the bucket owner is returned as the object owner for all objects. ** [max-keys](#API_ListObjectsV2_RequestSyntax) ** Sets the maximum number of keys returned in the response. By default, the action returns up to 1,000 key names. The response might contain fewer keys but will never contain more. ** [prefix](#API_ListObjectsV2_RequestSyntax) ** Limits the response to keys that begin with the specified prefix. **Directory buckets** - For directory buckets, only prefixes that end in a delimiter (`/`) are supported. ** [start-after](#API_ListObjectsV2_RequestSyntax) ** StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts listing after this specified key. StartAfter can be any key in the bucket. This functionality is not supported for directory buckets. ** [x-amz-expected-bucket-owner](#API_ListObjectsV2_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-optional-object-attributes](#API_ListObjectsV2_RequestSyntax) ** Specifies the optional fields that you want returned in the response. Fields that you do not specify are not returned. This functionality is not supported for directory buckets. Valid Values: `RestoreStatus` ** [x-amz-request-payer](#API_ListObjectsV2_RequestSyntax) ** Confirms that the requester knows that she or he will be charged for the list objects request in V2 style. Bucket owners need not specify this parameter in their requests. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged boolean string ... string string string timestamp string string boolean timestamp long string ... string string string integer string ... string integer string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_ListObjectsV2_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [ListBucketResult](#API_ListObjectsV2_ResponseSyntax) ** Root level tag for the ListBucketResult parameters. Required: Yes ** [CommonPrefixes](#API_ListObjectsV2_ResponseSyntax) ** All of the keys (up to 1,000) that share the same prefix are grouped together. When counting the total numbers of returns by this API operation, this group of keys is considered as one item. A response can contain `CommonPrefixes` only if you specify a delimiter. `CommonPrefixes` contains all (if there are any) keys between `Prefix` and the next occurrence of the string specified by a delimiter. `CommonPrefixes` lists keys that act like subdirectories in the directory specified by `Prefix`. For example, if the prefix is `notes/` and the delimiter is a slash (`/`) as in `notes/summer/july`, the common prefix is `notes/summer/`. All of the keys that roll up into a common prefix count as a single return when calculating the number of returns. + **Directory buckets** - For directory buckets, only prefixes that end in a delimiter (`/`) are supported. + **Directory buckets ** - When you query `ListObjectsV2` with a delimiter during in-progress multipart uploads, the `CommonPrefixes` response parameter contains the prefixes that are associated with the in-progress multipart uploads. For more information about multipart uploads, see [Multipart Upload Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the *Amazon S3 User Guide*. Type: Array of [CommonPrefix](API_CommonPrefix.md) data types ** [Contents](#API_ListObjectsV2_ResponseSyntax) ** Metadata about each object returned. Type: Array of [Object](API_Object.md) data types ** [ContinuationToken](#API_ListObjectsV2_ResponseSyntax) ** If `ContinuationToken` was sent with the request, it is included in the response. You can use the returned `ContinuationToken` for pagination of the list response. Type: String ** [Delimiter](#API_ListObjectsV2_ResponseSyntax) ** Causes keys that contain the same string between the `prefix` and the first occurrence of the delimiter to be rolled up into a single result element in the `CommonPrefixes` collection. These rolled-up keys are not returned elsewhere in the response. Each rolled-up result counts as only one return against the `MaxKeys` value. **Directory buckets** - For directory buckets, `/` is the only supported delimiter. Type: String ** [EncodingType](#API_ListObjectsV2_ResponseSyntax) ** Encoding type used by Amazon S3 to encode object key names in the XML response. If you specify the `encoding-type` request parameter, Amazon S3 includes this element in the response, and returns encoded key name values in the following response elements: `Delimiter, Prefix, Key,` and `StartAfter`. Type: String Valid Values: `url` ** [IsTruncated](#API_ListObjectsV2_ResponseSyntax) ** Set to `false` if all of the results were returned. Set to `true` if more keys are available to return. If the number of results exceeds that specified by `MaxKeys`, all of the results might not be returned. Type: Boolean ** [KeyCount](#API_ListObjectsV2_ResponseSyntax) ** `KeyCount` is the number of keys returned with this request. `KeyCount` will always be less than or equal to the `MaxKeys` field. For example, if you ask for 50 keys, your result will include 50 keys or fewer. Type: Integer ** [MaxKeys](#API_ListObjectsV2_ResponseSyntax) ** Sets the maximum number of keys returned in the response. By default, the action returns up to 1,000 key names. The response might contain fewer keys but will never contain more. Type: Integer ** [Name](#API_ListObjectsV2_ResponseSyntax) ** The bucket name. Type: String ** [NextContinuationToken](#API_ListObjectsV2_ResponseSyntax) ** `NextContinuationToken` is sent when `isTruncated` is true, which means there are more keys in the bucket that can be listed. The next list requests to Amazon S3 can be continued with this `NextContinuationToken`. `NextContinuationToken` is obfuscated and is not a real key Type: String ** [Prefix](#API_ListObjectsV2_ResponseSyntax) ** Keys that begin with the indicated prefix. **Directory buckets** - For directory buckets, only prefixes that end in a delimiter (`/`) are supported. Type: String ** [StartAfter](#API_ListObjectsV2_ResponseSyntax) ** If StartAfter was sent with the request, it is included in the response. This functionality is not supported for directory buckets. Type: String ## Errors ** NoSuchBucket ** The specified bucket does not exist. HTTP Status Code: 404 ## Examples ### Sample Request for general purpose buckets: Listing keys This request returns the objects in `bucket`. The request specifies the `list-type` parameter, which indicates version 2 of the API operation. ``` GET /?list-type=2 HTTP/1.1 Host: bucket.s3..amazonaws.com x-amz-date: 20160430T233541Z Authorization: authorization string Content-Type: text/plain ``` ### Sample Response for general purpose buckets This example illustrates one usage of ListObjectsV2. ``` bucket 205 1000 false my-image.jpg 2009-10-12T17:50:30.000Z "fba9dede5f27731c9771645a39863328" 434234 STANDARD ... ... ``` ### Sample Request for general purpose buckets: Listing keys using the max-keys, prefix, and start-after parameters In addition to the `list-type` parameter that indicates version 2 of the API operation, the request also specifies additional parameters to retrieve up to three keys in the `quotes` bucket that start with `E` and occur lexicographically after `ExampleGuide.pdf`. ``` GET /?list-type=2&max-keys=3&prefix=E&start-after=ExampleGuide.pdf HTTP/1.1 Host: quotes.s3..amazonaws.com x-amz-date: 20160430T232933Z Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of ListObjectsV2. ``` HTTP/1.1 200 OK x-amz-id-2: gyB+3jRPnrkN98ZajxHXr3u7EFM67bNgSAxexeEHndCX/7GRnfTXxReKUQF28IfP x-amz-request-id: 3B3C7C725673C630 Date: Sat, 30 Apr 2016 23:29:37 GMT Content-Type: application/xml Content-Length: length Connection: close Server: AmazonS3 quotes E ExampleGuide.pdf 1 3 false ExampleObject.txt 2013-09-17T18:07:53.000Z "599bab3ed2c697f1d26842727561fd94" 857 REDUCED_REDUNDANCY ``` ### Sample Request for general purpose buckets: Listing keys by using the prefix and delimiter parameters This example illustrates the use of the `prefix` and the `delimiter` parameters in the request. For this example, we assume that you have the following keys in your bucket: + `sample.jpg` + `photos/2006/January/sample.jpg` + `photos/2006/February/sample2.jpg` + `photos/2006/February/sample3.jpg` + `photos/2006/February/sample4.jpg` The following `GET` request specifies the `delimiter` parameter with a value of `/`. ``` GET /?list-type=2&delimiter=/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com x-amz-date: 20160430T235931Z Authorization: authorization string ``` ### Sample Response for general purpose buckets The key `sample.jpg` does not contain the delimiter character, and Amazon S3 returns it in the `Contents` element in the response. However, all of the other keys contain the delimiter character. Amazon S3 groups these keys and returns a single `CommonPrefixes` element with the `Prefix` value `photos/`. The `Prefix` element is a substring that starts at the beginning of these keys and ends at the first occurrence of the specified delimiter. ``` example-bucket 2 1000 / false sample.jpg 2011-02-26T01:56:20.000Z "bf1d737a4d46a19f3bced6905cc8b902" 142863 STANDARD photos/ ``` ### Sample Request for general purpose buckets The following request specifies the `delimiter` parameter with the value `/`, and the `prefix` parameter with the value `photos/2006/`. ``` GET /?list-type=2&prefix=photos/2006/&delimiter=/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com x-amz-date: 20160501T000433Z Authorization: authorization string ``` ### Sample Response for general purpose buckets In response, Amazon S3 returns only the keys that start with the specified prefix. Further, Amazon S3 uses the delimiter character to group keys that contain the same substring until the first occurrence of the delimiter character after the specified prefix. For each such key group, Amazon S3 returns one `CommonPrefixes` element in the response. The keys grouped under this `CommonPrefixes` element are not returned elsewhere in the response. The `Prefix` value returned in the `CommonPrefixes` element is a substring that starts at the beginning of the key and ends at the first occurrence of the specified delimiter after the prefix. **Note** If you created folders by using the Amazon S3 console, you will see an additional 0-byte object with a key of `photos/2006/`. This object is created because of the way that the console supports folder structures. For more information, see [Organizing objects in the Amazon S3 console using folders](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-folders.html) in the *Amazon S3 User Guide*. ``` example-bucket photos/2006/ 2 1000 / false photos/2006/February/ photos/2006/January/ ``` ### Sample Request for general purpose buckets: Using a continuation token In this example, the initial request returns more than 1,000 keys. In response to this request, Amazon S3 returns the `IsTruncated` element with the value set to `true` and with a `NextContinuationToken` element. ``` GET /?list-type=2 HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Mon, 02 May 2016 23:17:07 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets: Using a continuation token This example illustrates one usage of ListObjectsV2. ``` HTTP/1.1 200 OK x-amz-id-2: gyB+3jRPnrkN98ZajxHXr3u7EFM67bNgSAxexeEHndCX/7GRnfTXxReKUQF28IfP x-amz-request-id: 3B3C7C725673C630 Date: Sat, 30 Apr 2016 23:29:37 GMT Content-Type: application/xml Content-Length: length Connection: close Server: AmazonS3 bucket 1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM= 1000 1000 true happyface.jpg 2014-11-21T19:40:05.000Z "70ee1738b6b21e2c8a43f3a5ab0eee71" 11 STANDARD ... ``` ### Sample request for general purpose buckets In the following subsequent request, we include a `continuation-token` query parameter in the request with the value of the `NextContinuationToken` element from the preceding response. ``` GET /?list-type=2 HTTP/1.1 GET /?list-type=2&continuation-token=1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM= HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Mon, 02 May 2016 23:17:07 GMT Authorization: authorization string ``` ### Sample response for general purpose buckets: Amazon S3 returns a list of the next set of keys starting where the previous request ended. ``` HTTP/1.1 200 OK x-amz-id-2: gyB+3jRPnrkN98ZajxHXr3u7EFM67bNgSAxexeEHndCX/7GRnfTXxReKUQF28IfP x-amz-request-id: 3B3C7C725673C630 Date: Sat, 30 Apr 2016 23:29:37 GMT Content-Type: application/xml Content-Length: length Connection: close Server: AmazonS3 bucket 1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM= 112 1000 false happyfacex.jpg 2014-11-21T19:40:05.000Z "70ee1738b6b21e2c8a43f3a5ab0eee71" 1111 STANDARD ... ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListObjectsV2) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListObjectsV2) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListObjectsV2) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListObjectsV2) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListObjectsV2) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListObjectsV2) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListObjectsV2) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListObjectsV2) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListObjectsV2) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListObjectsV2) # ListObjectVersions **Note** This operation is not supported for directory buckets. Returns metadata about all versions of the objects in a bucket. You can also use request parameters as selection criteria to return metadata about a subset of all the object versions. **Important** To use this operation, you must have permission to perform the `s3:ListBucketVersions` action. Be aware of the name difference. **Note** A `200 OK` response can contain valid or invalid XML. Make sure to design your application to parse the contents of the response and handle it appropriately. To use this operation, you must have READ access to the bucket. The following operations are related to `ListObjectVersions`: + [ListObjectsV2](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [DeleteObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /?versions&delimiter=Delimiter&encoding-type=EncodingType&key-marker=KeyMarker&max-keys=MaxKeys&prefix=Prefix&version-id-marker=VersionIdMarker HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-request-payer: RequestPayer x-amz-optional-object-attributes: OptionalObjectAttributes ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListObjectVersions_RequestSyntax) ** The bucket name that contains the objects. Required: Yes ** [delimiter](#API_ListObjectVersions_RequestSyntax) ** A delimiter is a character that you specify to group keys. All keys that contain the same string between the `prefix` and the first occurrence of the delimiter are grouped under a single result element in `CommonPrefixes`. These groups are counted as one result against the `max-keys` limitation. These keys are not returned elsewhere in the response. `CommonPrefixes` is filtered out from results if it is not lexicographically greater than the key-marker. ** [encoding-type](#API_ListObjectVersions_RequestSyntax) ** Encoding type used by Amazon S3 to encode the [object keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) in the response. Responses are encoded only in UTF-8. An object key can contain any Unicode character. However, the XML 1.0 parser can't parse certain characters, such as characters with an ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this parameter to request that Amazon S3 encode the keys in the response. For more information about characters to avoid in object key names, see [Object key naming guidelines](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines). When using the URL encoding type, non-ASCII characters that are used in an object's key name will be percent-encoded according to UTF-8 code values. For example, the object `test_file(3).png` will appear as `test_file%283%29.png`. Valid Values: `url` ** [key-marker](#API_ListObjectVersions_RequestSyntax) ** Specifies the key to start with when listing objects in a bucket. ** [max-keys](#API_ListObjectVersions_RequestSyntax) ** Sets the maximum number of keys returned in the response. By default, the action returns up to 1,000 key names. The response might contain fewer keys but will never contain more. If additional keys satisfy the search criteria, but were not returned because `max-keys` was exceeded, the response contains `true`. To return the additional keys, see `key-marker` and `version-id-marker`. ** [prefix](#API_ListObjectVersions_RequestSyntax) ** Use this parameter to select only those keys that begin with the specified prefix. You can use prefixes to separate a bucket into different groupings of keys. (You can think of using `prefix` to make groups in the same way that you'd use a folder in a file system.) You can use `prefix` with `delimiter` to roll up numerous objects into a single result under `CommonPrefixes`. ** [version-id-marker](#API_ListObjectVersions_RequestSyntax) ** Specifies the object version you want to start listing from. ** [x-amz-expected-bucket-owner](#API_ListObjectVersions_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-optional-object-attributes](#API_ListObjectVersions_RequestSyntax) ** Specifies the optional fields that you want returned in the response. Fields that you do not specify are not returned. Valid Values: `RestoreStatus` ** [x-amz-request-payer](#API_ListObjectVersions_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged boolean string string string string string ... string string boolean string timestamp string string boolean timestamp long string string ... boolean string timestamp string string string ... string string string integer string ... string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_ListObjectVersions_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [ListVersionsResult](#API_ListObjectVersions_ResponseSyntax) ** Root level tag for the ListVersionsResult parameters. Required: Yes ** [CommonPrefixes](#API_ListObjectVersions_ResponseSyntax) ** All of the keys rolled up into a common prefix count as a single return when calculating the number of returns. Type: Array of [CommonPrefix](API_CommonPrefix.md) data types ** [DeleteMarker](#API_ListObjectVersions_ResponseSyntax) ** Container for an object that is a delete marker. To learn more about delete markers, see [Working with delete markers](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeleteMarker.html). Type: Array of [DeleteMarkerEntry](API_DeleteMarkerEntry.md) data types ** [Delimiter](#API_ListObjectVersions_ResponseSyntax) ** The delimiter grouping the included keys. A delimiter is a character that you specify to group keys. All keys that contain the same string between the prefix and the first occurrence of the delimiter are grouped under a single result element in `CommonPrefixes`. These groups are counted as one result against the `max-keys` limitation. These keys are not returned elsewhere in the response. Type: String ** [EncodingType](#API_ListObjectVersions_ResponseSyntax) ** Encoding type used by Amazon S3 to encode object key names in the XML response. If you specify the `encoding-type` request parameter, Amazon S3 includes this element in the response, and returns encoded key name values in the following response elements: `KeyMarker, NextKeyMarker, Prefix, Key`, and `Delimiter`. Type: String Valid Values: `url` ** [IsTruncated](#API_ListObjectVersions_ResponseSyntax) ** A flag that indicates whether Amazon S3 returned all of the results that satisfied the search criteria. If your results were truncated, you can make a follow-up paginated request by using the `NextKeyMarker` and `NextVersionIdMarker` response parameters as a starting place in another request to return the rest of the results. Type: Boolean ** [KeyMarker](#API_ListObjectVersions_ResponseSyntax) ** Marks the last key returned in a truncated response. Type: String ** [MaxKeys](#API_ListObjectVersions_ResponseSyntax) ** Specifies the maximum number of objects to return. Type: Integer ** [Name](#API_ListObjectVersions_ResponseSyntax) ** The bucket name. Type: String ** [NextKeyMarker](#API_ListObjectVersions_ResponseSyntax) ** When the number of responses exceeds the value of `MaxKeys`, `NextKeyMarker` specifies the first key not returned that satisfies the search criteria. Use this value for the key-marker request parameter in a subsequent request. Type: String ** [NextVersionIdMarker](#API_ListObjectVersions_ResponseSyntax) ** When the number of responses exceeds the value of `MaxKeys`, `NextVersionIdMarker` specifies the first object version not returned that satisfies the search criteria. Use this value for the `version-id-marker` request parameter in a subsequent request. Type: String ** [Prefix](#API_ListObjectVersions_ResponseSyntax) ** Selects objects that start with the value supplied by this parameter. Type: String ** [Version](#API_ListObjectVersions_ResponseSyntax) ** Container for version information. Type: Array of [ObjectVersion](API_ObjectVersion.md) data types ** [VersionIdMarker](#API_ListObjectVersions_ResponseSyntax) ** Marks the last version of the key returned in a truncated response. Type: String ## Examples ### Sample Request The following request returns all of the versions of all of the objects in the specified bucket. ``` GET /?versions HTTP/1.1 Host: BucketName.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 +0000 Authorization: authorization string (see Authenticating Requests (AWS Signature Version 4)) ``` ### Sample Response This example illustrates one usage of ListObjectVersions. ``` bucket my 5 false my-image.jpg 3/L4kqtJl40Nr8X8gdRQBpUMLUo true 2009-10-12T17:50:30.000Z "fba9dede5f27731c9771645a39863328" 434234 STANDARD 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a my-second-image.jpg 03jpff543dhffds434rfdsFDN943fdsFkdmqnh892 true 2009-11-12T17:50:30.000Z 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a my-second-image.jpg QUpfdndhfd8438MNFDN93jdnJFkdmqnh893 false 2009-10-10T17:50:30.000Z "9b2cf535f27731c974343645a3985328" 166434 STANDARD 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a my-third-image.jpg 03jpff543dhffds434rfdsFDN943fdsFkdmqnh892 true 2009-10-15T17:50:30.000Z 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a my-third-image.jpg UIORUnfndfhnw89493jJFJ false 2009-10-11T12:50:30.000Z "772cf535f27731c974343645a3985328" 64 STANDARD 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a ``` ### Sample Request The following request returns objects in the order that they were stored, returning the most recently stored object first, starting with the value for `key-marker`. ``` GET /?versions&key-marker=key2 HTTP/1.1 Host: s3.amazonaws.com Pragma: no-cache Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* Date: Thu, 10 Dec 2009 22:46:32 +0000 Authorization: signatureValue ``` ### Sample Response This example illustrates one usage of ListObjectVersions. ``` mtp-versioning-fresh key2 1000 false key3 I5VhmK6CDDdQ5Pwfe1gcHZWmHDpcv7gfmfc29UBxsKU. true 2009-12-09T00:19:04.000Z "396fefef536d5ce46c7537ecf978a360" 217 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD sourcekey qDhprLU80sAlCFLu2DWgXAEDgKzWarn-HS_JU0TvYqs. true 2009-12-10T16:38:11.000Z 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a sourcekey wxxQ7ezLaL5JN2Sislq66Syxxo0k7uHTUpb9qiiMxNg. false 2009-12-10T16:37:44.000Z "396fefef536d5ce46c7537ecf978a360" 217 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD ``` ### Sample Request Using the prefix Parameter This example returns objects whose keys begin with `source`. ``` GET /?versions&prefix=source HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 +0000 Authorization: authorization string ``` ### Sample Response This example illustrates one usage of ListObjectVersions. ``` mtp-versioning-fresh source 1000 false sourcekey qDhprLU80sAlCFLu2DWgXAEDgKzWarn-HS_JU0TvYqs. true 2009-12-10T16:38:11.000Z 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a sourcekey wxxQ7ezLaL5JN2Sislq66Syxxo0k7uHTUpb9qiiMxNg. false 2009-12-10T16:37:44.000Z "396fefef536d5ce46c7537ecf978a360" 217 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD ``` ### Sample Request: Using the key-marker and version-id-marker Parameters The following example returns objects starting at the specified key (`key-marker`) and version ID (`version-id-marker`). ``` GET /?versions&key-marker=key3&version-id-marker=t46ZenlYTZBnj HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 +0000 Authorization: signatureValue ``` ### Sample Response This example illustrates one usage of ListObjectVersions. ``` mtp-versioning-fresh key3 t46ZenlYTZBnj 1000 false sourcekey qDhprLU80sAlCFLu2DWgXAEDgKzWarn-HS_JU0TvYqs. true 2009-12-10T16:38:11.000Z 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a sourcekey wxxQ7ezLaL5JN2Sislq66Syxxo0k7uHTUpb9qiiMxNg. false 2009-12-10T16:37:44.000Z "396fefef536d5ce46c7537ecf978a360" 217 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD ``` ### Sample Request: Using the key-marker, version-id-marker, and max-keys Parameters The following request returns up to three (the value of `max-keys`) objects starting with the key specified by `key-marker` and the version ID specified by `version-id-marker`. ``` GET /?versions&key-marker=key3&version-id-marker=t46Z0menlYTZBnj&max-keys=3 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 +0000 Authorization: authorization string ``` ### Sample Response This example illustrates one usage of ListObjectVersions. ``` mtp-versioning-fresh key3 null key3 d-d309mfjFrUmoQ0DBsVqmcMV15OI. 3 true key3 8XECiENpj8pydEDJdd-_VRrvaGKAHOaGMNW7tg6UViI. false 2009-12-09T00:18:23.000Z "396fefef536d5ce46c7537ecf978a360" 217 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD key3 d-d309mfjFri40QYukDozqBt3UmoQ0DBsVqmcMV15OI. false 2009-12-09T00:18:08.000Z "396fefef536d5ce46c7537ecf978a360" 217 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD ``` ### Sample Request: Using the delimiter and prefix Parameters Assume you have the following keys in your bucket, `example-bucket`. `photos/2006/January/sample.jpg` `photos/2006/February/sample.jpg` `photos/2006/March/sample.jpg` `videos/2006/March/sample.wmv` `sample.jpg` The following `GET` versions request specifies the `delimiter` parameter with the value `/`. ``` GET /?versions&delimiter=/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Wed, 02 Feb 2011 20:34:56 GMT Authorization: authorization string ``` ### Sample Response The list of keys from the specified bucket is shown in the following response. The response returns the `sample.jpg` key in a `Version` element. However, because all the other keys contain the specified delimiter, a distinct substring, from the beginning of the key to the first occurrence of the delimiter, from each of these keys is returned in a `CommonPrefixes` element. The key substrings, `photos/` and `videos/`, in the `CommonPrefixes` element indicate that there are one or more keys with these key prefixes. This is a useful scenario if you use key prefixes for your objects to create a logical folder-like structure. In this case, you can interpret the result as the folders `photos/` and `videos/` have one or more objects. ``` mvbucketwithversionon1 1000 / false Sample.jpg toxMzQlBsGyGCz1YuMWMp90cdXLzqOCH true 2011-02-02T18:46:20.000Z "3305f2cfc46c0f04559748bb039d69ae" 3191 852b113e7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc display-name STANDARD photos/ videos/ ``` ### Example In addition to the `delimiter` parameter, you can filter results by adding a `prefix` parameter as shown in the following request. ``` GET /?versions&prefix=photos/2006/&delimiter=/ HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Wed, 02 Feb 2011 19:34:02 GMT Authorization: authorization string ``` ### Example In this case, the response will include only object keys that start with the specified prefix. The value returned in the `CommonPrefixes` element is a substring from the beginning of the key to the first occurrence of the specified delimiter after the prefix. **Note** If you created folders by using the Amazon S3 console, you will see an additional 0-byte object with a key of `photos/2006/`. This object is created because of the way that the console supports folder structures. For more information, see [Organizing objects in the Amazon S3 console using folders](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-folders.html) in the *Amazon S3 User Guide*. ``` example-bucket photos/2006/ 1000 / false photos/2006/February/ photos/2006/January/ photos/2006/March/ ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListObjectVersions) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListObjectVersions) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListObjectVersions) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListObjectVersions) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListObjectVersions) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListObjectVersions) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListObjectVersions) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListObjectVersions) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListObjectVersions) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListObjectVersions) # ListParts Lists the parts that have been uploaded for a specific multipart upload. To use this operation, you must provide the `upload ID` in the request. You obtain this uploadID by sending the initiate multipart upload request through [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). The `ListParts` request returns a maximum of 1,000 uploaded parts. The limit of 1,000 parts is also the default value. You can restrict the number of parts in a response by specifying the `max-parts` request parameter. If your multipart upload consists of more than 1,000 parts, the response returns an `IsTruncated` field with the value of `true`, and a `NextPartNumberMarker` element. To list remaining uploaded parts, in subsequent `ListParts` requests, include the `part-number-marker` query string parameter and set its value to the `NextPartNumberMarker` field value from the previous response. For more information on multipart uploads, see [Uploading Objects Using Multipart Upload](https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - For information about permissions required to use the multipart upload API, see [Multipart Upload and Permissions](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) in the *Amazon S3 User Guide*. If the upload was created using server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS) or dual-layer server-side encryption with AWS KMS keys (DSSE-KMS), you must have permission to the `kms:Decrypt` action for the `ListParts` request to succeed. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `ListParts`: + [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) + [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) + [CompleteMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) + [AbortMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) + [GetObjectAttributes](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) + [ListMultipartUploads](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` GET /Key+?max-parts=MaxParts&part-number-marker=PartNumberMarker&uploadId=UploadId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_ListParts_RequestSyntax) ** The name of the bucket to which the parts are being uploaded. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_ListParts_RequestSyntax) ** Object key for which the multipart upload was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [max-parts](#API_ListParts_RequestSyntax) ** Sets the maximum number of parts to return. ** [part-number-marker](#API_ListParts_RequestSyntax) ** Specifies the part after which listing should begin. Only parts with higher part numbers will be listed. ** [uploadId](#API_ListParts_RequestSyntax) ** Upload ID identifying the multipart upload whose parts are being listed. Required: Yes ** [x-amz-expected-bucket-owner](#API_ListParts_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_ListParts_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption-customer-algorithm](#API_ListParts_RequestSyntax) ** The server-side encryption (SSE) algorithm used to encrypt the object. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_ListParts_RequestSyntax) ** The server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_ListParts_RequestSyntax) ** The MD5 server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-abort-date: AbortDate x-amz-abort-rule-id: AbortRuleId x-amz-request-charged: RequestCharged string string string integer integer integer boolean string string string string string string timestamp integer long ... string string string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-abort-date](#API_ListParts_ResponseSyntax) ** If the bucket has a lifecycle rule configured with an action to abort incomplete multipart uploads and the prefix in the lifecycle rule matches the object name in the request, then the response includes this header indicating when the initiated multipart upload will become eligible for abort operation. For more information, see [Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). The response will also include the `x-amz-abort-rule-id` header that will provide the ID of the lifecycle configuration rule that defines this action. This functionality is not supported for directory buckets. ** [x-amz-abort-rule-id](#API_ListParts_ResponseSyntax) ** This header is returned along with the `x-amz-abort-date` header. It identifies applicable lifecycle configuration rule that defines the action to abort incomplete multipart uploads. This functionality is not supported for directory buckets. ** [x-amz-request-charged](#API_ListParts_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` The following data is returned in XML format by the service. ** [ListPartsResult](#API_ListParts_ResponseSyntax) ** Root level tag for the ListPartsResult parameters. Required: Yes ** [Bucket](#API_ListParts_ResponseSyntax) ** The name of the bucket to which the multipart upload was initiated. Does not return the access point ARN or access point alias if used. Type: String ** [ChecksumAlgorithm](#API_ListParts_ResponseSyntax) ** The algorithm that was used to create a checksum of the object. Type: String Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ** [ChecksumType](#API_ListParts_ResponseSyntax) ** The checksum type, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. You can use this header response to verify that the checksum type that is received is the same checksum type that was specified in `CreateMultipartUpload` request. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). Type: String Valid Values: `COMPOSITE | FULL_OBJECT` ** [Initiator](#API_ListParts_ResponseSyntax) ** Container element that identifies who initiated the multipart upload. If the initiator is an AWS account, this element provides the same information as the `Owner` element. If the initiator is an IAM User, this element provides the user ARN. Type: [Initiator](API_Initiator.md) data type ** [IsTruncated](#API_ListParts_ResponseSyntax) ** Indicates whether the returned list of parts is truncated. A true value indicates that the list was truncated. A list can be truncated if the number of parts exceeds the limit returned in the MaxParts element. Type: Boolean ** [Key](#API_ListParts_ResponseSyntax) ** Object key for which the multipart upload was initiated. Type: String Length Constraints: Minimum length of 1. ** [MaxParts](#API_ListParts_ResponseSyntax) ** Maximum number of parts that were allowed in the response. Type: Integer ** [NextPartNumberMarker](#API_ListParts_ResponseSyntax) ** When a list is truncated, this element specifies the last part in the list, as well as the value to use for the `part-number-marker` request parameter in a subsequent request. Type: Integer ** [Owner](#API_ListParts_ResponseSyntax) ** Container element that identifies the object owner, after the object is created. If multipart upload is initiated by an IAM user, this element provides the parent account ID. **Directory buckets** - The bucket owner is returned as the object owner for all the parts. Type: [Owner](API_Owner.md) data type ** [Part](#API_ListParts_ResponseSyntax) ** Container for elements related to a particular part. A response can contain zero or more `Part` elements. Type: Array of [Part](API_Part.md) data types ** [PartNumberMarker](#API_ListParts_ResponseSyntax) ** Specifies the part after which listing should begin. Only parts with higher part numbers will be listed. Type: Integer ** [StorageClass](#API_ListParts_ResponseSyntax) ** The class of storage used to store the uploaded object. **Directory buckets** - Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. Type: String Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` ** [UploadId](#API_ListParts_ResponseSyntax) ** Upload ID identifying the multipart upload whose parts are being listed. Type: String ## Examples ### Sample Request for general purpose buckets Assume you have uploaded parts with sequential part numbers starting with 1. The following List Parts request specifies `max-parts` and `part-number-marker` query parameters. The request lists the first two parts that follow part number 1, that is, you will get parts 2 and 3 in the response. If more parts exist, the result is a truncated result and therefore the response will return an `IsTruncated` element with the value `true`. The response will also return the `NextPartNumberMarker` element with the value `3`, which should be used for the value of the `part-number-marker` request query string parameter in the next ListParts request. ``` GET /example-object?uploadId=XXBsb2FkIElEIGZvciBlbHZpbmcncyVcdS1tb3ZpZS5tMnRzEEEwbG9hZA&max-parts=2&part-number-marker=1 HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Authorization: authorization string ``` ### Sample Response for general purpose buckets This example illustrates one usage of ListParts. ``` HTTP/1.1 200 OK x-amz-id-2: Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT Content-Length: 985 Connection: keep-alive Server: AmazonS3 example-bucket example-object XXBsb2FkIElEIGZvciBlbHZpbmcncyVcdS1tb3ZpZS5tMnRzEEEwbG9hZA arn:aws:iam::111122223333:user/some-user-11116a31-17b5-4fb7-9df5-b288870f11xx 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a STANDARD 1 3 2 true 2 2010-11-10T20:48:34.000Z "7778aef83f66abc1fa1e8477f296d394" 10485760 3 2010-11-10T20:48:33.000Z "aaaa18db4cc2f85cedef654fccc4a4x8" 10485760 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/ListParts) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/ListParts) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/ListParts) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/ListParts) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/ListParts) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/ListParts) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/ListParts) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/ListParts) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/ListParts) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/ListParts) # PutBucketAbac Sets the attribute-based access control (ABAC) property of the general purpose bucket. You must have `s3:PutBucketABAC` permission to perform this action. When you enable ABAC, you can use tags for access control on your buckets. Additionally, when ABAC is enabled, you must use the [TagResource](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_TagResource.html) and [UntagResource](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UntagResource.html) actions to manage tags on your buckets. You can nolonger use the [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) and [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) actions to tag your bucket. For more information, see [Enabling ABAC in general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html). ## Request Syntax ``` PUT /?abac HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketAbac_RequestSyntax) ** The name of the general purpose bucket. Required: Yes ** [Content-MD5](#API_PutBucketAbac_RequestSyntax) ** The MD5 hash of the `PutBucketAbac` request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketAbac_RequestSyntax) ** The AWS account ID of the general purpose bucket's owner. ** [x-amz-sdk-checksum-algorithm](#API_PutBucketAbac_RequestSyntax) ** Indicates the algorithm that you want Amazon S3 to use to create the checksum. For more information, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [AbacStatus](#API_PutBucketAbac_RequestSyntax) ** Root level tag for the AbacStatus parameters. Required: Yes ** [Status](#API_PutBucketAbac_RequestSyntax) ** The ABAC status of the general purpose bucket. Type: String Valid Values: `Enabled | Disabled` Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketAbac) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketAbac) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketAbac) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketAbac) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketAbac) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketAbac) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketAbac) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketAbac) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketAbac) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketAbac) # PutBucketAccelerateConfiguration **Note** This operation is not supported for directory buckets. Sets the accelerate configuration of an existing bucket. Amazon S3 Transfer Acceleration is a bucket-level feature that enables you to perform faster data transfers to Amazon S3. To use this operation, you must have permission to perform the `s3:PutAccelerateConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). The Transfer Acceleration state of a bucket can be set to one of the following two values: + Enabled – Enables accelerated data transfers to the bucket. + Suspended – Disables accelerated data transfers to the bucket. The [GetBucketAccelerateConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html) action returns the transfer acceleration state of a bucket. After setting the Transfer Acceleration state of a bucket to Enabled, it might take up to thirty minutes before the data transfer rates to the bucket increase. The name of the bucket used for Transfer Acceleration must be DNS-compliant and must not contain periods ("."). For more information about transfer acceleration, see [Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html). The following operations are related to `PutBucketAccelerateConfiguration`: + [GetBucketAccelerateConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html) + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?accelerate HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-sdk-checksum-algorithm: ChecksumAlgorithm string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketAccelerateConfiguration_RequestSyntax) ** The name of the bucket for which the accelerate configuration is set. Required: Yes ** [x-amz-expected-bucket-owner](#API_PutBucketAccelerateConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketAccelerateConfiguration_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [AccelerateConfiguration](#API_PutBucketAccelerateConfiguration_RequestSyntax) ** Root level tag for the AccelerateConfiguration parameters. Required: Yes ** [Status](#API_PutBucketAccelerateConfiguration_RequestSyntax) ** Specifies the transfer acceleration status of the bucket. Type: String Valid Values: `Enabled | Suspended` Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request: Add transfer acceleration configuration to set acceleration status The following is an example of a `PUT /?accelerate` request that enables transfer acceleration for the bucket named `examplebucket`. ``` PUT /?accelerate HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Mon, 11 Apr 2016 12:00:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: length Enabled ``` ### Sample Response This example illustrates one usage of PutBucketAccelerateConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Mon, 11 Apr 2016 12:00:00 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketAccelerateConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketAccelerateConfiguration) # PutBucketAcl **Important** End of support notice: As of October 1, 2025, Amazon S3 has discontinued support for Email Grantee Access Control Lists (ACLs). If you attempt to use an Email Grantee ACL in a request after October 1, 2025, the request will receive an `HTTP 405` (Method Not Allowed) error. This change affects the following AWS Regions: US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), and South America (São Paulo). **Note** This operation is not supported for directory buckets. Sets the permissions on an existing bucket using access control lists (ACL). For more information, see [Using ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). To set the ACL of a bucket, you must have the `WRITE_ACP` permission. You can use one of the following two ways to set a bucket's permissions: + Specify the ACL in the request body + Specify permissions using request headers **Note** You cannot specify access permission using both the body and the request headers. Depending on your application needs, you may choose to set the ACL on a bucket using either the request body or the headers. For example, if you have an existing application that updates a bucket ACL using the request body, then you can continue to use that approach. **Important** If your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. You must use policies to grant access to your bucket and the objects in it. Requests to set ACLs or update ACLs fail and return the `AccessControlListNotSupported` error code. Requests to read ACLs are still supported. For more information, see [Controlling object ownership](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. Permissions You can set access permissions by using one of the following methods: + Specify a canned ACL with the `x-amz-acl` request header. Amazon S3 supports a set of predefined ACLs, known as *canned ACLs*. Each canned ACL has a predefined set of grantees and permissions. Specify the canned ACL name as the value of `x-amz-acl`. If you use this header, you cannot use other access control-specific headers in your request. For more information, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). + Specify access permissions explicitly with the `x-amz-grant-read`, `x-amz-grant-read-acp`, `x-amz-grant-write-acp`, and `x-amz-grant-full-control` headers. When using these headers, you specify explicit access permissions and grantees (AWS accounts or Amazon S3 groups) who will receive the permission. If you use these ACL-specific headers, you cannot use the `x-amz-acl` header to set a canned ACL. These parameters map to the set of permissions that Amazon S3 supports in an ACL. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). You specify each grantee as a type=value pair, where the type is one of the following: + `id` – if the value specified is the canonical user ID of an AWS account + `uri` – if you are granting permissions to a predefined group + `emailAddress` – if the value specified is the email address of an AWS account **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. For example, the following `x-amz-grant-write` header grants create, overwrite, and delete objects permission to LogDelivery group predefined by Amazon S3 and two AWS accounts identified by their email addresses. `x-amz-grant-write: uri="http://acs.amazonaws.com/groups/s3/LogDelivery", id="111122223333", id="555566667777" ` You can use either a canned ACL or specify access permissions explicitly. You cannot do both. Grantee Values You can specify the person (grantee) to whom you're assigning access rights (using request elements) in the following ways. For examples of how to specify these grantee values in JSON format, see the AWS CLI example in [ Enabling Amazon S3 server access logging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html) in the *Amazon S3 User Guide*. + By the person's ID: `<>ID<><>GranteesEmail<> ` DisplayName is optional and ignored in the request + By URI: `<>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<>` + By Email address: `<>Grantees@email.com<>&` The grantee is resolved to the CanonicalUser and, in a response to a GET Object acl request, appears as the CanonicalUser. **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. The following operations are related to `PutBucketAcl`: + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) + [GetObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?acl HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-acl: ACL Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-grant-full-control: GrantFullControl x-amz-grant-read: GrantRead x-amz-grant-read-acp: GrantReadACP x-amz-grant-write: GrantWrite x-amz-grant-write-acp: GrantWriteACP x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketAcl_RequestSyntax) ** The bucket to which to apply the ACL. Required: Yes ** [Content-MD5](#API_PutBucketAcl_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the data. This header must be used as a message integrity check to verify that the request body was not corrupted in transit. For more information, go to [RFC 1864.](http://www.ietf.org/rfc/rfc1864.txt) For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-acl](#API_PutBucketAcl_RequestSyntax) ** The canned ACL to apply to the bucket. Valid Values: `private | public-read | public-read-write | authenticated-read` ** [x-amz-expected-bucket-owner](#API_PutBucketAcl_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-grant-full-control](#API_PutBucketAcl_RequestSyntax) ** Allows grantee the read, write, read ACP, and write ACP permissions on the bucket. ** [x-amz-grant-read](#API_PutBucketAcl_RequestSyntax) ** Allows grantee to list the objects in the bucket. ** [x-amz-grant-read-acp](#API_PutBucketAcl_RequestSyntax) ** Allows grantee to read the bucket ACL. ** [x-amz-grant-write](#API_PutBucketAcl_RequestSyntax) ** Allows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects. ** [x-amz-grant-write-acp](#API_PutBucketAcl_RequestSyntax) ** Allows grantee to write the ACL for the applicable bucket. ** [x-amz-sdk-checksum-algorithm](#API_PutBucketAcl_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [AccessControlPolicy](#API_PutBucketAcl_RequestSyntax) ** Root level tag for the AccessControlPolicy parameters. Required: Yes ** [Grants](#API_PutBucketAcl_RequestSyntax) ** A list of grants. Type: Array of [Grant](API_Grant.md) data types Required: No ** [Owner](#API_PutBucketAcl_RequestSyntax) ** Container for the bucket owner's display name and ID. Type: [Owner](API_Owner.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request: Access permissions specified in the body The following request grants access permission to the existing `examplebucket` bucket. The request specifies the ACL in the body. In addition to granting full control to the bucket owner, the XML specifies the following grants. + Grant the `AllUsers` group READ permission on the bucket. + Grant the `LogDelivery` group WRITE permission on the bucket. + Grant an AWS account, identified by email address, WRITE\$1ACP permission. + Grant an AWS account, identified by canonical user ID, READ\$1ACP permission. ``` PUT ?acl HTTP/1.1 Host: examplebucket.s3..amazonaws.com Content-Length: 1660 x-amz-date: Thu, 12 Apr 2012 20:04:21 GMT Authorization: authorization string 852b113e7a2f25102679df27bb0ae12b3f85be6BucketOwnerCanonicalUserID OwnerDisplayName 852b113e7a2f25102679df27bb0ae12b3f85be6BucketOwnerCanonicalUserID OwnerDisplayName FULL_CONTROL http://acs.amazonaws.com/groups/global/AllUsers READ http://acs.amazonaws.com/groups/s3/LogDelivery WRITE xyz@amazon.com WRITE_ACP f30716ab7115dcb44a5ef76e9d74b8e20567f63TestAccountCanonicalUserID READ_ACP ``` ### Sample Response This example illustrates one usage of PutBucketAcl. ``` HTTP/1.1 200 OK x-amz-id-2: NxqO3PNiMHXXGwjgv15LLgUoAmPVmG0xtZw2sxePXLhpIvcyouXDrcQUaWWXcOK0 x-amz-request-id: C651BC9B4E1BD401 Date: Thu, 12 Apr 2012 20:04:28 GMT Content-Length: 0 Server: AmazonS3 ``` ### Sample Request: Access permissions specified using headers The following request uses ACL-specific request headers to grant the following permissions: + Write permission to the Amazon S3 `LogDelivery` group and an AWS account identified by the email `xyz@amazon.com`. + Read permission to the Amazon S3 `AllUsers` group ``` PUT ?acl HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Sun, 29 Apr 2012 22:00:57 GMT x-amz-grant-write: uri="http://acs.amazonaws.com/groups/s3/LogDelivery", emailAddress="xyz@amazon.com" x-amz-grant-read: uri="http://acs.amazonaws.com/groups/global/AllUsers" Accept: */* Authorization: authorization string ``` ### Sample Response This example illustrates one usage of PutBucketAcl. ``` HTTP/1.1 200 OK x-amz-id-2: 0w9iImt23VF9s6QofOTDzelF7mrryz7d04Mw23FQCi4O205Zw28Zn+d340/RytoQ x-amz-request-id: A6A8F01A38EC7138 Date: Sun, 29 Apr 2012 22:01:10 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketAcl) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketAcl) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketAcl) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketAcl) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketAcl) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketAcl) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketAcl) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketAcl) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketAcl) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketAcl) # PutBucketAnalyticsConfiguration **Note** This operation is not supported for directory buckets. Sets an analytics configuration for the bucket (specified by the analytics configuration ID). You can have up to 1,000 analytics configurations per bucket. You can choose to have storage class analysis export analysis reports sent to a comma-separated values (CSV) flat file. See the `DataExport` request element. Reports are updated daily and are based on the object filters that you configure. When selecting data export, you specify a destination bucket and an optional destination prefix where the file is written. You can export the data to a destination bucket in a different account. However, the destination bucket must be in the same Region as the bucket that you are making the PUT analytics configuration to. For more information, see [Amazon S3 Analytics – Storage Class Analysis](https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html). **Important** You must create a bucket policy on the destination bucket where the exported file is written to grant permissions to Amazon S3 to write objects to the bucket. For an example policy, see [Granting Permissions for Amazon S3 Inventory and Storage Class Analysis](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-9). To use this operation, you must have permissions to perform the `s3:PutAnalyticsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). `PutBucketAnalyticsConfiguration` has the following special errors: + + *HTTP Error: HTTP 400 Bad Request* + *Code: InvalidArgument* + *Cause: Invalid argument.* + + *HTTP Error: HTTP 400 Bad Request* + *Code: TooManyConfigurations* + *Cause: You are attempting to create a new configuration but have already reached the 1,000-configuration limit.* + + *HTTP Error: HTTP 403 Forbidden* + *Code: AccessDenied* + *Cause: You are not the owner of the specified bucket, or you do not have the s3:PutAnalyticsConfiguration bucket permission to set the configuration on the bucket.* The following operations are related to `PutBucketAnalyticsConfiguration`: + [GetBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) + [DeleteBucketAnalyticsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) + [ListBucketAnalyticsConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?analytics&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string ... string string string string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketAnalyticsConfiguration_RequestSyntax) ** The name of the bucket to which an analytics configuration is stored. Required: Yes ** [id](#API_PutBucketAnalyticsConfiguration_RequestSyntax) ** The ID that identifies the analytics configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_PutBucketAnalyticsConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request accepts the following data in XML format. ** [AnalyticsConfiguration](#API_PutBucketAnalyticsConfiguration_RequestSyntax) ** Root level tag for the AnalyticsConfiguration parameters. Required: Yes ** [Filter](#API_PutBucketAnalyticsConfiguration_RequestSyntax) ** The filter used to describe a set of objects for analyses. A filter must have exactly one prefix, one tag, or one conjunction (AnalyticsAndOperator). If no filter is provided, all objects will be considered in any analysis. Type: [AnalyticsFilter](API_AnalyticsFilter.md) data type Required: No ** [Id](#API_PutBucketAnalyticsConfiguration_RequestSyntax) ** The ID that identifies the analytics configuration. Type: String Required: Yes ** [StorageClassAnalysis](#API_PutBucketAnalyticsConfiguration_RequestSyntax) ** Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes. Type: [StorageClassAnalysis](API_StorageClassAnalysis.md) data type Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Example 1: Creating an analytics configuration The following PUT request for the bucket `examplebucket` creates a new or replaces an existing analytics configuration with the ID `report1`. The configuration is defined in the request body. ``` PUT /?analytics&id=report1 HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Mon, 31 Oct 2016 12:00:00 GMT Authorization: authorization string Content-Length: length report1 images/ dog corgi V_1 CSV 123456789012 arn:aws:s3:::destination-bucket destination-prefix ``` ### Sample Response This example illustrates one usage of PutBucketAnalyticsConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Mon, 31 Oct 2016 12:00:00 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketAnalyticsConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketAnalyticsConfiguration) # PutBucketCors **Note** This operation is not supported for directory buckets. Sets the `cors` configuration for your bucket. If the configuration exists, Amazon S3 replaces it. To use this operation, you must be allowed to perform the `s3:PutBucketCORS` action. By default, the bucket owner has this permission and can grant it to others. You set this configuration on a bucket so that the bucket can service cross-origin requests. For example, you might want to enable a request whose origin is `http://www.example.com` to access your Amazon S3 bucket at `my.example.bucket.com` by using the browser's `XMLHttpRequest` capability. To enable cross-origin resource sharing (CORS) on a bucket, you add the `cors` subresource to the bucket. The `cors` subresource is an XML document in which you configure rules that identify origins and the HTTP methods that can be executed on your bucket. The document is limited to 64 KB in size. When Amazon S3 receives a cross-origin request (or a pre-flight OPTIONS request) against a bucket, it evaluates the `cors` configuration on the bucket and uses the first `CORSRule` rule that matches the incoming browser request to enable a cross-origin request. For a rule to match, the following conditions must be met: + The request's `Origin` header must match `AllowedOrigin` elements. + The request method (for example, GET, PUT, HEAD, and so on) or the `Access-Control-Request-Method` header in case of a pre-flight `OPTIONS` request must be one of the `AllowedMethod` elements. + Every header specified in the `Access-Control-Request-Headers` request header of a pre-flight request must match an `AllowedHeader` element. For more information about CORS, go to [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*. The following operations are related to `PutBucketCors`: + [GetBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html) + [DeleteBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html) + [RESTOPTIONSobject](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?cors HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string ... string ... string ... string ... string integer ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketCors_RequestSyntax) ** Specifies the bucket impacted by the `cors`configuration. Required: Yes ** [Content-MD5](#API_PutBucketCors_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the data. This header must be used as a message integrity check to verify that the request body was not corrupted in transit. For more information, go to [RFC 1864.](http://www.ietf.org/rfc/rfc1864.txt) For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketCors_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketCors_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [CORSConfiguration](#API_PutBucketCors_RequestSyntax) ** Root level tag for the CORSConfiguration parameters. Required: Yes ** [CORSRule](#API_PutBucketCors_RequestSyntax) ** A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration. Type: Array of [CORSRule](API_CORSRule.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Example: CORS configuration on a bucket with two rules + The first `CORSRule` allows cross-origin PUT, POST, and DELETE requests whose origin is `http://www.example.com` origins. The rule also allows all headers in a pre-flight OPTIONS request through the `Access-Control-Request-Headers` header. Therefore, in response to any pre-flight OPTIONS request, Amazon S3 will return any requested headers. + The second rule allows cross-origin GET requests from all the origins. The '\$1' wildcard character refers to all origins. ``` http://www.example.com PUT POST DELETE * * GET ``` ### Example: CORS configuration allows cross-origin PUT and POST requests from http://www.example.com The `cors` configuration also allows additional optional configuration parameters as shown in the following cors configuration on a bucket. For example, In the preceding configuration, `CORSRule` includes the following additional optional parameters: + `MaxAgeSeconds`—Specifies the time in seconds that the browser will cache an Amazon S3 response to a pre-flight OPTIONS request for the specified resource. In this example, this parameter is 3000 seconds. Caching enables the browsers to avoid sending pre-flight OPTIONS request to Amazon S3 for repeated requests. + `ExposeHeader`—Identifies the response header (in this case `x-amz-server-side-encryption`) that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object). ``` http://www.example.com PUT POST DELETE * 3000 x-amz-server-side-encryption ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketCors) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketCors) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketCors) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketCors) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketCors) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketCors) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketCors) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketCors) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketCors) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketCors) # PutBucketEncryption This operation configures default encryption and Amazon S3 Bucket Keys for an existing bucket. You can also [block encryption types](https://docs.aws.amazon.com/AmazonS3/latest/API/API_BlockedEncryptionTypes.html) using this operation. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. By default, all buckets have a default encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). **Note** **General purpose buckets** You can optionally configure default encryption for a bucket by using server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS) or dual-layer server-side encryption with AWS KMS keys (DSSE-KMS). If you specify default encryption by using SSE-KMS, you can also configure [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html). For information about the bucket default encryption feature, see [Amazon S3 Bucket Default Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*. If you use PutBucketEncryption to set your [default bucket encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 doesn't validate the KMS key ID provided in PutBucketEncryption requests. **Directory buckets ** - You can optionally configure default encryption for a bucket by using server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your `CreateSession` requests or `PUT` object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with AWS KMS for new object uploads](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html). Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (`aws/s3`) isn't supported. S3 Bucket Keys are always enabled for `GET` and `PUT` operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html), [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html), [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops), or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job). In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object. When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. For directory buckets, if you use PutBucketEncryption to set your [default bucket encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) to SSE-KMS, Amazon S3 validates the KMS key ID provided in PutBucketEncryption requests. **Important** If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, this action requires AWS Signature Version 4. For more information, see [ Authenticating Requests (AWS Signature Version 4)](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html). Permissions + **General purpose bucket permissions** - The `s3:PutEncryptionConfiguration` permission is required in a policy. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:PutEncryptionConfiguration` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. To set a directory bucket default encryption with SSE-KMS, you must also have the `kms:GenerateDataKey` and the `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the target AWS KMS key. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following operations are related to `PutBucketEncryption`: + [GetBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) + [DeleteBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?encryption HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string string ... boolean ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketEncryption_RequestSyntax) ** Specifies default encryption for a bucket using server-side encryption with different key options. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [Content-MD5](#API_PutBucketEncryption_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the server-side encryption configuration. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. This functionality is not supported for directory buckets. ** [x-amz-expected-bucket-owner](#API_PutBucketEncryption_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ** [x-amz-sdk-checksum-algorithm](#API_PutBucketEncryption_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. For directory buckets, when you use AWS SDKs, `CRC32` is the default checksum algorithm that's used for performance. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [ServerSideEncryptionConfiguration](#API_PutBucketEncryption_RequestSyntax) ** Root level tag for the ServerSideEncryptionConfiguration parameters. Required: Yes ** [Rule](#API_PutBucketEncryption_RequestSyntax) ** Container for information about a particular server-side encryption configuration rule. Type: Array of [ServerSideEncryptionRule](API_ServerSideEncryptionRule.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples In the request, you specify the encryption configuration in the request body. The encryption configuration is specified as XML, as shown in the following examples that show setting encryption using SSE-S3, SSE-KMS, or DSSE-KMS. ### Request Body for Setting SSE-S3 for general purpose buckets This example illustrates one usage of PutBucketEncryption. ``` AES256 ``` ### Request Body for Setting SSE-KMS for general purpose buckets This example illustrates one usage of PutBucketEncryption. ``` aws:kms:dsse arn:aws:kms:us-east-1:1234/5678example ``` ### Set the Default Encryption Configuration for an S3 general purpose bucket The following is an example of a PUT /? encryption request that specifies to use SSE-KMS encryption. ``` PUT /?encryption HTTP/1.1 Host: examplebucket.s3.amazonaws.com Date: Wed, 06 Sep 2017 12:00:00 GMT Authorization: authorization Content-Length: length aws:kms arn:aws:kms:us-east-1:1234/5678example ``` ### Block SSE-C encryption for a bucket The following is an example of a request to prevent writing new objects to the bucket that uses server-side encryption with customer-provided keys (SSE-C). For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). **Note** To allow the use of SSE-C encryption in your write requests to a bucket, pass the value `NONE` instead of `SSE-C`. ``` SSE-C ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketEncryption) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketEncryption) # PutBucketIntelligentTieringConfiguration **Note** This operation is not supported for directory buckets. Puts a S3 Intelligent-Tiering configuration to the specified bucket. You can have up to 1,000 S3 Intelligent-Tiering configurations per bucket. The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities. The S3 Intelligent-Tiering storage class is the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class. For more information, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). Operations related to `PutBucketIntelligentTieringConfiguration` include: + [DeleteBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) + [GetBucketIntelligentTieringConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) + [ListBucketIntelligentTieringConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) **Note** You only need S3 Intelligent-Tiering enabled on a bucket if you want to automatically move objects stored in the S3 Intelligent-Tiering storage class to the Archive Access or Deep Archive Access tier. `PutBucketIntelligentTieringConfiguration` has the following special errors: HTTP 400 Bad Request Error *Code:* InvalidArgument *Cause:* Invalid Argument HTTP 400 Bad Request Error *Code:* TooManyConfigurations *Cause:* You are attempting to create a new configuration but have already reached the 1,000-configuration limit. HTTP 403 Forbidden Error *Cause:* You are not the owner of the specified bucket, or you do not have the `s3:PutIntelligentTieringConfiguration` bucket permission to set the configuration on the bucket. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?intelligent-tiering&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string ... string string string string string integer ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** The name of the Amazon S3 bucket whose configuration you want to modify or retrieve. Required: Yes ** [id](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** The ID used to identify the S3 Intelligent-Tiering configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request accepts the following data in XML format. ** [IntelligentTieringConfiguration](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** Root level tag for the IntelligentTieringConfiguration parameters. Required: Yes ** [Filter](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** Specifies a bucket filter. The configuration only includes objects that meet the filter's criteria. Type: [IntelligentTieringFilter](API_IntelligentTieringFilter.md) data type Required: No ** [Id](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** The ID used to identify the S3 Intelligent-Tiering configuration. Type: String Required: Yes ** [Status](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** Specifies the status of the configuration. Type: String Valid Values: `Enabled | Disabled` Required: Yes ** [Tiering](#API_PutBucketIntelligentTieringConfiguration_RequestSyntax) ** Specifies the S3 Intelligent-Tiering storage class tier of the configuration. Type: Array of [Tiering](API_Tiering.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketIntelligentTieringConfiguration) # PutBucketInventoryConfiguration **Note** This operation is not supported for directory buckets. This implementation of the `PUT` action adds an S3 Inventory configuration (identified by the inventory ID) to the bucket. You can have up to 1,000 inventory configurations per bucket. Amazon S3 inventory generates inventories of the objects in the bucket on a daily or weekly basis, and the results are published to a flat file. The bucket that is inventoried is called the *source* bucket, and the bucket where the inventory flat file is stored is called the *destination* bucket. The *destination* bucket must be in the same AWS Region as the *source* bucket. When you configure an inventory for a *source* bucket, you specify the *destination* bucket where you want the inventory to be stored, and whether to generate the inventory daily or weekly. You can also configure what object metadata to include and whether to inventory all object versions or only current versions. For more information, see [Amazon S3 Inventory](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) in the Amazon S3 User Guide. **Important** You must create a bucket policy on the *destination* bucket to grant permissions to Amazon S3 to write objects to the bucket in the defined location. For an example policy, see [ Granting Permissions for Amazon S3 Inventory and Storage Class Analysis](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-9). Permissions To use this operation, you must have permission to perform the `s3:PutInventoryConfiguration` action. The bucket owner has this permission by default and can grant this permission to others. The `s3:PutInventoryConfiguration` permission allows a user to create an [S3 Inventory](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html) report that includes all object metadata fields available and to specify the destination bucket to store the inventory. A user with read access to objects in the destination bucket can also access all object metadata fields that are available in the inventory report. To restrict access to an inventory report, see [Restricting access to an Amazon S3 Inventory report](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html#example-bucket-policies-use-case-10) in the *Amazon S3 User Guide*. For more information about the metadata fields available in S3 Inventory, see [Amazon S3 Inventory lists](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html#storage-inventory-contents) in the *Amazon S3 User Guide*. For more information about permissions, see [Permissions related to bucket subresource operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Identity and access management in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. `PutBucketInventoryConfiguration` has the following special errors: HTTP 400 Bad Request Error *Code:* InvalidArgument *Cause:* Invalid Argument HTTP 400 Bad Request Error *Code:* TooManyConfigurations *Cause:* You are attempting to create a new configuration but have already reached the 1,000-configuration limit. HTTP 403 Forbidden Error *Cause:* You are not the owner of the specified bucket, or you do not have the `s3:PutInventoryConfiguration` bucket permission to set the configuration on the bucket. The following operations are related to `PutBucketInventoryConfiguration`: + [GetBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) + [DeleteBucketInventoryConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) + [ListBucketInventoryConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?inventory&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner string string

string

string string boolean string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketInventoryConfiguration_RequestSyntax) ** The name of the bucket where the inventory configuration will be stored. Required: Yes ** [id](#API_PutBucketInventoryConfiguration_RequestSyntax) ** The ID used to identify the inventory configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_PutBucketInventoryConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request accepts the following data in XML format. ** [InventoryConfiguration](#API_PutBucketInventoryConfiguration_RequestSyntax) ** Root level tag for the InventoryConfiguration parameters. Required: Yes ** [Destination](#API_PutBucketInventoryConfiguration_RequestSyntax) ** Contains information about where to publish the inventory results. Type: [InventoryDestination](API_InventoryDestination.md) data type Required: Yes ** [Filter](#API_PutBucketInventoryConfiguration_RequestSyntax) ** Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria. Type: [InventoryFilter](API_InventoryFilter.md) data type Required: No ** [Id](#API_PutBucketInventoryConfiguration_RequestSyntax) ** The ID used to identify the inventory configuration. Type: String Required: Yes ** [IncludedObjectVersions](#API_PutBucketInventoryConfiguration_RequestSyntax) ** Object versions to include in the inventory list. If set to `All`, the list includes all the object versions, which adds the version-related fields `VersionId`, `IsLatest`, and `DeleteMarker` to the list. If set to `Current`, the list does not contain these version-related fields. Type: String Valid Values: `All | Current` Required: Yes ** [IsEnabled](#API_PutBucketInventoryConfiguration_RequestSyntax) ** Specifies whether the inventory is enabled or disabled. If set to `True`, an inventory list is generated. If set to `False`, no inventory list is generated. Type: Boolean Required: Yes ** [OptionalFields](#API_PutBucketInventoryConfiguration_RequestSyntax) ** Contains the optional fields that are included in the inventory results. Type: Array of strings Valid Values: `Size | LastModifiedDate | StorageClass | ETag | IsMultipartUploaded | ReplicationStatus | EncryptionStatus | ObjectLockRetainUntilDate | ObjectLockMode | ObjectLockLegalHoldStatus | IntelligentTieringAccessTier | BucketKeyStatus | ChecksumAlgorithm | ObjectAccessControlList | ObjectOwner | LifecycleExpirationDate` Required: No ** [Schedule](#API_PutBucketInventoryConfiguration_RequestSyntax) ** Specifies the schedule for generating inventory results. Type: [InventorySchedule](API_InventorySchedule.md) data type Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Example: Create an inventory configuration The following `PUT` request and response for the bucket `examplebucket` creates a new or replaces an existing inventory configuration with the ID `report1`. The configuration is defined in the request body. ``` PUT /?inventory&id=report1 HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Mon, 31 Oct 2016 12:00:00 GMT Authorization: authorization string Content-Length: length report1 true filterPrefix CSV 123456789012 arn:aws:s3:::destination-bucket prefix1

arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

Daily All Size LastModifiedDate ETag StorageClass IsMultipartUploaded ReplicationStatus EncryptionStatus ObjectLockRetainUntilDate ObjectLockMode ObjectLockLegalHoldStatus ``` ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Mon, 31 Oct 2016 12:00:00 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketInventoryConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketInventoryConfiguration) # PutBucketLifecycle **Note** This operation is not supported for directory buckets. **Important** For an updated version of this API, see [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html). This version has been deprecated. Existing lifecycle configurations will work. For new lifecycle configurations, use the updated API. **Note** This operation is not supported for directory buckets. Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle configuration. For information about lifecycle configuration, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*. By default, all Amazon S3 resources, including buckets, objects, and related subresources (for example, lifecycle configuration and website configuration) are private. Only the resource owner, the AWS account that created the resource, can access it. The resource owner can optionally grant access permissions to others by writing an access policy. For this operation, users must get the `s3:PutLifecycleConfiguration` permission. You can also explicitly deny permissions. Explicit denial also supersedes any other permissions. If you want to prevent users or accounts from removing or deleting objects from your bucket, you must deny them permissions for the following actions: + `s3:DeleteObject` + `s3:DeleteObjectVersion` + `s3:PutLifecycleConfiguration` For more information about permissions, see [Managing Access Permissions to your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. For more examples of transitioning objects to storage classes such as STANDARD\$1IA or ONEZONE\$1IA, see [Examples of Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#lifecycle-configuration-examples). The following operations are related to `PutBucketLifecycle`: + [GetBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html)(Deprecated) + [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) + [RestoreObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) + By default, a resource owner—in this case, a bucket owner, which is the AWS account that created the bucket—can perform any of the operations. A resource owner can also grant others permission to perform the operation. For more information, see the following topics in the Amazon S3 User Guide: + [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) + [Managing Access Permissions to your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?lifecycle HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner integer timestamp integer boolean string integer integer integer integer string string string timestamp integer string ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketLifecycle_RequestSyntax) ** Required: Yes ** [Content-MD5](#API_PutBucketLifecycle_RequestSyntax) ** For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketLifecycle_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketLifecycle_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [LifecycleConfiguration](#API_PutBucketLifecycle_RequestSyntax) ** Root level tag for the LifecycleConfiguration parameters. Required: Yes ** [Rule](#API_PutBucketLifecycle_RequestSyntax) ** Specifies lifecycle configuration rules for an Amazon S3 bucket. Type: Array of [Rule](API_Rule.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request: Body of a basic lifecycle configuration In the request, you specify the lifecycle configuration in the request body. The lifecycle configuration is specified as XML. The following is an example of a basic lifecycle configuration. It specifies one rule. The `Prefix` in the rule identifies objects to which the rule applies. The rule also specifies two actions (`Transition` and `Expiration`). Each action specifies a time line when Amazon S3 should perform the action. The Status indicates whether the rule is enabled or disabled. ``` sample-rule key-prefix rule-status value storage class value ``` ### Sample Request: Body of a lifecycle configuration specifying noncurrent versions If the state of your bucket is versioning-enabled or versioning-suspended, you can have many versions of the same object: one current version and zero or more noncurrent versions. The following lifecycle configuration specifies the actions (`NoncurrentVersionTransition`, `NoncurrentVersionExpiration`) that are specific to noncurrent object versions. ``` sample-rule key-prefix rule-status value storage class value ``` ### Sample Request: Body of a lifecycle configuration that specifies a rule with AbortIncompleteMultipartUpload You can use the multipart upload to upload large objects in parts. For more information about multipart uploads, see [Multipart Upload Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the *Amazon S3 User Guide*. With lifecycle configuration, you can tell Amazon S3 to abort incomplete multipart uploads, which are identified by the key name prefix specified in the rule, if they don't complete within a specified number of days. When Amazon S3 aborts a multipart upload, it deletes all parts associated with the upload. This ensures that you don't have incomplete multipart uploads that have left parts stored in Amazon S3, so you don't have to pay storage costs for them. The following is an example lifecycle configuration that specifies a rule with the `AbortIncompleteMultipartUpload` action. This action tells Amazon S3 to abort incomplete multipart uploads seven days after initiation. ``` sample-rule SomeKeyPrefix rule-status 7 ``` ### Add lifecycle configuration to a bucket that is not versioning-enabled The following is a sample `PUT /?lifecycle` request that adds the lifecycle configuration to the `examplebucket` bucket. The lifecycle configuration specifies two rules, each with one action: + The `Transition` action tells Amazon S3 to transition objects with the "documents/" prefix to the GLACIER storage class 30 days after creation. + The `Expiration` action tells Amazon S3 to delete objects with the "logs/" prefix 365 days after creation. The sample response follows the sample request. ``` PUT /?lifecycle HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Wed, 14 May 2014 02:11:21 GMT Content-MD5: q6yJDlIkcBaGGfb3QLY69A== Authorization: authorization string Content-Length: 415 id1 documents/ Enabled 30 GLACIER id2 logs/ Enabled 365 ``` ``` HTTP/1.1 200 OK x-amz-id-2: r+qR7+nhXtJDDIJ0JJYcd+1j5nM/rUFiiiZ/fNbDOsd3JUE8NWMLNHXmvPfwMpdc x-amz-request-id: 9E26D08072A8EF9E Date: Wed, 14 May 2014 02:11:22 GMT Content-Length: 0 Server: AmazonS3 ``` ### Add lifecycle configuration to a bucket that is versioning-enabled The following is a sample PUT /?lifecycle request that adds the lifecycle configuration to the `examplebucket` bucket. The lifecycle configuration specifies two rules, each with one action. You specify these actions when your bucket is versioning-enabled or versioning is suspended: + The `NoncurrentVersionExpiration` action tells Amazon S3 to expire noncurrent versions of objects with the "logs/" prefix 100 days after the objects become noncurrent. + The `NoncurrentVersionTransition` action tells Amazon S3 to transition noncurrent versions of objects with the "documents/" prefix to the GLACIER storage class 30 days after they become noncurrent. The sample response follows the sample request. ``` PUT /?lifecycle HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Wed, 14 May 2014 02:21:48 GMT Content-MD5: 96rxH9mDqVNKkaZDddgnw== Authorization: authorization string Content-Length: 598 id1 logs/ Enabled 1 TransitionSoonAfterBecomingNonCurrent documents/ Enabled 0 GLACIER ``` ``` HTTP/1.1 200 OK x-amz-id-2: aXQ+KbIrmMmoO//3bMdDTw/CnjArwje+J49Hf+j44yRb/VmbIkgIO5A+PT98Cp/6k07hf+LD2mY= x-amz-request-id: 02D7EC4C10381EB1 Date: Wed, 14 May 2014 02:21:50 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketLifecycle) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketLifecycle) # PutBucketLifecycleConfiguration Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle configuration. Keep in mind that this will overwrite an existing lifecycle configuration, so if you want to retain any configuration details, they must be included in the new lifecycle configuration. For information about lifecycle configuration, see [Managing your storage lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html). **Note** Bucket lifecycle configuration now supports specifying a lifecycle rule using an object key name prefix, one or more object tags, object size, or any combination of these. Accordingly, this section describes the latest API. The previous version of the API supported filtering based only on an object key name prefix, which is supported for backward compatibility. For the related API description, see [PutBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html). Rules You specify the lifecycle configuration in your request body. The lifecycle configuration is specified as XML consisting of one or more rules. An Amazon S3 Lifecycle configuration can have up to 1,000 rules. This limit is not adjustable. Bucket lifecycle configuration supports specifying a lifecycle rule using an object key name prefix, one or more object tags, object size, or any combination of these. Accordingly, this section describes the latest API. The previous version of the API supported filtering based only on an object key name prefix, which is supported for backward compatibility for general purpose buckets. For the related API description, see [PutBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html). Lifecyle configurations for directory buckets only support expiring objects and cancelling multipart uploads. Expiring of versioned objects,transitions and tag filters are not supported. A lifecycle rule consists of the following: + A filter identifying a subset of objects to which the rule applies. The filter can be based on a key name prefix, object tags, object size, or any combination of these. + A status indicating whether the rule is in effect. + One or more lifecycle transition and expiration actions that you want Amazon S3 to perform on the objects identified by the filter. If the state of your bucket is versioning-enabled or versioning-suspended, you can have many versions of the same object (one current version and zero or more noncurrent versions). Amazon S3 provides predefined actions that you can specify for current and noncurrent object versions. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) and [Lifecycle Configuration Elements](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html). Permissions + **General purpose bucket permissions** - By default, all Amazon S3 resources are private, including buckets, objects, and related subresources (for example, lifecycle configuration and website configuration). Only the resource owner (that is, the AWS account that created it) can access the resource. The resource owner can optionally grant access permissions to others by writing an access policy. For this operation, a user must have the `s3:PutLifecycleConfiguration` permission. You can also explicitly deny permissions. An explicit deny also supersedes any other permissions. If you want to block users or accounts from removing or deleting objects from your bucket, you must deny them permissions for the following actions: + `s3:DeleteObject` + `s3:DeleteObjectVersion` + `s3:PutLifecycleConfiguration` For more information about permissions, see [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **Directory bucket permissions** - You must have the `s3express:PutLifecycleConfiguration` permission in an IAM identity-based policy to use this operation. Cross-account access to this API operation isn't supported. The resource owner can optionally grant access permissions to others by creating a role or user for them as long as they are within the same account as the owner and resource. For more information about directory bucket policies and permissions, see [Authorizing Regional endpoint APIs with IAM](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`. The following operations are related to `PutBucketLifecycleConfiguration`: + [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) + [DeleteBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?lifecycle HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-transition-default-minimum-object-size: TransitionDefaultMinimumObjectSize integer timestamp integer boolean long long string string string ... long long string string string string integer integer integer integer string ... string string timestamp integer string ... ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketLifecycleConfiguration_RequestSyntax) ** The name of the bucket for which to set the configuration. Required: Yes ** [x-amz-expected-bucket-owner](#API_PutBucketLifecycleConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). This parameter applies to general purpose buckets only. It is not supported for directory bucket lifecycle configurations. ** [x-amz-sdk-checksum-algorithm](#API_PutBucketLifecycleConfiguration_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ** [x-amz-transition-default-minimum-object-size](#API_PutBucketLifecycleConfiguration_RequestSyntax) ** Indicates which default minimum object size behavior is applied to the lifecycle configuration. This parameter applies to general purpose buckets only. It is not supported for directory bucket lifecycle configurations. + `all_storage_classes_128K` - Objects smaller than 128 KB will not transition to any storage class by default. + `varies_by_storage_class` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB. To customize the minimum object size for any transition you can add a filter that specifies a custom `ObjectSizeGreaterThan` or `ObjectSizeLessThan` in the body of your transition rule. Custom filters always take precedence over the default transition behavior. Valid Values: `varies_by_storage_class | all_storage_classes_128K` ## Request Body The request accepts the following data in XML format. ** [LifecycleConfiguration](#API_PutBucketLifecycleConfiguration_RequestSyntax) ** Root level tag for the LifecycleConfiguration parameters. Required: Yes ** [Rule](#API_PutBucketLifecycleConfiguration_RequestSyntax) ** A lifecycle rule for individual objects in an Amazon S3 bucket. Type: Array of [LifecycleRule](API_LifecycleRule.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 x-amz-transition-default-minimum-object-size: TransitionDefaultMinimumObjectSize ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-transition-default-minimum-object-size](#API_PutBucketLifecycleConfiguration_ResponseSyntax) ** Indicates which default minimum object size behavior is applied to the lifecycle configuration. This parameter applies to general purpose buckets only. It is not supported for directory bucket lifecycle configurations. + `all_storage_classes_128K` - Objects smaller than 128 KB will not transition to any storage class by default. + `varies_by_storage_class` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB. To customize the minimum object size for any transition you can add a filter that specifies a custom `ObjectSizeGreaterThan` or `ObjectSizeLessThan` in the body of your transition rule. Custom filters always take precedence over the default transition behavior. Valid Values: `varies_by_storage_class | all_storage_classes_128K` ## Examples ### Example 1: Add lifecycle configuration - bucket not versioning-enabled The following lifecycle configuration for a general purpose bucket specifies two rules, each with one action. + The `Transition` action requests Amazon S3 to transition objects with the "documents/" prefix to the GLACIER storage class 30 days after creation. + The `Expiration` action requests Amazon S3 to delete objects with the "logs/" prefix 365 days after creation. ``` id1 documents/ Enabled 30 GLACIER id2 logs/ Enabled 365 ``` ### Example 2: Adding a lifecycle configuration to a general purpose bucket The following is a sample `PUT /?lifecycle` request that adds the preceding lifecycle configuration to a general purpose bucket. ``` PUT /?lifecycle HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Wed, 14 May 2014 02:11:21 GMT Content-MD5: q6yJDlIkcBaGGfb3QLY69A== Authorization: authorization string Content-Length: 415 id1 documents/ Enabled 30 GLACIER id2 logs/ Enabled 365 ``` ### Sample Response This example illustrates one usage of PutBucketLifecycleConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: r+qR7+nhXtJDDIJ0JJYcd+1j5nM/rUFiiiZ/fNbDOsd3JUE8NWMLNHXmvPfwMpdc x-amz-request-id: 9E26D08072A8EF9E Date: Wed, 14 May 2014 02:11:22 GMT Content-Length: 0 Server: AmazonS3 ``` ### Example 3: Add a lifecycle configuration - bucket is versioning-enabled The following lifecycle configuration for a general purpose bucket specifies two rules, each with one action for Amazon S3 to perform. You specify these actions when your bucket is versioning-enabled or versioning is suspended: + The `NoncurrentVersionExpiration` action requests Amazon S3 to expire noncurrent versions of objects with the "logs/" prefix 100 days after the objects become noncurrent. + The `NoncurrentVersionTransition` action requests Amazon S3 to transition noncurrent versions of objects with the "documents/" prefix to the GLACIER storage class 30 days after they become noncurrent. ``` DeleteAfterBecomingNonCurrent logs/ Enabled 100 TransitionAfterBecomingNonCurrent documents/ Enabled 30 GLACIER ``` ### Example 4: Add a lifecycle configuration to a general purpose bucket The following is a sample `PUT /?lifecycle` request that adds the preceding lifecycle configuration to a `examplebucket` bucket. ``` PUT /?lifecycle HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Wed, 14 May 2014 02:21:48 GMT Content-MD5: 96rxH9mDqVNKkaZDddgnw== Authorization: authorization string Content-Length: 598 DeleteAfterBecomingNonCurrent logs/ Enabled 1 TransitionSoonAfterBecomingNonCurrent documents/ Enabled 0 GLACIER ``` ### Sample Response This example illustrates one usage of PutBucketLifecycleConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: aXQ+KbIrmMmoO//3bMdDTw/CnjArwje+J49Hf+j44yRb/VmbIkgIO5A+PT98Cp/6k07hf+LD2mY= x-amz-request-id: 02D7EC4C10381EB1 Date: Wed, 14 May 2014 02:21:50 GMT Content-Length: 0 Server: AmazonS3 ``` ### Example 5: Add a lifecycle configuration to a directory bucket The following lifecycle configuration specifies two rules, each with one action for Amazon S3 to perform: + The `Expiration` action requests Amazon S3 to expire objects with object size between 500B to 64000B and the `"myprefix/"` prefix 7 days after their creation. + The `AbortIncompleteMultipartUpload` action requests Amazon S3 to abort incomplete multipart uploads 3 days after their initiation. ``` PUT /?lifecycle HTTP/1.1 Host: s3express-control.us-west-2.amazonaws.com x-amz-sdk-checksum-algorithm: CRC32 x-amz-checksum-crc32: UCqxTw== Lifecycle expiration rule myprefix/ 500 64000 Enabled 7 MPU Rule another_prefix/ Enabled 3 ``` ### Sample Response This example illustrates one usage of `PutBucketLifecycleConfiguration` in directory buckets ``` HTTP/1.1 200 OK Server: AmazonS3 x-amz-request-id: 02D7EC4C10381EB1 x-amz-id-2: kc3B1Ns0xqzIdJNd Content-Type: application/xml Content-Length: 0 Date: Tue, 12 Nov 2024 18:59:45 GMT ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketLifecycleConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketLifecycleConfiguration) # PutBucketLogging **Important** End of support notice: As of October 1, 2025, Amazon S3 has discontinued support for Email Grantee Access Control Lists (ACLs). If you attempt to use an Email Grantee ACL in a request after October 1, 2025, the request will receive an `HTTP 405` (Method Not Allowed) error. This change affects the following AWS Regions: US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), and South America (São Paulo). **Note** This operation is not supported for directory buckets. Set the logging parameters for a bucket and to specify permissions for who can view and modify the logging parameters. All logs are saved to buckets in the same AWS Region as the source bucket. To set the logging status of a bucket, you must be the bucket owner. The bucket owner is automatically granted FULL\$1CONTROL to all logs. You use the `Grantee` request element to grant access to other people. The `Permissions` request element specifies the kind of access the grantee has to the logs. **Important** If the target bucket for log delivery uses the bucket owner enforced setting for S3 Object Ownership, you can't use the `Grantee` request element to grant access to others. Permissions can only be granted using policies. For more information, see [Permissions for server access log delivery](https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) in the *Amazon S3 User Guide*. Grantee Values You can specify the person (grantee) to whom you're assigning access rights (by using request elements) in the following ways. For examples of how to specify these grantee values in JSON format, see the AWS CLI example in [ Enabling Amazon S3 server access logging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html) in the *Amazon S3 User Guide*. + By the person's ID: `<>ID<><>GranteesEmail<> ` `DisplayName` is optional and ignored in the request. + By Email address: ` <>Grantees@email.com<>` The grantee is resolved to the `CanonicalUser` and, in a response to a `GETObjectAcl` request, appears as the CanonicalUser. + By URI: `<>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<>` To enable logging, you use `LoggingEnabled` and its children request elements. To disable logging, you use an empty `BucketLoggingStatus` request element: `` For more information about server access logging, see [Server Access Logging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html) in the *Amazon S3 User Guide*. For more information about creating a bucket, see [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html). For more information about returning the logging status of a bucket, see [GetBucketLogging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html). The following operations are related to `PutBucketLogging`: + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [GetBucketLogging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?logging HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketLogging_RequestSyntax) ** The name of the bucket for which to set the logging parameters. Required: Yes ** [Content-MD5](#API_PutBucketLogging_RequestSyntax) ** The MD5 hash of the `PutBucketLogging` request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketLogging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketLogging_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [BucketLoggingStatus](#API_PutBucketLogging_RequestSyntax) ** Root level tag for the BucketLoggingStatus parameters. Required: Yes ** [LoggingEnabled](#API_PutBucketLogging_RequestSyntax) ** Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For more information, see [PUT Bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the *Amazon S3 API Reference*. Type: [LoggingEnabled](API_LoggingEnabled.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request This request enables logging and gives the grantee of the bucket READ access to the logs. Buckets that use the bucket owner enforced setting for Object Ownership to disable ACLs don't support target grants. For more information, see [Permissions for server access log delivery](https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) in the *Amazon S3 User Guide*. ``` PUT ?logging HTTP/1.1 Host: quotes.s3..amazonaws.com Content-Length: 214 Date: Wed, 25 Nov 2009 12:00:00 GMT Authorization: authorization string mybucketlogs mybucket-access_log-/ user@company.com READ ``` ### Sample Response This example illustrates one usage of PutBucketLogging. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT ``` ### Sample Request: Disabling logging This request disables logging on the bucket `quotes`. ``` PUT ?logging HTTP/1.1 Host: quotes.s3..amazonaws.com Content-Length: 214 Date: Wed, 25 Nov 2009 12:00:00 GMT Authorization: authorization string ``` ### Sample Response This example illustrates one usage of PutBucketLogging. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketLogging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketLogging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketLogging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketLogging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketLogging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketLogging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketLogging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketLogging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketLogging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketLogging) # PutBucketMetricsConfiguration Sets a metrics configuration (specified by the metrics configuration ID) for the bucket. You can have up to 1,000 metrics configurations per bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions To use this operation, you must have permissions to perform the `s3:PutMetricsConfiguration` action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). + **General purpose bucket permissions** - The `s3:PutMetricsConfiguration` permission is required in a policy. For more information about general purpose buckets permissions, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:PutMetricsConfiguration` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. For information about CloudWatch request metrics for Amazon S3, see [Monitoring Metrics with Amazon CloudWatch](https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). The following operations are related to `PutBucketMetricsConfiguration`: + [DeleteBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) + [GetBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) + [ListBucketMetricsConfigurations](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) `PutBucketMetricsConfiguration` has the following special error: + Error code: `TooManyConfigurations` + Description: You are attempting to create a new configuration but have already reached the 1,000-configuration limit. + HTTP Status Code: HTTP 400 Bad Request **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?metrics&id=Id HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string string string ... string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketMetricsConfiguration_RequestSyntax) ** The name of the bucket for which the metrics configuration is set. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [id](#API_PutBucketMetricsConfiguration_RequestSyntax) ** The ID used to identify the metrics configuration. The ID has a 64 character limit and can only contain letters, numbers, periods, dashes, and underscores. Required: Yes ** [x-amz-expected-bucket-owner](#API_PutBucketMetricsConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ## Request Body The request accepts the following data in XML format. ** [MetricsConfiguration](#API_PutBucketMetricsConfiguration_RequestSyntax) ** Root level tag for the MetricsConfiguration parameters. Required: Yes ** [Filter](#API_PutBucketMetricsConfiguration_RequestSyntax) ** Specifies a metrics configuration filter. The metrics configuration will only include objects that meet the filter's criteria. A filter must be a prefix, an object tag, an access point ARN, or a conjunction (MetricsAndOperator). Metrics configurations for directory buckets do not support tag filters. Type: [MetricsFilter](API_MetricsFilter.md) data type Required: No ** [Id](#API_PutBucketMetricsConfiguration_RequestSyntax) ** The ID used to identify the metrics configuration. The ID has a 64 character limit and can only contain letters, numbers, periods, dashes, and underscores. Type: String Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### First Sample Request Put a metric configuration that enables metrics for an entire bucket. ``` PUT /?metrics&id=EntireBucket HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2016 00:17:21 GMT Authorization: signatureValue Content-Length: 159 EntireBucket ``` ### First Sample Response This example illustrates one usage of PutBucketMetricsConfiguration. ``` HTTP/1.1 204 No Content x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 ``` ### Second Sample Request Put a metrics configuration that enables metrics for objects that start with a particular prefix and also have specific tags applied. ``` PUT /?metrics&id=ImportantBlueDocuments HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Thu, 15 Nov 2016 00:17:29 GMT Authorization: signatureValue Content-Length: 480 ImportantBlueDocuments documents/ priority high class blue ``` ### Second Sample Response This example illustrates one usage of PutBucketMetricsConfiguration. ``` HTTP/1.1 204 No Content x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:29 GMT Server: AmazonS3 ``` ### Third Sample Request Put a metrics configuration that enables metrics for a specific access point. ``` PUT /?metrics&id=ImportantDocumentsAccessPoint HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-date: Thu, 26 Aug 2021 00:17:29 GMT Authorization: signatureValue Content-Length: 480 ImportantDocumentsAccessPoint arn:aws:s3:us-west-2:123456789012:accesspoint/test ``` ### Thirds Sample Response This example illustrates one usage of PutBucketMetricsConfiguration. ``` HTTP/1.1 204 No Content x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 26 Aug 2021 00:17:29 GMT Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketMetricsConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketMetricsConfiguration) # PutBucketNotification **Note** This operation is not supported for directory buckets. No longer used, see the [PutBucketNotificationConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotificationConfiguration.html) operation. ## Request Syntax ``` PUT /?notification HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string ... string string string string ... string string string string string ... string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketNotification_RequestSyntax) ** The name of the bucket. Required: Yes ** [Content-MD5](#API_PutBucketNotification_RequestSyntax) ** The MD5 hash of the `PutPublicAccessBlock` request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketNotification_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketNotification_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [NotificationConfiguration](#API_PutBucketNotification_RequestSyntax) ** Root level tag for the NotificationConfiguration parameters. Required: Yes ** [CloudFunctionConfiguration](#API_PutBucketNotification_RequestSyntax) ** Container for specifying the AWS Lambda notification configuration. Type: [CloudFunctionConfiguration](API_CloudFunctionConfiguration.md) data type Required: No ** [QueueConfiguration](#API_PutBucketNotification_RequestSyntax) ** This data type is deprecated. This data type specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events. Type: [QueueConfigurationDeprecated](API_QueueConfigurationDeprecated.md) data type Required: No ** [TopicConfiguration](#API_PutBucketNotification_RequestSyntax) ** This data type is deprecated. A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events. Type: [TopicConfigurationDeprecated](API_TopicConfigurationDeprecated.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketNotification) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketNotification) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketNotification) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketNotification) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketNotification) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketNotification) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketNotification) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketNotification) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketNotification) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketNotification) # PutBucketNotificationConfiguration **Note** This operation is not supported for directory buckets. Enables notifications of specified events for a bucket. For more information about event notifications, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). Using this API, you can replace an existing notification configuration. The configuration is an XML file that defines the event types that you want Amazon S3 to publish and the destination where you want Amazon S3 to publish an event notification when it detects an event of the specified type. By default, your bucket has no event notifications configured. That is, the notification configuration will be an empty `NotificationConfiguration`. `` `` This action replaces the existing notification configuration with the configuration you include in the request body. After Amazon S3 receives this request, it first verifies that any Amazon Simple Notification Service (Amazon SNS) or Amazon Simple Queue Service (Amazon SQS) destination exists, and that the bucket owner has permission to publish to it by sending a test notification. In the case of AWS Lambda destinations, Amazon S3 verifies that the Lambda function permissions grant Amazon S3 permission to invoke the function from the Amazon S3 bucket. For more information, see [Configuring Notifications for Amazon S3 Events](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). You can disable notifications by adding the empty NotificationConfiguration element. For more information about the number of event notification configurations that you can create per bucket, see [Amazon S3 service quotas](https://docs.aws.amazon.com/general/latest/gr/s3.html#limits_s3) in * AWS General Reference*. By default, only the bucket owner can configure notifications on a bucket. However, bucket owners can use a bucket policy to grant permission to other users to set this configuration with the required `s3:PutBucketNotification` permission. **Note** The PUT notification is an atomic operation. For example, suppose your notification configuration includes SNS topic, SQS queue, and Lambda function configurations. When you send a PUT request with this configuration, Amazon S3 sends test messages to your SNS topic. If the message fails, the entire PUT action will fail, and Amazon S3 will not add the configuration to your bucket. If the configuration in the request body includes only one `TopicConfiguration` specifying only the `s3:ReducedRedundancyLostObject` event type, the response will also include the `x-amz-sns-test-message-id` header containing the message ID of the test notification sent to the topic. The following action is related to `PutBucketNotificationConfiguration`: + [GetBucketNotificationConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?notification HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-skip-destination-validation: SkipDestinationValidation string ... string string ... string string ... string ... string string ... string string ... string ... string string ... string string ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketNotificationConfiguration_RequestSyntax) ** The name of the bucket. Required: Yes ** [x-amz-expected-bucket-owner](#API_PutBucketNotificationConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-skip-destination-validation](#API_PutBucketNotificationConfiguration_RequestSyntax) ** Skips validation of Amazon SQS, Amazon SNS, and AWS Lambda destinations. True or false value. ## Request Body The request accepts the following data in XML format. ** [NotificationConfiguration](#API_PutBucketNotificationConfiguration_RequestSyntax) ** Root level tag for the NotificationConfiguration parameters. Required: Yes ** [CloudFunctionConfiguration](#API_PutBucketNotificationConfiguration_RequestSyntax) ** Describes the AWS Lambda functions to invoke and the events for which to invoke them. Type: Array of [LambdaFunctionConfiguration](API_LambdaFunctionConfiguration.md) data types Required: No ** [EventBridgeConfiguration](#API_PutBucketNotificationConfiguration_RequestSyntax) ** Enables delivery of events to Amazon EventBridge. Type: [EventBridgeConfiguration](API_EventBridgeConfiguration.md) data type Required: No ** [QueueConfiguration](#API_PutBucketNotificationConfiguration_RequestSyntax) ** The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages. Type: Array of [QueueConfiguration](API_QueueConfiguration.md) data types Required: No ** [TopicConfiguration](#API_PutBucketNotificationConfiguration_RequestSyntax) ** The topic to which notifications are sent and the events for which notifications are generated. Type: Array of [TopicConfiguration](API_TopicConfiguration.md) data types Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Example 1: Configure notification to invoke a cloud function in Lambda The following notification configuration includes CloudFunctionConfiguration, which identifies the event type for which Amazon S3 can invoke a cloud function and the name of the cloud function to invoke. ``` ObjectCreatedEvents arn:aws:lambda:us-west-2:35667example:function:CreateThumbnail s3:ObjectCreated:* ``` ### Example The following PUT uploads the notification configuration. The action replaces the existing notification configuration. ``` PUT http://s3..amazonaws.com/examplebucket?notification= HTTP/1.1 User-Agent: s3curl 2.0 Host: s3.amazonaws.com Pragma: no-cache Accept: */* Proxy-Connection: Keep-Alive Authorization: authorization string Date: Mon, 13 Oct 2014 23:14:52 +0000 Content-Length: length [request body] ``` ### Sample Response This example illustrates one usage of PutBucketNotificationConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: 8+FlwagBSoT2qpMaGlfCUkRkFR5W3OeS7UhhoBb17j+kqvpS2cSFlgJ5coLd53d2 x-amz-request-id: E5BA4600A3937335 Date: Fri, 31 Oct 2014 01:49:50 GMT Content-Length: 0 Server: AmazonS3 ``` ### Example 2: Configure a notification with multiple destinations The following notification configuration includes the topic and queue configurations: + A topic configuration identifying an SNS topic for Amazon S3 to publish events of the `s3:ReducedRedundancyLostObject` type. + A queue configuration identifying an SQS queue for Amazon S3 to publish events of the `s3:ObjectCreated:*` type. ``` arn:aws:sns:us-east-1:356671443308:s3notificationtopic2 s3:ReducedRedundancyLostObject arn:aws:sqs:us-east-1:356671443308:s3notificationqueue s3:ObjectCreated:* ``` ### Example The following PUT request against the notification subresource of the `examplebucket` bucket sends the preceding notification configuration in the request body. The action replaces the existing notification configuration on the bucket. ``` PUT http://s3..amazonaws.com/examplebucket?notification= HTTP/1.1 User-Agent: s3curl 2.0 Host: s3.amazonaws.com Pragma: no-cache Accept: */* Proxy-Connection: Keep-Alive Authorization: authorization string Date: Mon, 13 Oct 2014 22:58:43 +0000 Content-Length: 391 Expect: 100-continue ``` ### Example 3: Configure a notification with object key name filtering The following notification configuration contains a queue configuration identifying an Amazon SQS queue for Amazon S3 to publish events to of the `s3:ObjectCreated:Put` type. The events will be published whenever an object that has a prefix of `images/` and a `.jpg` suffix is PUT to a bucket. For more examples of notification configurations that use filtering, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). ``` 1 prefix images/ suffix .jpg arn:aws:sqs:us-west-2:444455556666:s3notificationqueue s3:ObjectCreated:Put ``` ### Example The following PUT request against the notification subresource of the `examplebucket` bucket sends the preceding notification configuration in the request body. The action replaces the existing notification configuration on the bucket. ``` PUT http://s3..amazonaws.com/examplebucket?notification= HTTP/1.1 User-Agent: s3curl 2.0 Host: s3.amazonaws.com Pragma: no-cache Accept: */* Proxy-Connection: Keep-Alive Authorization: authorization string Date: Mon, 13 Oct 2014 22:58:43 +0000 Content-Length: length Expect: 100-continue ``` ### Sample Response This example illustrates one usage of PutBucketNotificationConfiguration. ``` HTTP/1.1 200 OK x-amz-id-2: SlvJLkfunoAGILZK3KqHSSUq4kwbudkrROmESoHOpDacULy+cxRoR1Svrfoyvg2A x-amz-request-id: BB1BA8E12D6A80B7 Date: Mon, 13 Oct 2014 22:58:44 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketNotificationConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketNotificationConfiguration) # PutBucketOwnershipControls **Note** This operation is not supported for directory buckets. Creates or modifies `OwnershipControls` for an Amazon S3 bucket. To use this operation, you must have the `s3:PutBucketOwnershipControls` permission. For more information about Amazon S3 permissions, see [Specifying permissions in a policy](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-with-s3-actions.html). For information about Amazon S3 Object Ownership, see [Using object ownership](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/about-object-ownership.html). The following operations are related to `PutBucketOwnershipControls`: + [GetBucketOwnershipControls](API_GetBucketOwnershipControls.md) + [DeleteBucketOwnershipControls](API_DeleteBucketOwnershipControls.md) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?ownershipControls HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-sdk-checksum-algorithm: ChecksumAlgorithm string ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketOwnershipControls_RequestSyntax) ** The name of the Amazon S3 bucket whose `OwnershipControls` you want to set. Required: Yes ** [Content-MD5](#API_PutBucketOwnershipControls_RequestSyntax) ** The MD5 hash of the `OwnershipControls` request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketOwnershipControls_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketOwnershipControls_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum-algorithm ` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [OwnershipControls](#API_PutBucketOwnershipControls_RequestSyntax) ** Root level tag for the OwnershipControls parameters. Required: Yes ** [Rule](#API_PutBucketOwnershipControls_RequestSyntax) ** The container element for an ownership control rule. Type: Array of [OwnershipControlsRule](API_OwnershipControlsRule.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request with BucketOwnerEnforced OwnershipControls The following request puts a bucket `OwnershipControls` that specifies BucketOwnerEnforced. ``` PUT /amzn-s3-demo-bucket?ownershipControls= HTTP/1.1 Host:amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: 20211130T230132Z x-amz-content-sha256: bafb46c18574a73704c8227aef060df1c12ea0d964e19b949d06e9f763805fe2 Authorization: authorization string BucketOwnerEnforced ``` ### Sample Response with BucketOwnerEnforced OwnershipControls This example illustrates one usage of PutBucketOwnershipControls. ``` HTTP/1.1 200 OK x-amz-id-2: zkDVX0gbz8oKcjNz7GPz8XhXkhNArHtA8/WOf5hyEj6SbisSRdqITZvSuAMik7HK4PY+izDZZI0= x-amz-request-id: BK7Y8M3G7Z0RFRCP Date: Tue, 30 Nov 2021 23:01:33 GMT Content-Length: 0 Server: AmazonS3 ``` ### Sample Request with BucketOwnerPreferred OwnershipControls The following request puts a bucket `OwnershipControls` that specifies BucketOwnerPreferred. ``` PUT /amzn-s3-demo-bucket?ownershipControls= HTTP/1.1 Host:amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: 20200618T230132Z x-amz-content-sha256: bafb46c18574a73704c8227aef060df1c12ea0d964e19b949d06e9f763805fe2 Authorization: authorization string BucketOwnerPreferred ``` ### Sample Response with BucketOwnerPreferred OwnershipControls This example illustrates one usage of PutBucketOwnershipControls. ``` HTTP/1.1 200 OK x-amz-id-2: zkDVX0gbz8oKcjNz7GPz8XhXkhNArHtA8/WOf5hyEj6SbisSRdqITZvSuAMik7HK4PY+izDZZI0= x-amz-request-id: BK7Y8M3G7Z0RFRCP Date: Thu, 18 Jun 2020 23:01:33 GMT Content-Length: 0 Server: AmazonS3 ``` ### Sample Request with ObjectWriter OwnershipControls The following request puts a bucket `OwnershipControls` that specifies ObjectWriter. ``` PUT /amzn-s3-demo-bucket?ownershipControls= HTTP/1.1 Host:amzn-s3-demo-bucket.s3..amazonaws.com x-amz-date: 20200618T230132Z x-amz-content-sha256: bafb46c18574a73704c8227aef060df1c12ea0d964e19b949d06e9f763805fe2 Authorization: authorization string ObjectWriter ``` ### Sample Response with ObjectWriter OwnershipControls This example illustrates one usage of PutBucketOwnershipControls. ``` HTTP/1.1 200 OK x-amz-id-2: zkDVX0gbz8oKcjNz7GPz8XhXkhNArHtA8/WOf5hyEj6SbisSRdqITZvSuAMik7HK4PY+izDZZI0= x-amz-request-id: BK7Y8M3G7Z0RFRCP Date: Thu, 18 Jun 2020 23:01:33 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketOwnershipControls) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketOwnershipControls) # PutBucketPolicy Applies an Amazon S3 bucket policy to an Amazon S3 bucket. **Note** **Directory buckets ** - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must both have the `PutBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation. If you don't have `PutBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error. To ensure that bucket owners don't inadvertently lock themselves out of their own buckets, the root principal in a bucket owner's AWS account can perform the `GetBucketPolicy`, `PutBucketPolicy`, and `DeleteBucketPolicy` API actions, even if their bucket policy explicitly denies the root principal's access. Bucket owner root principals can only be blocked from performing these API actions by VPC endpoint policies and AWS Organizations policies. + **General purpose bucket permissions** - The `s3:PutBucketPolicy` permission is required in a policy. For more information about general purpose buckets bucket policies, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation, you must have the `s3express:PutBucketPolicy` permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the AWS account that owns the resource. For more information about directory bucket policies and permissions, see [AWS Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) in the *Amazon S3 User Guide*. Example bucket policies **General purpose buckets example bucket policies** - See [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide*. **Directory bucket example bucket policies** - See [Example bucket policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region-code.amazonaws.com`. The following operations are related to `PutBucketPolicy`: + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?policy HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-confirm-remove-self-bucket-access: ConfirmRemoveSelfBucketAccess x-amz-expected-bucket-owner: ExpectedBucketOwner { Policy in JSON format } ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketPolicy_RequestSyntax) ** The name of the bucket. **Directory buckets ** - When you use this operation with a directory bucket, you must use path-style requests in the format `https://s3express-control.region-code.amazonaws.com/bucket-name `. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` DOC-EXAMPLE-BUCKET--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* Required: Yes ** [Content-MD5](#API_PutBucketPolicy_RequestSyntax) ** The MD5 hash of the request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. This functionality is not supported for directory buckets. ** [x-amz-confirm-remove-self-bucket-access](#API_PutBucketPolicy_RequestSyntax) ** Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future. This functionality is not supported for directory buckets. ** [x-amz-expected-bucket-owner](#API_PutBucketPolicy_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code `501 Not Implemented`. ** [x-amz-sdk-checksum-algorithm](#API_PutBucketPolicy_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum-algorithm ` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with the supported algorithm from the following list: + `CRC32` + `CRC32C` + `CRC64NVME` + `SHA1` + `SHA256` For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If the individual checksum value you provide through `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you set through `x-amz-sdk-checksum-algorithm`, Amazon S3 fails the request with a `BadDigest` error. For directory buckets, when you use AWS SDKs, `CRC32` is the default checksum algorithm that's used for performance. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in JSON format. ** [Policy](#API_PutBucketPolicy_RequestSyntax) ** ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request for general purpose buckets The following request shows the PUT individual policy request for the bucket. ``` PUT /?policy HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Tue, 04 Apr 2010 20:34:56 GMT Authorization: authorization string { "Version":"2008-10-17", "Id":"aaaa-bbbb-cccc-dddd", "Statement" : [ { "Effect":"Allow", "Sid":"1", "Principal" : { "AWS":["111122223333","444455556666"] }, "Action":["s3:*"], "Resource":"arn:aws:s3:::bucket/*" } ] } ``` ### Sample Response for general purpose buckets This example illustrates one usage of PutBucketPolicy. ``` HTTP/1.1 204 No Content x-amz-id-2: Uuag1LuByR5Onimru9SAMPLEAtRPfTaOFg== x-amz-request-id: 656c76696e6727732SAMPLE7374 Date: Tue, 04 Apr 2010 20:34:56 GMT Connection: keep-alive Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketPolicy) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketPolicy) # PutBucketReplication **Note** This operation is not supported for directory buckets. Creates a replication configuration or replaces an existing one. For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*. Specify the replication configuration in the request body. In the replication configuration, you provide the name of the destination bucket or buckets where you want Amazon S3 to replicate objects, the IAM role that Amazon S3 can assume to replicate objects on your behalf, and other relevant information. You can invoke this request for a specific AWS Region by using the [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requestedregion](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requestedregion) condition key. A replication configuration must include at least one rule, and can contain a maximum of 1,000. Each rule identifies a subset of objects to replicate by filtering the objects in the source bucket. To choose additional subsets of objects to replicate, add a rule for each subset. To specify a subset of the objects in the source bucket to apply a replication rule to, add the Filter element as a child of the Rule element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add the Filter element in the configuration, you must also add the following elements: `DeleteMarkerReplication`, `Status`, and `Priority`. **Note** If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations). For information about enabling versioning on a bucket, see [Using Versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). Handling Replication of Encrypted Objects By default, Amazon S3 doesn't replicate objects that are stored at rest using server-side encryption with KMS keys. To replicate AWS KMS-encrypted objects, add the following: `SourceSelectionCriteria`, `SseKmsEncryptedObjects`, `Status`, `EncryptionConfiguration`, and `ReplicaKmsKeyID`. For information about replication configuration, see [Replicating Objects Created with SSE Using KMS keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-config-for-kms-objects.html). For information on `PutBucketReplication` errors, see [List of replication-related error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ReplicationErrorCodeList) Permissions To create a `PutBucketReplication` request, you must have `s3:PutReplicationConfiguration` permissions for the bucket. By default, a resource owner, in this case the AWS account that created the bucket, can perform this operation. The resource owner can also grant others permissions to perform the operation. For more information about permissions, see [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). To perform this operation, the user or role performing the action must have the [iam:PassRole](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html) permission. The following operations are related to `PutBucketReplication`: + [GetBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) + [DeleteBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?replication HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-bucket-object-lock-token: Token x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string string string integer string string integer string string string string string ... string string string string string integer string string string ... ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketReplication_RequestSyntax) ** The name of the bucket Required: Yes ** [Content-MD5](#API_PutBucketReplication_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit. For more information, see [RFC 1864](http://www.ietf.org/rfc/rfc1864.txt). For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-bucket-object-lock-token](#API_PutBucketReplication_RequestSyntax) ** A token to allow Object Lock to be enabled for an existing bucket. ** [x-amz-expected-bucket-owner](#API_PutBucketReplication_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketReplication_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [ReplicationConfiguration](#API_PutBucketReplication_RequestSyntax) ** Root level tag for the ReplicationConfiguration parameters. Required: Yes ** [Role](#API_PutBucketReplication_RequestSyntax) ** The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*. Type: String Required: Yes ** [Rule](#API_PutBucketReplication_RequestSyntax) ** A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules. Type: Array of [ReplicationRule](API_ReplicationRule.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request: Add a replication configuration The following is a sample `PUT` request that creates a replication subresource on the specified bucket and saves the replication configuration in it. The replication configuration specifies a rule to replicate objects to the `DOC-EXAMPLE-BUCKET` bucket. The rule includes a filter to replicate only the objects created with the key name prefix TaxDocs and that have two specific tags. After you add a replication configuration to your bucket, Amazon S3 assumes the AWS Identity and Access Management (IAM) role specified in the configuration to replicate objects on behalf of the bucket owner. The bucket owner is the AWS account that created the bucket. Filtering using the element is supported in the latest XML configuration. If you are using an earlier version of the XML configuration, you can filter only on key prefix. In that case, you add the element as a child of the . For more examples of replication configuration, see [Replication Configuration Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-example-configs) in the *Amazon S3 User Guide.* ``` PUT /?replication HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Wed, 11 Feb 2015 02:11:21 GMT Content-MD5: q6yJDlIkcBaGGfb3QLY69A== Authorization: authorization string Content-Length: length arn:aws:iam::35667example:role/CrossRegionReplicationRoleForS3 rule1 Enabled 1 Disabled TaxDocs key1 value1 key1 value1 arn:aws:s3:::DOC-EXAMPLE-BUCKET ``` ### Sample Response This example illustrates one usage of PutBucketReplication. ``` HTTP/1.1 200 OK x-amz-id-2: r+qR7+nhXtJDDIJ0JJYcd+1j5nM/rUFiiiZ/fNbDOsd3JUE8NWMLNHXmvPfwMpdc x-amz-request-id: 9E26D08072A8EF9E Date: Wed, 11 Feb 2015 02:11:22 GMT Content-Length: 0 Server: AmazonS3 ``` ### Sample Request: Add a Replication Configuration with Amazon S3 Replication Time Control Enabled You can use S3 Replication Time Control (S3 RTC) to replicate your data in the same AWS Region or across different AWS Regions in a predictable time frame. S3 RTC replicates 99.99 percent of new objects stored in Amazon S3 within 15 minutes. For more information, see [Replicating objects using Replication Time Control](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-time-control.html). ``` PUT /?replication HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Wed, 11 Feb 2015 02:11:21 GMT Content-MD5: q6yJDlIkcBaGGfb3QLY69A== Authorization: authorization string Content-Length: length x-amz-bucket-object-lock-token: Token arn:aws:iam::35667example:role/CrossRegionReplicationRoleForS3 rule1 Enabled 1 TaxDocs key1 value1 key1 value1 arn:aws:s3:::DOC-EXAMPLE-BUCKET Enabled 15 Enabled 15 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketReplication) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketReplication) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketReplication) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketReplication) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketReplication) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketReplication) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketReplication) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketReplication) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketReplication) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketReplication) # PutBucketRequestPayment **Note** This operation is not supported for directory buckets. Sets the request payment configuration for a bucket. By default, the bucket owner pays for downloads from the bucket. This configuration parameter enables the bucket owner (only) to specify that the person requesting the download will be charged for the download. For more information, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html). The following operations are related to `PutBucketRequestPayment`: + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [GetBucketRequestPayment](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?requestPayment HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketRequestPayment_RequestSyntax) ** The bucket name. Required: Yes ** [Content-MD5](#API_PutBucketRequestPayment_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit. For more information, see [RFC 1864](http://www.ietf.org/rfc/rfc1864.txt). For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketRequestPayment_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketRequestPayment_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [RequestPaymentConfiguration](#API_PutBucketRequestPayment_RequestSyntax) ** Root level tag for the RequestPaymentConfiguration parameters. Required: Yes ** [Payer](#API_PutBucketRequestPayment_RequestSyntax) ** Specifies who pays for the download and request fees. Type: String Valid Values: `Requester | BucketOwner` Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request This request creates a Requester Pays bucket named `colorpictures`. ``` PUT ?requestPayment HTTP/1.1 Host: colorpictures.s3..amazonaws.com Content-Length: 173 Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string Requester ``` ### Sample Response Delete the metric configuration with a specified ID, which disables the CloudWatch metrics with the `ExampleMetrics` value for the `FilterId` dimension. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT Location: /colorpictures Content-Length: 0 Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketRequestPayment) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketRequestPayment) # PutBucketTagging **Note** This operation is not supported for directory buckets. Sets the tags for a general purpose bucket if attribute based access control (ABAC) is not enabled for the bucket. When you [enable ABAC for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html), you can no longer use this operation for that bucket and must use the [TagResource](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_TagResource.html) or [UntagResource](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UntagResource.html) operations instead. Use tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost Allocation and Tagging](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) and [Using Cost Allocation in Amazon S3 Bucket Tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html). **Note** When this operation sets the tags for a bucket, it will overwrite any current tags the bucket already has. You cannot use this operation to add tags to an existing list of tags. To use this operation, you must have permissions to perform the `s3:PutBucketTagging` action. The bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). `PutBucketTagging` has the following special errors. For more Amazon S3 errors see, [Error Responses](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). + `InvalidTag` - The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For more information, see [Using Cost Allocation in Amazon S3 Bucket Tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html). + `MalformedXML` - The XML provided does not match the schema. + `OperationAborted` - A conflicting conditional action is currently in progress against this resource. Please try again. + `InternalError` - The service was unable to apply the provided tag to the bucket. The following operations are related to `PutBucketTagging`: + [GetBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) + [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?tagging HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketTagging_RequestSyntax) ** The bucket name. Required: Yes ** [Content-MD5](#API_PutBucketTagging_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit. For more information, see [RFC 1864](http://www.ietf.org/rfc/rfc1864.txt). For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketTagging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketTagging_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [Tagging](#API_PutBucketTagging_RequestSyntax) ** Root level tag for the Tagging parameters. Required: Yes ** [TagSet](#API_PutBucketTagging_RequestSyntax) ** A collection for a set of tags Type: Array of [Tag](API_Tag.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request: Add tag set to a bucket The following request adds a tag set to the existing `examplebucket` bucket. ``` PUT ?tagging HTTP/1.1 Host: examplebucket.s3..amazonaws.com Content-Length: 1660 x-amz-date: Thu, 12 Apr 2012 20:04:21 GMT Authorization: authorization string Project Project One User jsmith ``` ### Sample Response This example illustrates one usage of PutBucketTagging. ``` HTTP/1.1 204 No Content x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Oct 2012 12:00:00 GMT ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketTagging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketTagging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketTagging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketTagging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketTagging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketTagging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketTagging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketTagging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketTagging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketTagging) # PutBucketVersioning **Note** This operation is not supported for directory buckets. **Note** When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. While this change is propagating, you might encounter intermittent `HTTP 404 NoSuchKey` errors for requests to objects created or updated after enabling versioning. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (`PUT` or `DELETE`) on objects in the bucket. Sets the versioning state of an existing bucket. You can set the versioning state with one of the following values: **Enabled**—Enables versioning for the objects in the bucket. All objects added to the bucket receive a unique version ID. **Suspended**—Disables versioning for the objects in the bucket. All objects added to the bucket receive the version ID null. If the versioning state has never been set on a bucket, it has no versioning state; a [GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) request does not return a versioning state value. In order to enable MFA Delete, you must be the bucket owner. If you are the bucket owner and want to enable MFA Delete in the bucket versioning configuration, you must include the `x-amz-mfa request` header and the `Status` and the `MfaDelete` request elements in a request to set the versioning state of the bucket. **Important** If you have an object expiration lifecycle configuration in your non-versioned bucket and you want to maintain the same permanent delete behavior when you enable versioning, you must add a noncurrent expiration policy. The noncurrent expiration lifecycle configuration will manage the deletes of the noncurrent object versions in the version-enabled bucket. (A version-enabled bucket maintains one current and zero or more noncurrent object versions.) For more information, see [Lifecycle and Versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config). The following operations are related to `PutBucketVersioning`: + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) + [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) + [GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?versioning HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-mfa: MFA x-amz-expected-bucket-owner: ExpectedBucketOwner string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketVersioning_RequestSyntax) ** The bucket name. Required: Yes ** [Content-MD5](#API_PutBucketVersioning_RequestSyntax) ** >The Base64 encoded 128-bit `MD5` digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit. For more information, see [RFC 1864](http://www.ietf.org/rfc/rfc1864.txt). For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketVersioning_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-mfa](#API_PutBucketVersioning_RequestSyntax) ** The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. The serial number is the number that uniquely identifies the MFA device. For physical MFA devices, this is the unique serial number that's provided with the device. For virtual MFA devices, the serial number is the device ARN. For more information, see [Enabling versioning on buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) and [Configuring MFA delete](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html) in the *Amazon Simple Storage Service User Guide*. ** [x-amz-sdk-checksum-algorithm](#API_PutBucketVersioning_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [VersioningConfiguration](#API_PutBucketVersioning_RequestSyntax) ** Root level tag for the VersioningConfiguration parameters. Required: Yes ** [MFADelete](#API_PutBucketVersioning_RequestSyntax) ** Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is only returned if the bucket has been configured with MFA delete. If the bucket has never been so configured, this element is not returned. Type: String Valid Values: `Enabled | Disabled` Required: No ** [Status](#API_PutBucketVersioning_RequestSyntax) ** The versioning state of the bucket. Type: String Valid Values: `Enabled | Suspended` Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Sample Request The following request enables versioning for the specified bucket. ``` PUT /?versioning HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 01 Mar 2006 12:00:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: 124 Enabled ``` ### Sample Response This example illustrates one usage of PutBucketVersioning. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT3 ``` ### Sample Request The following request suspends versioning for the specified bucket. ``` PUT /?versioning HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: 124 Suspended ``` ### Sample Response This example illustrates one usage of PutBucketVersioning. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT ``` ### Sample Request The following request enables versioning and MFA Delete on a bucket. Note the space between `[SerialNumber]` and `[TokenCode]` and that you must include `Status` whenever you use `MfaDelete`. ``` PUT /?versioning HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT x-amz-mfa:[SerialNumber] [TokenCode] Authorization: authorization string Content-Type: text/plain Content-Length: 124 Enabled Enabled ``` ### Sample Response This example illustrates one usage of PutBucketVersioning. ``` HTTPS/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMg95r/0zo3emzU4dzsD4rcKCHQUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2006 12:00:00 GMT Location: /colorpictures Content-Length: 0 Connection: close Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketVersioning) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketVersioning) # PutBucketWebsite **Note** This operation is not supported for directory buckets. Sets the configuration of the website that is specified in the `website` subresource. To configure a bucket as a website, you can add this subresource on the bucket with website configuration information such as the file name of the index document and any redirect rules. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). This PUT action requires the `S3:PutBucketWebsite` permission. By default, only the bucket owner can configure the website attached to a bucket; however, bucket owners can allow other users to set the website configuration by writing a bucket policy that grants them the `S3:PutBucketWebsite` permission. To redirect all website requests sent to the bucket's website endpoint, you add a website configuration with the following elements. Because all requests are sent to another website, you don't need to provide index document name for the bucket. + `WebsiteConfiguration` + `RedirectAllRequestsTo` + `HostName` + `Protocol` If you want granular control over redirects, you can use the following elements to add routing rules that describe conditions for redirecting requests and information about the redirect destination. In this case, the website configuration must provide an index document for the bucket, because some requests might not be redirected. + `WebsiteConfiguration` + `IndexDocument` + `Suffix` + `ErrorDocument` + `Key` + `RoutingRules` + `RoutingRule` + `Condition` + `HttpErrorCodeReturnedEquals` + `KeyPrefixEquals` + `Redirect` + `Protocol` + `HostName` + `ReplaceKeyPrefixWith` + `ReplaceKeyWith` + `HttpRedirectCode` Amazon S3 has a limitation of 50 routing rules per website configuration. If you require more than 50 routing rules, you can use object redirect. For more information, see [Configuring an Object Redirect](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) in the *Amazon S3 User Guide*. The maximum request length is limited to 128 KB. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?website HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string string string string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutBucketWebsite_RequestSyntax) ** The bucket name. Required: Yes ** [Content-MD5](#API_PutBucketWebsite_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit. For more information, see [RFC 1864](http://www.ietf.org/rfc/rfc1864.txt). For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutBucketWebsite_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutBucketWebsite_RequestSyntax) ** Indicates the algorithm used to create the checksum for the request when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [WebsiteConfiguration](#API_PutBucketWebsite_RequestSyntax) ** Root level tag for the WebsiteConfiguration parameters. Required: Yes ** [ErrorDocument](#API_PutBucketWebsite_RequestSyntax) ** The name of the error document for the website. Type: [ErrorDocument](API_ErrorDocument.md) data type Required: No ** [IndexDocument](#API_PutBucketWebsite_RequestSyntax) ** The name of the index document for the website. Type: [IndexDocument](API_IndexDocument.md) data type Required: No ** [RedirectAllRequestsTo](#API_PutBucketWebsite_RequestSyntax) ** The redirect behavior for every request to this bucket's website endpoint. If you specify this property, you can't specify any other property. Type: [RedirectAllRequestsTo](API_RedirectAllRequestsTo.md) data type Required: No ** [RoutingRules](#API_PutBucketWebsite_RequestSyntax) ** Rules that define when a redirect is applied and the redirect behavior. Type: Array of [RoutingRule](API_RoutingRule.md) data types Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### Example 1: Configure bucket as a website (add website configuration) The following request configures a bucket example.com as a website. The configuration in the request specifies index.html as the index document. It also specifies the optional error document, SomeErrorDocument.html. ``` PUT ?website HTTP/1.1 Host: example.com.s3..amazonaws.com Content-Length: 256 Date: Thu, 27 Jan 2011 12:00:00 GMT Authorization: signatureValue index.html SomeErrorDocument.html ``` ### Sample Response This example illustrates one usage of PutBucketWebsite. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 80CD4368BD211111 Date: Thu, 27 Jan 2011 00:00:00 GMT Content-Length: 0 Server: AmazonS3 ``` ### Example 2: Configure bucket as a website but redirect all requests The following request configures a bucket `www.example.com` as a website. However, the configuration specifies that all GET requests for the www.example.com bucket's website endpoint will be redirected to host example.com. This redirect can be useful when you want to serve requests for both `http://www.example.com` and `http://example.com`, but you want to maintain the website content in only one bucket, in this case, `example.com`. ``` PUT ?website HTTP/1.1 Host: www.example.com.s3..amazonaws.com Content-Length: length-value Date: Thu, 27 Jan 2011 12:00:00 GMT Authorization: signatureValue example.com ``` ### Example 3: Configure bucket as a website and specify optional redirection rules Example 1 is the simplest website configuration. It configures a bucket as a website by providing only an index document and an error document. You can further customize the website configuration by adding routing rules that redirect requests for one or more objects. For example, suppose that your bucket contained the following objects: + index.html + docs/article1.html + docs/article2.html If you decided to rename the folder from `docs/` to `documents/`, you would need to redirect requests for prefix `/docs` to `documents/`. For example, a request for docs/article1.html will need to be redirected to documents/article1.html. In this case, you update the website configuration and add a routing rule as shown in the following request. ``` PUT ?website HTTP/1.1 Host: www.example.com.s3..amazonaws.com Content-Length: length-value Date: Thu, 27 Jan 2011 12:00:00 GMT Authorization: signatureValue index.html Error.html docs/ documents/ ``` ### Example 4: Configure a bucket as a website and redirect errors You can use a routing rule to specify a condition that checks for a specific HTTP error code. When a page request results in this error, you can optionally reroute requests. For example, you might route requests to another host and optionally process the error. The routing rule in the following requests redirects requests to an EC2 instance in the event of an HTTP error 404. For illustration, the redirect also inserts an object key prefix `report-404/` in the redirect. For example, if you request a page `ExamplePage.html` and it results in an HTTP 404 error, the request is routed to a page `report-404/testPage.html` on the specified EC2 instance. If there is no routing rule and the HTTP error 404 occurred, then `Error.html` would be returned. ``` PUT ?website HTTP/1.1 Host: www.example.com.s3..amazonaws.com Content-Length: 580 Date: Thu, 27 Jan 2011 12:00:00 GMT Authorization: signatureValue index.html Error.html 404 ec2-11-22-333-44.compute-1.amazonaws.com report-404/ ``` ### Example 5: Configure a bucket as a website and redirect folder requests to a page Suppose you have the following pages in your bucket: + images/photo1.jpg + images/photo2.jpg + images/photo3.jpg Now you want to route requests for all pages with the images/ prefix to go to a single page, errorpage.html. You can add a website configuration to your bucket with the routing rule shown in the following request. ``` PUT ?website HTTP/1.1 Host: www.example.com.s3..amazonaws.com Content-Length: 481 Date: Thu, 27 Jan 2011 12:00:00 GMT Authorization: signatureValue index.html Error.html images/ errorpage.html ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketWebsite) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutBucketWebsite) # PutObject **Important** End of support notice: As of October 1, 2025, Amazon S3 has discontinued support for Email Grantee Access Control Lists (ACLs). If you attempt to use an Email Grantee ACL in a request after October 1, 2025, the request will receive an `HTTP 405` (Method Not Allowed) error. This change affects the following AWS Regions: US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), and South America (São Paulo). Adds an object to a bucket. **Note** Amazon S3 never adds partial objects; if you receive a success response, Amazon S3 added the entire object to the bucket. You cannot use `PutObject` to only update a single piece of metadata for an existing object. You must put the entire object with updated metadata if you want to update some values. If your bucket uses the bucket owner enforced setting for Object Ownership, ACLs are disabled and no longer affect permissions. All objects written to the bucket by any account will be owned by the bucket owner. **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Amazon S3 is a distributed system. If it receives multiple write requests for the same object simultaneously, it overwrites all but the last object written. However, Amazon S3 provides features that can modify this behavior: + **S3 Object Lock** - To prevent objects from being deleted or overwritten, you can use [Amazon S3 Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html) in the *Amazon S3 User Guide*. **Note** This functionality is not supported for directory buckets. + **If-None-Match** - Uploads the object only if the object key name does not already exist in the specified bucket. Otherwise, Amazon S3 returns a `412 Precondition Failed` error. If a conflicting operation occurs during the upload, S3 returns a `409 ConditionalRequestConflict` response. On a 409 failure, retry the upload. Expects the \$1 character (asterisk). For more information, see [Add preconditions to S3 operations with conditional requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html) in the *Amazon S3 User Guide* or [RFC 7232](https://datatracker.ietf.org/doc/rfc7232/). **Note** This functionality is not supported for S3 on Outposts. + **S3 Versioning** - When you enable versioning for a bucket, if Amazon S3 receives multiple write requests for the same object simultaneously, it stores all versions of the objects. For each write request that is made to the same object, Amazon S3 automatically generates a unique version ID of that object being stored in Amazon S3. You can retrieve, replace, or delete any version of the object. For more information about versioning, see [Adding Objects to Versioning-Enabled Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) in the *Amazon S3 User Guide*. For information about returning the versioning state of a bucket, see [GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). **Note** This functionality is not supported for directory buckets. Permissions + **General purpose bucket permissions** - The following permissions are required in your policies when your `PutObject` request includes specific headers. + ** `s3:PutObject` ** - To successfully complete the `PutObject` request, you must always have the `s3:PutObject` permission on a bucket to add an object to it. + ** `s3:PutObjectAcl` ** - To successfully change the objects ACL of your `PutObject` request, you must have the `s3:PutObjectAcl`. + ** `s3:PutObjectTagging` ** - To successfully set the tag-set with your `PutObject` request, you must have the `s3:PutObjectTagging`. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). If the object is encrypted with SSE-KMS, you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key. Data integrity with Content-MD5 + **General purpose bucket** - To ensure that data is not corrupted traversing the network, use the `Content-MD5` header. When you use this header, Amazon S3 checks the object against the provided MD5 value and, if they do not match, Amazon S3 returns an error. Alternatively, when the object's ETag is its MD5 digest, you can calculate the MD5 while putting the object to Amazon S3 and compare the returned ETag to the calculated MD5 value. + **Directory bucket** - This functionality is not supported for directory buckets. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Errors + You might receive an `InvalidRequest` error for several reasons. Depending on the reason for the error, you might receive one of the following messages: + Cannot specify both a write offset value and user-defined object metadata for existing objects. + Checksum Type mismatch occurred, expected checksum Type: sha1, actual checksum Type: crc32c. + Request body cannot be empty when 'write offset' is specified. For more information about related Amazon S3 APIs, see the following: + [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) + [DeleteObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /Key+ HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-acl: ACL Cache-Control: CacheControl Content-Disposition: ContentDisposition Content-Encoding: ContentEncoding Content-Language: ContentLanguage Content-Length: ContentLength Content-MD5: ContentMD5 Content-Type: ContentType x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-checksum-crc32: ChecksumCRC32 x-amz-checksum-crc32c: ChecksumCRC32C x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-checksum-sha1: ChecksumSHA1 x-amz-checksum-sha256: ChecksumSHA256 Expires: Expires If-Match: IfMatch If-None-Match: IfNoneMatch x-amz-grant-full-control: GrantFullControl x-amz-grant-read: GrantRead x-amz-grant-read-acp: GrantReadACP x-amz-grant-write-acp: GrantWriteACP x-amz-write-offset-bytes: WriteOffsetBytes x-amz-server-side-encryption: ServerSideEncryption x-amz-storage-class: StorageClass x-amz-website-redirect-location: WebsiteRedirectLocation x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-request-payer: RequestPayer x-amz-tagging: Tagging x-amz-object-lock-mode: ObjectLockMode x-amz-object-lock-retain-until-date: ObjectLockRetainUntilDate x-amz-object-lock-legal-hold: ObjectLockLegalHoldStatus x-amz-expected-bucket-owner: ExpectedBucketOwner Body ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutObject_RequestSyntax) ** The bucket name to which the PUT action was initiated. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Cache-Control](#API_PutObject_RequestSyntax) ** Can be used to specify caching behavior along the request/reply chain. For more information, see [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html\$1sec14.9](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9). ** [Content-Disposition](#API_PutObject_RequestSyntax) ** Specifies presentational information for the object. For more information, see [https://www.rfc-editor.org/rfc/rfc6266\$1section-4](https://www.rfc-editor.org/rfc/rfc6266#section-4). ** [Content-Encoding](#API_PutObject_RequestSyntax) ** Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see [https://www.rfc-editor.org/rfc/rfc9110.html\$1field.content-encoding](https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding). ** [Content-Language](#API_PutObject_RequestSyntax) ** The language the content is in. ** [Content-Length](#API_PutObject_RequestSyntax) ** Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see [https://www.rfc-editor.org/rfc/rfc9110.html\$1name-content-length](https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length). ** [Content-MD5](#API_PutObject_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the message (without the headers) according to RFC 1864. This header can be used as a message integrity check to verify that the data is the same data that was originally sent. Although it is optional, we recommend using the Content-MD5 mechanism as an end-to-end integrity check. For more information about REST request authentication, see [REST Authentication](https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). The `Content-MD5` or `x-amz-sdk-checksum-algorithm` header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see [Uploading objects to an Object Lock enabled bucket ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-put-object) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [Content-Type](#API_PutObject_RequestSyntax) ** A standard MIME type describing the format of the contents. For more information, see [https://www.rfc-editor.org/rfc/rfc9110.html\$1name-content-type](https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type). ** [Expires](#API_PutObject_RequestSyntax) ** The date and time at which the object is no longer cacheable. For more information, see [https://www.rfc-editor.org/rfc/rfc7234\$1section-5.3](https://www.rfc-editor.org/rfc/rfc7234#section-5.3). ** [If-Match](#API_PutObject_RequestSyntax) ** Uploads the object only if the ETag (entity tag) value provided during the WRITE operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a `412 Precondition Failed` error. If a conflicting operation occurs during the upload S3 returns a `409 ConditionalRequestConflict` response. On a 409 failure you should fetch the object's ETag and retry the upload. Expects the ETag value as a string. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232), or [Conditional requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html) in the *Amazon S3 User Guide*. ** [If-None-Match](#API_PutObject_RequestSyntax) ** Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a `412 Precondition Failed` error. If a conflicting operation occurs during the upload S3 returns a `409 ConditionalRequestConflict` response. On a 409 failure you should retry the upload. Expects the '\$1' (asterisk) character. For more information about conditional requests, see [RFC 7232](https://tools.ietf.org/html/rfc7232), or [Conditional requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html) in the *Amazon S3 User Guide*. ** [Key](#API_PutObject_RequestSyntax) ** Object key for which the PUT action was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [x-amz-acl](#API_PutObject_RequestSyntax) ** The canned ACL to apply to the object. For more information, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) in the *Amazon S3 User Guide*. When adding a new object, you can use headers to grant ACL-based permissions to individual AWS accounts or to predefined groups defined by Amazon S3. These permissions are then added to the ACL on the object. By default, all objects are private. Only the owner has full access control. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) and [Managing ACLs Using the REST API](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) in the *Amazon S3 User Guide*. If the bucket that you're uploading objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only accept PUT requests that don't specify an ACL or PUT requests that specify bucket owner full control ACLs, such as the `bucket-owner-full-control` canned ACL or an equivalent form of this ACL expressed in the XML format. PUT requests that contain other ACLs (for example, custom grants to certain AWS accounts) fail and return a `400` error with the error code `AccessControlListNotSupported`. For more information, see [ Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. Valid Values: `private | public-read | public-read-write | authenticated-read | aws-exec-read | bucket-owner-read | bucket-owner-full-control` ** [x-amz-checksum-crc32](#API_PutObject_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32` checksum of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc32c](#API_PutObject_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32C` checksum of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc64nvme](#API_PutObject_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit `CRC64NVME` checksum of the object. The `CRC64NVME` checksum is always a full object checksum. For more information, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). ** [x-amz-checksum-sha1](#API_PutObject_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 160-bit `SHA1` digest of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha256](#API_PutObject_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 256-bit `SHA256` digest of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-expected-bucket-owner](#API_PutObject_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-grant-full-control](#API_PutObject_RequestSyntax) ** Gives the grantee READ, READ\$1ACP, and WRITE\$1ACP permissions on the object. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read](#API_PutObject_RequestSyntax) ** Allows grantee to read the object data and its metadata. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read-acp](#API_PutObject_RequestSyntax) ** Allows grantee to read the object ACL. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-write-acp](#API_PutObject_RequestSyntax) ** Allows grantee to write the ACL for the applicable object. + This functionality is not supported for directory buckets. + This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-object-lock-legal-hold](#API_PutObject_RequestSyntax) ** Specifies whether a legal hold will be applied to this object. For more information about S3 Object Lock, see [Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `ON | OFF` ** [x-amz-object-lock-mode](#API_PutObject_RequestSyntax) ** The Object Lock mode that you want to apply to this object. This functionality is not supported for directory buckets. Valid Values: `GOVERNANCE | COMPLIANCE` ** [x-amz-object-lock-retain-until-date](#API_PutObject_RequestSyntax) ** The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter. This functionality is not supported for directory buckets. ** [x-amz-request-payer](#API_PutObject_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_PutObject_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum-algorithm ` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with the supported algorithm from the following list: + `CRC32` + `CRC32C` + `CRC64NVME` + `SHA1` + `SHA256` For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If the individual checksum value you provide through `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you set through `x-amz-sdk-checksum-algorithm`, Amazon S3 fails the request with a `BadDigest` error. The `Content-MD5` or `x-amz-sdk-checksum-algorithm` header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see [Uploading objects to an Object Lock enabled bucket ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-put-object) in the *Amazon S3 User Guide*. For directory buckets, when you use AWS SDKs, `CRC32` is the default checksum algorithm that's used for performance. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ** [x-amz-server-side-encryption](#API_PutObject_RequestSyntax) ** The server-side encryption algorithm that was used when you store this object in Amazon S3 or Amazon FSx. + **General purpose buckets ** - You have four mutually exclusive options to protect data using server-side encryption in Amazon S3, depending on how you choose to manage the encryption keys. Specifically, the encryption key options are Amazon S3 managed keys (SSE-S3), AWS KMS keys (SSE-KMS or DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at rest by using server-side encryption with other key options. For more information, see [Using Server-Side Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon S3 User Guide*. + **Directory buckets ** - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your `CreateSession` requests or `PUT` object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. For more information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with AWS KMS for new object uploads](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html). In the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)) using the REST API, the encryption request headers must match the encryption settings that are specified in the `CreateSession` request. You can't override the values of the encryption settings (`x-amz-server-side-encryption`, `x-amz-server-side-encryption-aws-kms-key-id`, `x-amz-server-side-encryption-context`, and `x-amz-server-side-encryption-bucket-key-enabled`) that are specified in the `CreateSession` request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the `CreateSession` request to protect new objects in the directory bucket. **Note** When you use the CLI or the AWS SDKs, for `CreateSession`, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the AWS SDKs use the bucket's default encryption configuration for the `CreateSession` request. It's not supported to override the encryption settings values in the `CreateSession` request. So in the Zonal endpoint API calls (except [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)), the encryption request headers must match the default encryption configuration of the directory bucket. + **S3 access points for Amazon FSx ** - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_PutObject_RequestSyntax) ** Specifies the AWS KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID. **General purpose buckets** - If you specify `x-amz-server-side-encryption` with `aws:kms` or `aws:kms:dsse`, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the AWS KMS key to use. If you specify `x-amz-server-side-encryption:aws:kms` or `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the AWS managed key (`aws/s3`) to protect the data. **Directory buckets** - To encrypt data using SSE-KMS, it's recommended to specify the `x-amz-server-side-encryption` header to `aws:kms`. Then, the `x-amz-server-side-encryption-aws-kms-key-id` header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the ` x-amz-server-side-encryption-aws-kms-key-id` header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (`aws/s3`) isn't supported. Incorrect key specification results in an HTTP `400 Bad Request` error. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_PutObject_RequestSyntax) ** Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using AWS Key Management Service (AWS KMS) keys (SSE-KMS). **General purpose buckets** - Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key. **Directory buckets** - S3 Bucket Keys are always enabled for `GET` and `PUT` operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html), [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html), [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops), or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job). In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object. ** [x-amz-server-side-encryption-context](#API_PutObject_RequestSyntax) ** Specifies the AWS KMS Encryption Context as an additional encryption context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to AWS KMS for future `GetObject` operations on this object. **General purpose buckets** - This value must be explicitly added during `CopyObject` operations if you want an additional encryption context for your object. For more information, see [Encryption context](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context) in the *Amazon S3 User Guide*. **Directory buckets** - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported. ** [x-amz-server-side-encryption-customer-algorithm](#API_PutObject_RequestSyntax) ** Specifies the algorithm to use when encrypting the object (for example, `AES256`). This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_PutObject_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm` header. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_PutObject_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported for directory buckets. ** [x-amz-storage-class](#API_PutObject_RequestSyntax) ** By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see [Storage Classes](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) in the *Amazon S3 User Guide*. + Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. + Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` ** [x-amz-tagging](#API_PutObject_RequestSyntax) ** The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1") This functionality is not supported for directory buckets. ** [x-amz-website-redirect-location](#API_PutObject_RequestSyntax) ** If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. For information about object metadata, see [Object Key and Metadata](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html) in the *Amazon S3 User Guide*. In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket: `x-amz-website-redirect-location: /anotherPage.html` In the following example, the request header sets the object redirect to another website: `x-amz-website-redirect-location: http://www.example.com/` For more information about website hosting in Amazon S3, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) and [How to Configure Website Page Redirects](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. ** [x-amz-write-offset-bytes](#API_PutObject_RequestSyntax) ** Specifies the offset for appending data to existing objects in bytes. The offset must be equal to the size of the existing object being appended to. If no object exists, setting this header to 0 will create a new object. This functionality is only supported for objects in the Amazon S3 Express One Zone storage class in directory buckets. ## Request Body The request accepts the following binary data. ** [Body](#API_PutObject_RequestSyntax) ** ## Response Syntax ``` HTTP/1.1 200 x-amz-expiration: Expiration ETag: ETag x-amz-checksum-crc32: ChecksumCRC32 x-amz-checksum-crc32c: ChecksumCRC32C x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-checksum-sha1: ChecksumSHA1 x-amz-checksum-sha256: ChecksumSHA256 x-amz-checksum-type: ChecksumType x-amz-server-side-encryption: ServerSideEncryption x-amz-version-id: VersionId x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-context: SSEKMSEncryptionContext x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-object-size: Size x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [ETag](#API_PutObject_ResponseSyntax) ** Entity tag for the uploaded object. **General purpose buckets ** - To ensure that data is not corrupted traversing the network, for objects where the ETag is the MD5 digest of the object, you can calculate the MD5 while putting an object to Amazon S3 and compare the returned ETag to the calculated MD5 value. **Directory buckets ** - The ETag for the object in a directory bucket isn't the MD5 digest of the object. ** [x-amz-checksum-crc32](#API_PutObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32 checksum` of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc32c](#API_PutObject_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32C` checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc64nvme](#API_PutObject_ResponseSyntax) ** The Base64 encoded, 64-bit `CRC64NVME` checksum of the object. This header is present if the object was uploaded with the `CRC64NVME` checksum algorithm, or if it was uploaded without a checksum (and Amazon S3 added the default checksum, `CRC64NVME`, to the uploaded object). For more information about how checksums are calculated with multipart uploads, see [Checking object integrity in the Amazon S3 User Guide](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html). ** [x-amz-checksum-sha1](#API_PutObject_ResponseSyntax) ** The Base64 encoded, 160-bit `SHA1` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha256](#API_PutObject_ResponseSyntax) ** The Base64 encoded, 256-bit `SHA256` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-type](#API_PutObject_ResponseSyntax) ** This header specifies the checksum type of the object, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. For `PutObject` uploads, the checksum type is always `FULL_OBJECT`. You can use this header as a data integrity check to verify that the checksum type that is received is the same checksum that was specified. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Valid Values: `COMPOSITE | FULL_OBJECT` ** [x-amz-expiration](#API_PutObject_ResponseSyntax) ** If the expiration is configured for the object (see [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)) in the *Amazon S3 User Guide*, the response includes this header. It includes the `expiry-date` and `rule-id` key-value pairs that provide information about object expiration. The value of the `rule-id` is URL-encoded. Object expiration information is not returned in directory buckets and this header returns the value "`NotImplemented`" in all responses for directory buckets. ** [x-amz-object-size](#API_PutObject_ResponseSyntax) ** The size of the object in bytes. This value is only be present if you append to an object. This functionality is only supported for objects in the Amazon S3 Express One Zone storage class in directory buckets. ** [x-amz-request-charged](#API_PutObject_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_PutObject_ResponseSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_PutObject_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_PutObject_ResponseSyntax) ** Indicates whether the uploaded object uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-server-side-encryption-context](#API_PutObject_ResponseSyntax) ** If present, indicates the AWS KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to AWS KMS for future `GetObject` operations on this object. ** [x-amz-server-side-encryption-customer-algorithm](#API_PutObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_PutObject_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key. This functionality is not supported for directory buckets. ** [x-amz-version-id](#API_PutObject_ResponseSyntax) ** Version ID of the object. If you enable versioning for a bucket, Amazon S3 automatically generates a unique version ID for the object being stored. Amazon S3 returns this ID in the response. When you enable versioning for a bucket, if Amazon S3 receives multiple write requests for the same object simultaneously, it stores all of the objects. For more information about versioning, see [Adding Objects to Versioning-Enabled Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) in the *Amazon S3 User Guide*. For information about returning the versioning state of a bucket, see [GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). This functionality is not supported for directory buckets. ## Errors ** EncryptionTypeMismatch ** The existing object was created with a different encryption type. Subsequent write requests must include the appropriate encryption parameters in the request or while creating the session. HTTP Status Code: 400 ** InvalidRequest ** A parameter or header in your request isn't valid. For details, see the description of this API operation. HTTP Status Code: 400 ** InvalidWriteOffset ** The write offset value that you specified does not match the current object size. HTTP Status Code: 400 ** TooManyParts ** You have attempted to add more parts than the maximum of 10000 that are allowed for this object. You can use the CopyObject operation to copy this object to another and then add more data to the newly copied object. HTTP Status Code: 400 ## Examples ### Example 1 for general purpose buckets: Upload an object The following request stores the `my-image.jpg` file in the `myBucket` bucket. ``` PUT /my-image.jpg HTTP/1.1 Host: myBucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: 11434 x-amz-meta-author: Janet Expect: 100-continue [11434 bytes of object data] ``` ### Sample Response for general purpose buckets: Versioning suspended This example illustrates one usage of PutObject. ``` HTTP/1.1 100 Continue HTTP/1.1 200 OK x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC Date: Wed, 12 Oct 2009 17:50:00 GMT ETag: "1b2cf535f27731c974343645a3985328" Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Response for general purpose buckets: Expiration rule created using lifecycle configuration If an expiration rule that was created on the bucket using lifecycle configuration applies to the object, you get a response with an `x-amz-expiration` header, as shown in the following response. For more information, see [Transitioning Objects: General Considerations](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations). ``` HTTP/1.1 100 Continue HTTP/1.1 200 OK x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC Date: Wed, 12 Oct 2009 17:50:00 GMT x-amz-expiration: expiry-date="Fri, 23 Dec 2012 00:00:00 GMT", rule-id="1" ETag: "1b2cf535f27731c974343645a3985328" Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Response for general purpose buckets: Versioning enabled If the bucket has versioning enabled, the response includes the `x-amz-version-id` header. ``` HTTP/1.1 100 Continue HTTP/1.1 200 OK x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC x-amz-version-id: 43jfkodU8493jnFJD9fjj3HHNVfdsQUIFDNsidf038jfdsjGFDSIRp Date: Wed, 12 Oct 2009 17:50:00 GMT ETag: "fbacf535f27731c9771645a39863328" Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Example 2 for general purpose buckets: Specifying the Reduced Redundancy Storage Class The following request stores the image, `my-image.jpg`, in the `myBucket` bucket. The request specifies the `x-amz-storage-class` header to request that the object is stored using the REDUCED\$1REDUNDANCY storage class. ``` PUT /my-image.jpg HTTP/1.1 Host: myBucket.s3..amazonaws.com Date: Wed, 12 Oct 2009 17:50:00 GMT Authorization: authorization string Content-Type: image/jpeg Content-Length: 11434 Expect: 100-continue x-amz-storage-class: REDUCED_REDUNDANCY ``` ### Sample Response for general purpose buckets This example illustrates one usage of PutObject. ``` HTTP/1.1 100 Continue HTTP/1.1 200 OK x-amz-id-2: LriYPLdmOdAiIfgSm/F1YsViT1LW94/xUQxMsF7xiEb1a0wiIOIxl+zbwZ163pt7 x-amz-request-id: 0A49CE4060975EAC Date: Wed, 12 Oct 2009 17:50:00 GMT ETag: "1b2cf535f27731c974343645a3985328" Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Example 3 for general purpose buckets: Uploading an object and specifying access permissions explicitly The following request stores the `TestObject.txt` file in the `myBucket` bucket. The request specifies various ACL headers to grant permission to AWS accounts that are specified with a canonical user ID and an email address. ``` PUT TestObject.txt HTTP/1.1 Host: myBucket.s3..amazonaws.com x-amz-date: Fri, 13 Apr 2012 05:40:14 GMT Authorization: authorization string x-amz-grant-write-acp: id=8a6925ce4adf588a4532142d3f74dd8c71fa124ExampleCanonicalUserID x-amz-grant-full-control: emailAddress="ExampleUser@amazon.com" x-amz-grant-write: emailAddress="ExampleUser1@amazon.com", emailAddress="ExampleUser2@amazon.com" Content-Length: 300 Expect: 100-continue Connection: Keep-Alive ...Object data in the body... ``` ### Sample Response for general purpose buckets This example illustrates one usage of PutObject. ``` HTTP/1.1 200 OK x-amz-id-2: RUxG2sZJUfS+ezeAS2i0Xj6w/ST6xqF/8pFNHjTjTrECW56SCAUWGg+7QLVoj1GH x-amz-request-id: 8D017A90827290BA Date: Fri, 13 Apr 2012 05:40:25 GMT ETag: "dd038b344cf9553547f8b395a814b274" Content-Length: 0 Server: AmazonS3 ``` ### Example 4 for general purpose buckets: Using a canned ACL to set access permissions The following request stores the `TestObject.txt` file in the myBucket bucket. The request uses an `x-amz-acl` header to specify a canned ACL that grants READ permission to the public. ``` PUT TestObject.txt HTTP/1.1 Host: myBucket.s3..amazonaws.com x-amz-date: Fri, 13 Apr 2012 05:54:57 GMT x-amz-acl: public-read Authorization: authorization string Content-Length: 300 Expect: 100-continue Connection: Keep-Alive ...Object data in the body... ``` ### Sample Response for general purpose buckets This example illustrates one usage of PutObject. ``` HTTP/1.1 200 OK x-amz-id-2: Yd6PSJxJFQeTYJ/3dDO7miqJfVMXXW0S2Hijo3WFs4bz6oe2QCVXasxXLZdMfASd x-amz-request-id: 80DF413BB3D28A25 Date: Fri, 13 Apr 2012 05:54:59 GMT ETag: "dd038b344cf9553547f8b395a814b274" Content-Length: 0 Server: AmazonS3 ``` ### Example 5 for general purpose buckets: Upload an object (Request server-side encryption using a customer-provided encryption key) This example of an upload object requests server-side encryption and provides an encryption key. **Note** If you have server-side encryption with customer-provided keys (SSE-C) blocked for your general purpose bucket, you will get an HTTP 403 Access Denied error when you specify the SSE-C request headers while writing new data to your bucket. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). ``` PUT /example-object HTTP/1.1 Host: example-bucket.s3..amazonaws.com Accept: */* Authorization:authorization string Date: Wed, 28 May 2014 19:31:11 +0000 x-amz-server-side-encryption-customer-key:g0lCfA3Dv40jZz5SQJ1ZukLRFqtI5WorC/8SEEXAMPLE x-amz-server-side-encryption-customer-key-MD5:ZjQrne1X/iTcskbY2example x-amz-server-side-encryption-customer-algorithm:AES256 ``` ### Sample Response for general purpose buckets In the response, Amazon S3 returns the encryption algorithm and MD5 of the encryption key that you specified when uploading the object. The ETag that is returned is not the MD5 of the object. ``` HTTP/1.1 200 OK x-amz-id-2: 7qoYGN7uMuFuYS6m7a4lszH6in+hccE+4DXPmDZ7C9KqucjnZC1gI5mshai6fbMG x-amz-request-id: 06437EDD40C407C7 Date: Wed, 28 May 2014 19:31:12 GMT x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key-MD5: ZjQrne1X/iTcskbY2example ETag: "ae89237c20e759c5f479ece02c642f59" ``` ### Example 6 for general purpose buckets: Upload an object and specify tags This example of an upload object request specifies the optional `x-amz-tagging` header to add tags to the object. After the object is created, Amazon S3 stores the specified object tags in the tagging subresource that is associated with the object. For more information about tagging, see [Object Tagging and Access Control Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html#tagging-and-policies) in the *Amazon S3 User Guide*. ``` PUT /example-object HTTP/1.1 Host: example-bucket.s3..amazonaws.com Accept: */* Authorization:authorization string Date: Thu, 22 Sep 2016 21:58:13 GMT x-amz-tagging: tag1=value1&tag2=value2 [... bytes of object data] ``` ### Sample Response for general purpose buckets This example illustrates one usage of PutObject. ``` HTTP/1.1 200 OK x-amz-id-2: 7qoYGN7uMuFuYS6m7a4lszH6in+hccE+4DXPmDZ7C9KqucjnZC1gI5mshai6fbMG x-amz-request-id: 06437EDD40C407C7 Date: Thu, 22 Sep 2016 21:58:17 GMT ``` ### Example 7 for general purpose buckets: Upload an object and specify the checksum algorithm This example of an upload object request specifies the additional checksum algorithm to use to verify the content of the object. For more information about using additional checksums, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ``` PUT /example-object HTTP/1.1 Host: example-bucket.s3..amazonaws.com x-amz-date: Mon, 22 Mar 2021 23:00:00 GMT Authorization: authorization string Content-Length: 268435456 x-amz-checksum-sha256: 0ea4be78f6c3948588172edc6d8789ffe3cec461f385e0ac447e581731c429b5 [268435456 bytes of object data in the body] ``` ### Sample Response for general purpose buckets This example illustrates one usage of PutObject. ``` HTTP/1.1 200 OK x-amz-id-2: 7qoYGN7uMuFuYS6m7a4lszH6in+hccE+4DXPmDZ7C9KqucjnZC1gI5mshai6fbMG x-amz-request-id: 49CFA2051300FBE9 Date: Mon, 22 Mar 2021 23:00:12 GMT ``` ### Example 8 for directory buckets: Upload an object and append to it The following request creates the `my-application.log` file in the `mybucket` bucket, and appends to it afterwards. ``` PUT /my-application.log HTTP/1.1 Host: mybucket--usw2-az1--x-s3 Date: Fri, 22 Nov 2024 17:50:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: 1048576 [1048576 bytes of object data] PUT /my-application.log HTTP/1.1 Host: mybucket--usw2-az1--x-s3 Date: Fri, 22 Nov 2024 17:50:00 GMT Authorization: authorization string Content-Type: text/plain Content-Length: 524288 x-amz-write-offset-bytes: 1048576 [524288 bytes of object data] ``` ### Sample Response for directory buckets This example illustrates one usage of PutObject. ``` HTTP/1.1 200 OK x-amz-request-id: 06437EDD40C407C7 x-amz-id-2: 7qoYGN7uMuFuYS6m7a4lszH6in+hccE+4DXPmDZ7C9KqucjnZC1gI5mshai6fbMG etag: "ae89237c20e759c5f479ece02c642f59" x-amz-object-size: 1572864 ``` ## Constraints (AI generated) This content was generated using AI technology that has in-depth knowledge of AWS API operations. [Provide feedback on this content.](https://docs-feedback.aws.amazon.com/feedback.jsp?hidden_service_name=S3&topic_url=https://[…]mazon.com/en_us/AmazonS3/latest/API/API_PutObject.html) For Encryption parameters: + You must not pass parameters that don't apply to the type of encryption that you're setting. For example, you cannot pass both `SSECustomerKey`, which is used for server-side encryption with customer-provided keys (SSE-C), and `SSEKMSKeyId`, which is used for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), in the same request. + When using server-side encryption with customer-provided keys (SSE-C), you must pass all three parameters: `SSECustomerAlgorithm`, `SSECustomerKey`, and `SSECustomerKeyMD5`. In addition, the value of `SSECustomerAlgorithm` must be `AES256`. + When using server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), you must set the value of `ServerSideEncryption` to `aws:kms`. You can also use `SSEKMSKeyId` to specify the ARN for a specific customer managed KMS encryption key. Additionally, you cannot pass `SSECustomerAlgorithm` when using SSE-KMS. For Object Lock parameters: + Object Lock parameters must be paired. If you specify `ObjectLockMode`, you must also specify `ObjectLockRetainUntilDate`, and vice versa. Either specify both parameters or neither one. For Checksum parameters: + When you specify a particular `ChecksumAlgorithm` value, you can only pass the checksum parameter that corresponds to that algorithm. For example, if you specify the value `CRC32` for `ChecksumAlgorithm`, you must only pass `ChecksumCRC32` for the CRC-32 algorithm. In this case, you cannot pass any of the following parameters, which are specific to the CRC-32C `(CRC32C)`, SHA-1 `(SHA1)`, and SHA-256 `(SHA256)` checksum algorithms respectively: `ChecksumCRC32C`, `ChecksumSHA1`, or `ChecksumSHA256`. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutObject) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutObject) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutObject) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutObject) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutObject) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutObject) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutObject) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutObject) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutObject) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutObject) # PutObjectAcl **Important** End of support notice: As of October 1, 2025, Amazon S3 has discontinued support for Email Grantee Access Control Lists (ACLs). If you attempt to use an Email Grantee ACL in a request after October 1, 2025, the request will receive an `HTTP 405` (Method Not Allowed) error. This change affects the following AWS Regions: US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), and South America (São Paulo). **Note** This operation is not supported for directory buckets. Uses the `acl` subresource to set the access control list (ACL) permissions for a new or existing object in an S3 bucket. You must have the `WRITE_ACP` permission to set the ACL of an object. For more information, see [What permissions can I grant?](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions) in the *Amazon S3 User Guide*. This functionality is not supported for Amazon S3 on Outposts. Depending on your application needs, you can choose to set the ACL on an object using either the request body or the headers. For example, if you have an existing application that updates a bucket ACL using the request body, you can continue to use that approach. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the *Amazon S3 User Guide*. **Important** If your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. You must use policies to grant access to your bucket and the objects in it. Requests to set ACLs or update ACLs fail and return the `AccessControlListNotSupported` error code. Requests to read ACLs are still supported. For more information, see [Controlling object ownership](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. Permissions You can set access permissions using one of the following methods: + Specify a canned ACL with the `x-amz-acl` request header. Amazon S3 supports a set of predefined ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees and permissions. Specify the canned ACL name as the value of `x-amz-ac`l. If you use this header, you cannot use other access control-specific headers in your request. For more information, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). + Specify access permissions explicitly with the `x-amz-grant-read`, `x-amz-grant-read-acp`, `x-amz-grant-write-acp`, and `x-amz-grant-full-control` headers. When using these headers, you specify explicit access permissions and grantees (AWS accounts or Amazon S3 groups) who will receive the permission. If you use these ACL-specific headers, you cannot use `x-amz-acl` header to set a canned ACL. These parameters map to the set of permissions that Amazon S3 supports in an ACL. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). You specify each grantee as a type=value pair, where the type is one of the following: + `id` – if the value specified is the canonical user ID of an AWS account + `uri` – if you are granting permissions to a predefined group + `emailAddress` – if the value specified is the email address of an AWS account **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. For example, the following `x-amz-grant-read` header grants list objects permission to the two AWS accounts identified by their email addresses. `x-amz-grant-read: emailAddress="xyz@amazon.com", emailAddress="abc@amazon.com" ` You can use either a canned ACL or specify access permissions explicitly. You cannot do both. Grantee Values You can specify the person (grantee) to whom you're assigning access rights (using request elements) in the following ways. For examples of how to specify these grantee values in JSON format, see the AWS CLI example in [ Enabling Amazon S3 server access logging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html) in the *Amazon S3 User Guide*. + By the person's ID: `<>ID<><>GranteesEmail<> ` DisplayName is optional and ignored in the request. + By URI: `<>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<>` + By Email address: `<>Grantees@email.com<>lt;/Grantee>` The grantee is resolved to the CanonicalUser and, in a response to a GET Object acl request, appears as the CanonicalUser. **Note** Using email addresses to specify a grantee is only supported in the following AWS Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the AWS General Reference. Versioning The ACL of an object is set at the object version level. By default, PUT sets the ACL of the current version of an object. To set the ACL of a different version, use the `versionId` subresource. The following operations are related to `PutObjectAcl`: + [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /{Key+}?acl&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-acl: ACL Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-grant-full-control: GrantFullControl x-amz-grant-read: GrantRead x-amz-grant-read-acp: GrantReadACP x-amz-grant-write: GrantWrite x-amz-grant-write-acp: GrantWriteACP x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner string string string string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutObjectAcl_RequestSyntax) ** The bucket name that contains the object to which you want to attach the ACL. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Content-MD5](#API_PutObjectAcl_RequestSyntax) ** The Base64 encoded 128-bit `MD5` digest of the data. This header must be used as a message integrity check to verify that the request body was not corrupted in transit. For more information, go to [RFC 1864.>](http://www.ietf.org/rfc/rfc1864.txt) For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [Key](#API_PutObjectAcl_RequestSyntax) ** Key for which the PUT action was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_PutObjectAcl_RequestSyntax) ** Version ID used to reference a specific version of the object. This functionality is not supported for directory buckets. ** [x-amz-acl](#API_PutObjectAcl_RequestSyntax) ** The canned ACL to apply to the object. For more information, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). Valid Values: `private | public-read | public-read-write | authenticated-read | aws-exec-read | bucket-owner-read | bucket-owner-full-control` ** [x-amz-expected-bucket-owner](#API_PutObjectAcl_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-grant-full-control](#API_PutObjectAcl_RequestSyntax) ** Allows grantee the read, write, read ACP, and write ACP permissions on the bucket. This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read](#API_PutObjectAcl_RequestSyntax) ** Allows grantee to list the objects in the bucket. This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-read-acp](#API_PutObjectAcl_RequestSyntax) ** Allows grantee to read the bucket ACL. This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-grant-write](#API_PutObjectAcl_RequestSyntax) ** Allows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects. ** [x-amz-grant-write-acp](#API_PutObjectAcl_RequestSyntax) ** Allows grantee to write the ACL for the applicable bucket. This functionality is not supported for Amazon S3 on Outposts. ** [x-amz-request-payer](#API_PutObjectAcl_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_PutObjectAcl_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [AccessControlPolicy](#API_PutObjectAcl_RequestSyntax) ** Root level tag for the AccessControlPolicy parameters. Required: Yes ** [Grants](#API_PutObjectAcl_RequestSyntax) ** A list of grants. Type: Array of [Grant](API_Grant.md) data types Required: No ** [Owner](#API_PutObjectAcl_RequestSyntax) ** Container for the bucket owner's display name and ID. Type: [Owner](API_Owner.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_PutObjectAcl_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Errors ** NoSuchKey ** The specified key does not exist. HTTP Status Code: 404 ## Examples ### Sample Request The following request grants access permission to an existing object. The request specifies the ACL in the body. In addition to granting full control to the object owner, the XML specifies full control to an AWS account identified by its canonical user ID. ``` PUT /my-image.jpg?acl HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string Content-Length: 124 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a CustomersName@amazon.com 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeeExampleCanonicalUserID CustomerName@amazon.com FULL_CONTROL ``` ### Sample Response The following shows a sample response when versioning on the bucket is enabled. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51T9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 x-amz-version-id: 3/L4kqtJlcpXrof3vjVBH40Nr8X8gdRQBpUMLUo Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Request: Setting the ACL of a specified object version The following request sets the ACL on the specified version of the object. ``` PUT /my-image.jpg?acl&versionId=3HL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nrjfkd HTTP/1.1 Host: bucket.s3..amazonaws.com Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string Content-Length: 124 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a mtd@amazon.com 75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a mtd@amazon.com FULL_CONTROL ``` ### Sample Response This example illustrates one usage of PutObjectAcl. ``` HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51u8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 x-amz-version-id: 3/L4kqtJlcpXro3vjVBH40Nr8X8gdRQBpUMLUo Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT Content-Length: 0 Connection: close Server: AmazonS3 ``` ### Sample Request: Access permissions specified using headers The following request sets the ACL on the specified version of the object. ``` PUT ExampleObject.txt?acl HTTP/1.1 Host: examplebucket.s3..amazonaws.com x-amz-acl: public-read Accept: */* Authorization: authorization string Host: s3.amazonaws.com Connection: Keep-Alive ``` ### Sample Response This example illustrates one usage of PutObjectAcl. ``` HTTP/1.1 200 OK x-amz-id-2: w5YegkbG6ZDsje4WK56RWPxNQHIQ0CjrjyRVFZhEJI9E3kbabXnBO9w5G7Dmxsgk x-amz-request-id: C13B2827BD8455B1 Date: Sun, 29 Apr 2012 23:24:12 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutObjectAcl) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutObjectAcl) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutObjectAcl) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutObjectAcl) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutObjectAcl) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutObjectAcl) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutObjectAcl) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutObjectAcl) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutObjectAcl) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutObjectAcl) # PutObjectLegalHold **Note** This operation is not supported for directory buckets. Applies a legal hold configuration to the specified object. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). This functionality is not supported for Amazon S3 on Outposts. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /{Key+}?legal-hold&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutObjectLegalHold_RequestSyntax) ** The bucket name containing the object that you want to place a legal hold on. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Required: Yes ** [Content-MD5](#API_PutObjectLegalHold_RequestSyntax) ** The MD5 hash for the request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [Key](#API_PutObjectLegalHold_RequestSyntax) ** The key name for the object that you want to place a legal hold on. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_PutObjectLegalHold_RequestSyntax) ** The version ID of the object that you want to place a legal hold on. ** [x-amz-expected-bucket-owner](#API_PutObjectLegalHold_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_PutObjectLegalHold_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_PutObjectLegalHold_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [LegalHold](#API_PutObjectLegalHold_RequestSyntax) ** Root level tag for the LegalHold parameters. Required: Yes ** [Status](#API_PutObjectLegalHold_RequestSyntax) ** Indicates whether the specified object has a legal hold in place. Type: String Valid Values: `ON | OFF` Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_PutObjectLegalHold_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutObjectLegalHold) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutObjectLegalHold) # PutObjectLockConfiguration **Note** This operation is not supported for directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). **Note** The `DefaultRetention` settings require both a mode and a period. The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time. You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html). **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?object-lock HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-bucket-object-lock-token: Token Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string integer string integer ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutObjectLockConfiguration_RequestSyntax) ** The bucket whose Object Lock configuration you want to create or replace. Required: Yes ** [Content-MD5](#API_PutObjectLockConfiguration_RequestSyntax) ** The MD5 hash for the request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-bucket-object-lock-token](#API_PutObjectLockConfiguration_RequestSyntax) ** A token to allow Object Lock to be enabled for an existing bucket. ** [x-amz-expected-bucket-owner](#API_PutObjectLockConfiguration_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_PutObjectLockConfiguration_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_PutObjectLockConfiguration_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [ObjectLockConfiguration](#API_PutObjectLockConfiguration_RequestSyntax) ** Root level tag for the ObjectLockConfiguration parameters. Required: Yes ** [ObjectLockEnabled](#API_PutObjectLockConfiguration_RequestSyntax) ** Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket. Type: String Valid Values: `Enabled` Required: No ** [Rule](#API_PutObjectLockConfiguration_RequestSyntax) ** Specifies the Object Lock rule for the specified object. Enable the this rule when you apply `ObjectLockConfiguration` to a bucket. Bucket settings require both a mode and a period. The period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time. Type: [ObjectLockRule](API_ObjectLockRule.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_PutObjectLockConfiguration_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutObjectLockConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutObjectLockConfiguration) # PutObjectRetention **Note** This operation is not supported for directory buckets. Places an Object Retention configuration on an object. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). Users or accounts require the `s3:PutObjectRetention` permission in order to place an Object Retention configuration on objects. Bypassing a Governance Retention configuration requires the `s3:BypassGovernanceRetention` permission. This functionality is not supported for Amazon S3 on Outposts. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /{Key+}?retention&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-bypass-governance-retention: BypassGovernanceRetention Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string timestamp ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutObjectRetention_RequestSyntax) ** The bucket name that contains the object you want to apply this Object Retention configuration to. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Required: Yes ** [Content-MD5](#API_PutObjectRetention_RequestSyntax) ** The MD5 hash for the request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [Key](#API_PutObjectRetention_RequestSyntax) ** The key name for the object that you want to apply this Object Retention configuration to. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_PutObjectRetention_RequestSyntax) ** The version ID for the object that you want to apply this Object Retention configuration to. ** [x-amz-bypass-governance-retention](#API_PutObjectRetention_RequestSyntax) ** Indicates whether this action should bypass Governance-mode restrictions. ** [x-amz-expected-bucket-owner](#API_PutObjectRetention_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_PutObjectRetention_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_PutObjectRetention_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [Retention](#API_PutObjectRetention_RequestSyntax) ** Root level tag for the Retention parameters. Required: Yes ** [Mode](#API_PutObjectRetention_RequestSyntax) ** Indicates the Retention mode for the specified object. Type: String Valid Values: `GOVERNANCE | COMPLIANCE` Required: No ** [RetainUntilDate](#API_PutObjectRetention_RequestSyntax) ** The date on which this Object Lock Retention will expire. Type: Timestamp Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_PutObjectRetention_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutObjectRetention) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutObjectRetention) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutObjectRetention) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutObjectRetention) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutObjectRetention) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutObjectRetention) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutObjectRetention) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutObjectRetention) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutObjectRetention) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutObjectRetention) # PutObjectTagging **Note** This operation is not supported for directory buckets. Sets the supplied tag-set to an object that already exists in a bucket. A tag is a key-value pair. For more information, see [Object Tagging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html). You can associate tags with an object by sending a PUT request against the tagging subresource that is associated with the object. You can retrieve tags by sending a GET request. For more information, see [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html). For tagging-related restrictions related to characters and encodings, see [Tag Restrictions](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html). Note that Amazon S3 limits the maximum number of tags to 10 tags per object. To use this operation, you must have permission to perform the `s3:PutObjectTagging` action. By default, the bucket owner has this permission and can grant this permission to others. To put tags of any other version, use the `versionId` query parameter. You also need permission for the `s3:PutObjectVersionTagging` action. `PutObjectTagging` has the following special errors. For more Amazon S3 errors see, [Error Responses](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). + `InvalidTag` - The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For more information, see [Object Tagging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html). + `MalformedXML` - The XML provided does not match the schema. + `OperationAborted` - A conflicting conditional action is currently in progress against this resource. Please try again. + `InternalError` - The service was unable to apply the provided tag to the object. The following operations are related to `PutObjectTagging`: + [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) + [DeleteObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /{Key+}?tagging&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-request-payer: RequestPayer string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutObjectTagging_RequestSyntax) ** The bucket name containing the object. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Content-MD5](#API_PutObjectTagging_RequestSyntax) ** The MD5 hash for the request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [Key](#API_PutObjectTagging_RequestSyntax) ** Name of the object key. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_PutObjectTagging_RequestSyntax) ** The versionId of the object that the tag-set will be added to. ** [x-amz-expected-bucket-owner](#API_PutObjectTagging_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_PutObjectTagging_RequestSyntax) ** Confirms that the requester knows that she or he will be charged for the tagging object request. Bucket owners need not specify this parameter in their requests. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_PutObjectTagging_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [Tagging](#API_PutObjectTagging_RequestSyntax) ** Root level tag for the Tagging parameters. Required: Yes ** [TagSet](#API_PutObjectTagging_RequestSyntax) ** A collection for a set of tags Type: Array of [Tag](API_Tag.md) data types Required: Yes ## Response Syntax ``` HTTP/1.1 200 x-amz-version-id: VersionId ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-version-id](#API_PutObjectTagging_ResponseSyntax) ** The versionId of the object the tag-set was added to. ## Examples ### Sample Request: Add tag set to an object The following request adds a tag set to the existing object object-key in the `examplebucket` bucket. ``` PUT object-key?tagging HTTP/1.1 Host: examplebucket.s3..amazonaws.com Content-Length: length Content-MD5: pUNXr/BjKK5G2UKExample== x-amz-date: 20160923T001956Z Authorization: authorization string tag1 val1 tag2 val2 ``` ### Sample Response This example illustrates one usage of PutObjectTagging. ``` HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Fri, 23 Sep 2016 00:20:19 GMT ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutObjectTagging) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutObjectTagging) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutObjectTagging) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutObjectTagging) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutObjectTagging) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutObjectTagging) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutObjectTagging) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutObjectTagging) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutObjectTagging) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutObjectTagging) # PutPublicAccessBlock **Note** This operation is not supported for directory buckets. Creates or modifies the `PublicAccessBlock` configuration for an Amazon S3 bucket. To use this operation, you must have the `s3:PutBucketPublicAccessBlock` permission. For more information about Amazon S3 permissions, see [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). **Important** When Amazon S3 evaluates the `PublicAccessBlock` configuration for a bucket or an object, it checks the `PublicAccessBlock` configuration for both the bucket (or the bucket that contains the object) and the bucket owner's account. Account-level settings automatically inherit from organization-level policies when present. If the `PublicAccessBlock` configurations are different between the bucket and the account, Amazon S3 uses the most restrictive combination of the bucket-level and account-level settings. For more information about when Amazon S3 considers a bucket or an object public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status). The following operations are related to `PutPublicAccessBlock`: + [GetPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) + [DeletePublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) + [GetBucketPolicyStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) + [Using Amazon S3 Block Public Access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?publicAccessBlock HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner boolean boolean boolean boolean ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_PutPublicAccessBlock_RequestSyntax) ** The name of the Amazon S3 bucket whose `PublicAccessBlock` configuration you want to set. Required: Yes ** [Content-MD5](#API_PutPublicAccessBlock_RequestSyntax) ** The MD5 hash of the `PutPublicAccessBlock` request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [x-amz-expected-bucket-owner](#API_PutPublicAccessBlock_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-sdk-checksum-algorithm](#API_PutPublicAccessBlock_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [PublicAccessBlockConfiguration](#API_PutPublicAccessBlock_RequestSyntax) ** Root level tag for the PublicAccessBlockConfiguration parameters. Required: Yes ** [BlockPublicAcls](#API_PutPublicAccessBlock_RequestSyntax) ** Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior: + PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public. + PUT Object calls fail if the request includes a public ACL. + PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs. Type: Boolean Required: No ** [BlockPublicPolicy](#API_PutPublicAccessBlock_RequestSyntax) ** Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. Type: Boolean Required: No ** [IgnorePublicAcls](#API_PutPublicAccessBlock_RequestSyntax) ** Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. Type: Boolean Required: No ** [RestrictPublicBuckets](#API_PutPublicAccessBlock_RequestSyntax) ** Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. Type: Boolean Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Examples ### First Sample Request The following request puts a bucket `PublicAccessBlock` configuration that rejects public ACLs. ``` PUT /?publicAccessBlock HTTP/1.1 Host: .s3..amazonaws.com x-amz-date: Authorization: TRUE FALSE FALSE FALSE ``` ### First Sample Response This example illustrates one usage of PutPublicAccessBlock. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 0 ``` ### Second Sample Request The following request puts a bucket PublicAccessBlock configuration that ignores public ACLs and restricts access to public buckets. ``` PUT /?publicAccessBlock HTTP/1.1 Host: .s3..amazonaws.com x-amz-date: Authorization: FALSE TRUE FALSE TRUE ``` ### Second Sample Response This example illustrates one usage of PutPublicAccessBlock. ``` HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 0 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutPublicAccessBlock) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/PutPublicAccessBlock) # RenameObject Renames an existing object in a directory bucket that uses the S3 Express One Zone storage class. You can use `RenameObject` by specifying an existing object’s name as the source and the new name of the object as the destination within the same directory bucket. **Note** `RenameObject` is only supported for objects stored in the S3 Express One Zone storage class. To prevent overwriting an object, you can use the `If-None-Match` conditional header. + **If-None-Match** - Renames the object only if an object with the specified name does not already exist in the directory bucket. If you don't want to overwrite an existing object, you can add the `If-None-Match` conditional header with the value `‘*’` in the `RenameObject` request. Amazon S3 then returns a `412 Precondition Failed` error if the object with the specified name already exists. For more information, see [RFC 7232](https://datatracker.ietf.org/doc/rfc7232/). Permissions To grant access to the `RenameObject` operation on a directory bucket, we recommend that you use the `CreateSession` operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the directory bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. The AWS CLI and SDKs will create and manage your session including refreshing the session token automatically to avoid service interruptions when a session expires. In your bucket policy, you can specify the `s3express:SessionMode` condition key to control who can create a `ReadWrite` or `ReadOnly` session. A `ReadWrite` session is required for executing all the Zonal endpoint API operations, including `RenameObject`. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). To learn more about Zonal endpoint API operations, see [Authorizing Zonal endpoint API operations with CreateSession](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-create-session.html) in the *Amazon S3 User Guide*. HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /{Key+}?renameObject HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-rename-source: RenameSource If-Match: DestinationIfMatch If-None-Match: DestinationIfNoneMatch If-Modified-Since: DestinationIfModifiedSince If-Unmodified-Since: DestinationIfUnmodifiedSince x-amz-rename-source-if-match: SourceIfMatch x-amz-rename-source-if-none-match: SourceIfNoneMatch x-amz-rename-source-if-modified-since: SourceIfModifiedSince x-amz-rename-source-if-unmodified-since: SourceIfUnmodifiedSince x-amz-client-token: ClientToken ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_RenameObject_RequestSyntax) ** The bucket name of the directory bucket containing the object. You must use virtual-hosted-style requests in the format `Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the format `bucket-base-name--zone-id--x-s3 ` (for example, `amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. Required: Yes ** [If-Match](#API_RenameObject_RequestSyntax) ** Renames the object only if the ETag (entity tag) value provided during the operation matches the ETag of the object in S3. The `If-Match` header field makes the request method conditional on ETags. If the ETag values do not match, the operation returns a `412 Precondition Failed` error. Expects the ETag value as a string. ** [If-Modified-Since](#API_RenameObject_RequestSyntax) ** Renames the object if the destination exists and if it has been modified since the specified time. ** [If-None-Match](#API_RenameObject_RequestSyntax) ** Renames the object only if the destination does not already exist in the specified directory bucket. If the object does exist when you send a request with `If-None-Match:*`, the S3 API will return a `412 Precondition Failed` error, preventing an overwrite. The `If-None-Match` header prevents overwrites of existing data by validating that there's not an object with the same key name already in your directory bucket. Expects the `*` character (asterisk). ** [If-Unmodified-Since](#API_RenameObject_RequestSyntax) ** Renames the object if it hasn't been modified since the specified time. ** [Key](#API_RenameObject_RequestSyntax) ** Key name of the object to rename. Length Constraints: Minimum length of 1. Required: Yes ** [x-amz-client-token](#API_RenameObject_RequestSyntax) ** A unique string with a max of 64 ASCII characters in the ASCII range of 33 - 126. `RenameObject` supports idempotency using a client token. To make an idempotent API request using `RenameObject`, specify a client token in the request. You should not reuse the same client token for other API requests. If you retry a request that completed successfully using the same client token and the same parameters, the retry succeeds without performing any further actions. If you retry a successful request using the same client token, but one or more of the parameters are different, the retry fails and an `IdempotentParameterMismatch` error is returned. ** [x-amz-rename-source](#API_RenameObject_RequestSyntax) ** Specifies the source for the rename operation. The value must be URL encoded. Pattern: `\/?.+\/.+` Required: Yes ** [x-amz-rename-source-if-match](#API_RenameObject_RequestSyntax) ** Renames the object if the source exists and if its entity tag (ETag) matches the specified ETag. ** [x-amz-rename-source-if-modified-since](#API_RenameObject_RequestSyntax) ** Renames the object if the source exists and if it has been modified since the specified time. ** [x-amz-rename-source-if-none-match](#API_RenameObject_RequestSyntax) ** Renames the object if the source exists and if its entity tag (ETag) is different than the specified ETag. If an asterisk (`*`) character is provided, the operation will fail and return a `412 Precondition Failed` error. ** [x-amz-rename-source-if-unmodified-since](#API_RenameObject_RequestSyntax) ** Renames the object if the source exists and hasn't been modified since the specified time. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Errors ** IdempotencyParameterMismatch ** Parameters on this idempotent request are inconsistent with parameters used in previous request(s). For a list of error codes and more information on Amazon S3 errors, see [Error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). Idempotency ensures that an API request completes no more than one time. With an idempotent request, if the original request completes successfully, any subsequent retries complete successfully without performing any further actions. HTTP Status Code: 400 ## Examples ### Sample request: Renaming an object in a directory bucket The following example request illustrates renaming the *srcfilename.txt* object in a directory bucket. ``` PUT /dstfilename.txt HTTP/1.1 Host: amzn-s3-demo-bucket--zone-id--x-s3.s3express.amazonaws.com If-Match: 9b2cf535f27731c974343645a3985328 x-amz-rename-source: /srcfilename.txt ``` ### Sample request: Renaming an object in a directory bucket if the destination doesn't exist The following example request illustrates renaming the *srcfilename.txt* object to *dstfilename.txt* if an object named *dstfilename.txt* doesn't already exist in the directory bucket. ``` PUT /dstfilename.txt HTTP/1.1 Host: amzn-s3-demo-bucket--zone-id--x-s3.s3express.amazonaws.com If-None-Match: * x-amz-rename-source: /srcfilename.txt ``` ### Sample request: Renaming an object in a directory bucket if the destination exists with a specific ETag The following example request illustrates renaming the *srcfilename.txt* object only if the destination exists and has the ETag: *9b2cf535f27731c974343645a3985328*. ``` PUT /dstfilename.txt HTTP/1.1 Host: amzn-s3-demo-bucket--zone-id--x-s3.s3express.amazonaws.com If-Match: 9b2cf535f27731c974343645a3985328 x-amz-rename-source: /srcfilename.txt ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/RenameObject) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/RenameObject) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/RenameObject) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/RenameObject) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/RenameObject) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/RenameObject) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/RenameObject) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/RenameObject) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/RenameObject) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/RenameObject) # RestoreObject **Note** This operation is not supported for directory buckets. Restores an archived copy of an object back into Amazon S3 This functionality is not supported for Amazon S3 on Outposts. This action performs the following types of requests: + `restore an archive` - Restore an archived object For more information about the `S3` structure in the request body, see the following: + [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) + [Managing Access with ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) in the *Amazon S3 User Guide* + [Protecting Data Using Server-Side Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) in the *Amazon S3 User Guide* Permissions To use this operation, you must have permissions to perform the `s3:RestoreObject` action. The bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) in the *Amazon S3 User Guide*. Restoring objects Objects that you archive to the S3 Glacier Flexible Retrieval or S3 Glacier Deep Archive storage class, and S3 Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep Archive tiers, are not accessible in real time. For objects in the S3 Glacier Flexible Retrieval or S3 Glacier Deep Archive storage classes, you must first initiate a restore request, and then wait until a temporary copy of the object is available. If you want a permanent copy of the object, create a copy of it in the Amazon S3 Standard storage class in your S3 bucket. To access an archived object, you must restore the object for the duration (number of days) that you specify. For objects in the Archive Access or Deep Archive Access tiers of S3 Intelligent-Tiering, you must first initiate a restore request, and then wait until the object is moved into the Frequent Access tier. To restore a specific object version, you can provide a version ID. If you don't provide a version ID, Amazon S3 restores the current version. When restoring an archived object, you can specify one of the following data access tier options in the `Tier` element of the request body: + `Expedited` - Expedited retrievals allow you to quickly access your data stored in the S3 Glacier Flexible Retrieval storage class or S3 Intelligent-Tiering Archive tier when occasional urgent requests for restoring archives are required. For all but the largest archived objects (250 MB\$1), data accessed using Expedited retrievals is typically made available within 1–5 minutes. Provisioned capacity ensures that retrieval capacity for Expedited retrievals is available when you need it. Expedited retrievals and provisioned capacity are not available for objects stored in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering Deep Archive tier. + `Standard` - Standard retrievals allow you to access any of your archived objects within several hours. This is the default option for retrieval requests that do not specify the retrieval option. Standard retrievals typically finish within 3–5 hours for objects stored in the S3 Glacier Flexible Retrieval storage class or S3 Intelligent-Tiering Archive tier. They typically finish within 12 hours for objects stored in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering Deep Archive tier. Standard retrievals are free for objects stored in S3 Intelligent-Tiering. + `Bulk` - Bulk retrievals free for objects stored in the S3 Glacier Flexible Retrieval and S3 Intelligent-Tiering storage classes, enabling you to retrieve large amounts, even petabytes, of data at no cost. Bulk retrievals typically finish within 5–12 hours for objects stored in the S3 Glacier Flexible Retrieval storage class or S3 Intelligent-Tiering Archive tier. Bulk retrievals are also the lowest-cost retrieval option when restoring objects from S3 Glacier Deep Archive. They typically finish within 48 hours for objects stored in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering Deep Archive tier. For more information about archive retrieval options and provisioned capacity for `Expedited` data access, see [Restoring Archived Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) in the *Amazon S3 User Guide*. You can use Amazon S3 restore speed upgrade to change the restore speed to a faster speed while it is in progress. For more information, see [ Upgrading the speed of an in-progress restore](https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html#restoring-objects-upgrade-tier.title.html) in the *Amazon S3 User Guide*. To get the status of object restoration, you can send a `HEAD` request. Operations return the `x-amz-restore` header, which provides information about the restoration status, in the response. You can use Amazon S3 event notifications to notify you when a restore is initiated or completed. For more information, see [Configuring Amazon S3 Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. After restoring an archived object, you can update the restoration period by reissuing the request with a new period. Amazon S3 updates the restoration period relative to the current time and charges only for the request-there are no data transfer charges. You cannot update the restoration period when Amazon S3 is actively processing your current restore request for the object. If your bucket has a lifecycle configuration with a rule that includes an expiration action, the object expiration overrides the life span that you specify in a restore request. For example, if you restore an object copy for 10 days, but the object is scheduled to expire in 3 days, Amazon S3 deletes the object in 3 days. For more information about lifecycle configuration, see [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) and [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in *Amazon S3 User Guide*. Responses A successful action returns either the `200 OK` or `202 Accepted` status code. + If the object is not previously restored, then Amazon S3 returns `202 Accepted` in the response. + If the object is previously restored, Amazon S3 returns `200 OK` in the response. + Special errors: + *Code: RestoreAlreadyInProgress* + *Cause: Object restore is already in progress.* + *HTTP Status Code: 409 Conflict* + *SOAP Fault Code Prefix: Client* + + *Code: GlacierExpeditedRetrievalNotAvailable* + *Cause: expedited retrievals are currently not available. Try again later. (Returned if there is insufficient capacity to process the Expedited request. This error applies only to Expedited retrievals and not to S3 Standard or Bulk retrievals.)* + *HTTP Status Code: 503* + *SOAP Fault Code Prefix: N/A* The following operations are related to `RestoreObject`: + [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) + [GetBucketNotificationConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /{Key+}?restore&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner integer string string string string string string string boolean string string string string string string string string string string string string string string string string string string string string string string string string string string string string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_RestoreObject_RequestSyntax) ** The bucket name containing the object to restore. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_RestoreObject_RequestSyntax) ** Object key for which the action was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_RestoreObject_RequestSyntax) ** VersionId used to reference a specific version of the object. ** [x-amz-expected-bucket-owner](#API_RestoreObject_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_RestoreObject_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_RestoreObject_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [RestoreRequest](#API_RestoreObject_RequestSyntax) ** Root level tag for the RestoreRequest parameters. Required: Yes ** [Days](#API_RestoreObject_RequestSyntax) ** Lifetime of the active copy in days. Do not use with restores that specify `OutputLocation`. The Days element is required for regular restores, and must not be provided for select requests. Type: Integer Required: No ** [Description](#API_RestoreObject_RequestSyntax) ** The optional description for the job. Type: String Required: No ** [GlacierJobParameters](#API_RestoreObject_RequestSyntax) ** S3 Glacier related parameters pertaining to this job. Do not use with restores that specify `OutputLocation`. Type: [GlacierJobParameters](API_GlacierJobParameters.md) data type Required: No ** [OutputLocation](#API_RestoreObject_RequestSyntax) ** Describes the location where the restore job's output is stored. Type: [OutputLocation](API_OutputLocation.md) data type Required: No ** [SelectParameters](#API_RestoreObject_RequestSyntax) ** Amazon S3 Select is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. [Learn more](http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/) Describes the parameters for Select job types. Type: [SelectParameters](API_SelectParameters.md) data type Required: No ** [Tier](#API_RestoreObject_RequestSyntax) ** Retrieval tier at which the restore will be processed. Type: String Valid Values: `Standard | Bulk | Expedited` Required: No ** [Type](#API_RestoreObject_RequestSyntax) ** Amazon S3 Select is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. [Learn more](http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/) Type of restore request. Type: String Valid Values: `SELECT` Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged x-amz-restore-output-path: RestoreOutputPath ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_RestoreObject_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-restore-output-path](#API_RestoreObject_ResponseSyntax) ** Indicates the path in the provided S3 output location where Select results will be restored to. ## Errors ** ObjectAlreadyInActiveTierError ** This action is not allowed against this storage tier. HTTP Status Code: 403 ## Examples ### Example: Restore an object for 2 days using the expedited retrieval option The following restore request restores a copy of the `photo1.jpg` object from S3 Glacier for a period of two days using the expedited retrieval option. ``` POST /photo1.jpg?restore HTTP/1.1 Host: examplebucket.dummy value Date: Mon, 22 Oct 2012 01:49:52 GMT Authorization: authorization string Content-Length: content length 2 Standard ``` ### Sample response If the `examplebucket` does not have a restored copy of the object, Amazon S3 returns the following `202 Accepted` response. **Note** If a copy of the object is already restored, Amazon S3 returns a `200 OK` response, and updates only the restored copy's expiry time. ``` HTTP/1.1 202 Accepted x-amz-id-2: GFihv3y6+kE7KG11GEkQhU7/2/cHR3Yb2fCb2S04nxI423Dqwg2XiQ0B/UZlzYQvPiBlZNRcovw= x-amz-request-id: 9F341CD3C4BA79E0 Date: Sat, 20 Oct 2012 23:54:05 GMT Content-Length: 0 Server: AmazonS3 ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/RestoreObject) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/RestoreObject) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/RestoreObject) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/RestoreObject) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/RestoreObject) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/RestoreObject) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/RestoreObject) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/RestoreObject) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/RestoreObject) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/RestoreObject) # SelectObjectContent **Note** This operation is not supported for directory buckets. This action filters the contents of an Amazon S3 object based on a simple structured query language (SQL) statement. In the request, along with the SQL expression, you must also specify a data serialization format (JSON, CSV, or Apache Parquet) of the object. Amazon S3 uses this format to parse object data into records, and returns only records that match the specified SQL expression. You must also specify the data serialization format for the response. This functionality is not supported for Amazon S3 on Outposts. For more information about Amazon S3 Select, see [Selecting Content from Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html) and [SELECT Command](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-glacier-select-sql-reference-select.html) in the *Amazon S3 User Guide*. Permissions You must have the `s3:GetObject` permission for this operation. Amazon S3 Select does not support anonymous access. For more information about permissions, see [Specifying Permissions in a Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) in the *Amazon S3 User Guide*. Object Data Formats You can use Amazon S3 Select to query objects that have the following format properties: + *CSV, JSON, and Parquet* - Objects must be in CSV, JSON, or Parquet format. + *UTF-8* - UTF-8 is the only encoding type Amazon S3 Select supports. + *GZIP or BZIP2* - CSV and JSON files can be compressed using GZIP or BZIP2. GZIP and BZIP2 are the only compression formats that Amazon S3 Select supports for CSV and JSON files. Amazon S3 Select supports columnar compression for Parquet using GZIP or Snappy. Amazon S3 Select does not support whole-object compression for Parquet objects. + *Server-side encryption* - Amazon S3 Select supports querying objects that are protected with server-side encryption. For objects that are encrypted with customer-provided encryption keys (SSE-C), you must use HTTPS, and you must use the headers that are documented in the [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html). For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. For objects that are encrypted with Amazon S3 managed keys (SSE-S3) and AWS KMS keys (SSE-KMS), server-side encryption is handled transparently, so you don't need to specify anything. For more information about server-side encryption, including SSE-S3 and SSE-KMS, see [Protecting Data Using Server-Side Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) in the *Amazon S3 User Guide*. Working with the Response Body Given the response size is unknown, Amazon S3 Select streams the response as a series of messages and includes a `Transfer-Encoding` header with `chunked` as its value in the response. For more information, see [Appendix: SelectObjectContent Response](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTSelectObjectAppendix.html). GetObject Support The `SelectObjectContent` action does not support the following `GetObject` functionality. For more information, see [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html). + `Range`: Although you can specify a scan range for an Amazon S3 Select request (see [SelectObjectContentRequest - ScanRange](https://docs.aws.amazon.com/AmazonS3/latest/API/API_SelectObjectContent.html#AmazonS3-SelectObjectContent-request-ScanRange) in the request parameters), you cannot specify the range of bytes of an object to return. + The `GLACIER`, `DEEP_ARCHIVE`, and `REDUCED_REDUNDANCY` storage classes, or the `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` access tiers of the `INTELLIGENT_TIERING` storage class: You cannot query objects in the `GLACIER`, `DEEP_ARCHIVE`, or `REDUCED_REDUNDANCY` storage classes, nor objects in the `ARCHIVE_ACCESS` or `DEEP_ARCHIVE_ACCESS` access tiers of the `INTELLIGENT_TIERING` storage class. For more information about storage classes, see [Using Amazon S3 storage classes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html) in the *Amazon S3 User Guide*. Special Errors For a list of special errors for this operation, see [List of SELECT Object Content Error Codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#SelectObjectContentErrorCodeList) The following operations are related to `SelectObjectContent`: + [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) + [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) + [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /{Key+}?select&select-type=2 HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-expected-bucket-owner: ExpectedBucketOwner string string boolean string boolean string string string string string string string string string string string string string long long ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_SelectObjectContent_RequestSyntax) ** The S3 bucket. Required: Yes ** [Key](#API_SelectObjectContent_RequestSyntax) ** The object key. Length Constraints: Minimum length of 1. Required: Yes ** [x-amz-expected-bucket-owner](#API_SelectObjectContent_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-server-side-encryption-customer-algorithm](#API_SelectObjectContent_RequestSyntax) ** The server-side encryption (SSE) algorithm used to encrypt the object. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. ** [x-amz-server-side-encryption-customer-key](#API_SelectObjectContent_RequestSyntax) ** The server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. ** [x-amz-server-side-encryption-customer-key-MD5](#API_SelectObjectContent_RequestSyntax) ** The MD5 server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, see [Protecting data using SSE-C keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) in the *Amazon S3 User Guide*. ## Request Body The request accepts the following data in XML format. ** [SelectObjectContentRequest](#API_SelectObjectContent_RequestSyntax) ** Root level tag for the SelectObjectContentRequest parameters. Required: Yes ** [Expression](#API_SelectObjectContent_RequestSyntax) ** The expression that is used to query the object. Type: String Required: Yes ** [ExpressionType](#API_SelectObjectContent_RequestSyntax) ** The type of the provided expression (for example, SQL). Type: String Valid Values: `SQL` Required: Yes ** [InputSerialization](#API_SelectObjectContent_RequestSyntax) ** Describes the format of the data in the object that is being queried. Type: [InputSerialization](API_InputSerialization.md) data type Required: Yes ** [OutputSerialization](#API_SelectObjectContent_RequestSyntax) ** Describes the format of the data that you want Amazon S3 to return in response. Type: [OutputSerialization](API_OutputSerialization.md) data type Required: Yes ** [RequestProgress](#API_SelectObjectContent_RequestSyntax) ** Specifies if periodic request progress information should be enabled. Type: [RequestProgress](API_RequestProgress.md) data type Required: No ** [ScanRange](#API_SelectObjectContent_RequestSyntax) ** Specifies the byte range of the object to get the records from. A record is processed when its first byte is contained by the range. This parameter is optional, but when specified, it must not be empty. See RFC 2616, Section 14.35.1 about how to specify the start and end of the range. `ScanRange`may be used in the following ways: + `50100` - process only the records starting between the bytes 50 and 100 (inclusive, counting from zero) + `50` - process only the records starting after the byte 50 + `50` - process only the records within the last 50 bytes of the file. Type: [ScanRange](API_ScanRange.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 blob

long long long

``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in XML format by the service. ** [Payload](#API_SelectObjectContent_ResponseSyntax) ** Root level tag for the Payload parameters. Required: Yes ** [Cont](#API_SelectObjectContent_ResponseSyntax) ** The Continuation Event. Type: [ContinuationEvent](API_ContinuationEvent.md) data type ** [End](#API_SelectObjectContent_ResponseSyntax) ** The End Event. Type: [EndEvent](API_EndEvent.md) data type ** [Progress](#API_SelectObjectContent_ResponseSyntax) ** The Progress Event. Type: [ProgressEvent](API_ProgressEvent.md) data type ** [Records](#API_SelectObjectContent_ResponseSyntax) ** The Records Event. Type: [RecordsEvent](API_RecordsEvent.md) data type ** [Stats](#API_SelectObjectContent_ResponseSyntax) ** The Stats Event. Type: [StatsEvent](API_StatsEvent.md) data type ## Examples ### Example 1: CSV object The following select request retrieves all records from an object with data stored in CSV format. The OutputSerialization element directs Amazon S3 to return results in CSV. You can try different queries in the `Expression` element: + Assuming that you are not using column headers, you can identify columns using positional headers: `SELECT s._1, s._2 FROM S3Object s WHERE s._3 > 100` + If you have column headers and you set the `FileHeaderInfo` to `Use`, you can identify columns by name in the expression: `SELECT s.Id, s.FirstName, s.SSN FROM S3Object s` + You can specify functions in the SQL expression: `SELECT count(*) FROM S3Object s WHERE s._1 < 1` ``` POST /exampleobject.csv?select&select-type=2 HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Tue, 17 Oct 2017 01:49:52 GMT Authorization: authorization string Content-Length: content length Select * from S3Object SQL GZIP IGNORE \n , " " # ASNEEDED \n , " " ``` ### Example The following is a sample response. ``` HTTP/1.1 200 OK x-amz-id-2: GFihv3y6+kE7KG11GEkQhU7/2/cHR3Yb2fCb2S04nxI423Dqwg2XiQ0B/UZlzYQvPiBlZNRcovw= x-amz-request-id: 9F341CD3C4BA79E0 Date: Tue, 17 Oct 2017 23:54:05 GMT A series of messages ``` ### Example 2: JSON object The following select request retrieves all records from an object with data stored in JSON format. The OutputSerialization directs Amazon S3 to return results in CSV. You can try different queries in the `Expression` element: + You can filter by string comparison using record keys: `SELECT s.country, s.city from S3Object s where s.city = 'Seattle'` + You can specify functions in the SQL expression: `SELECT count(*) FROM S3Object s` ``` POST /exampleobject.json?select&select-type=2 HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Tue, 17 Oct 2017 01:49:52 GMT Authorization: authorization string Content-Length: content length Select * from S3Object SQL GZIP DOCUMENT ASNEEDED \n , " " ``` ### Example The following is a sample response. ``` HTTP/1.1 200 OK x-amz-id-2: GFihv3y6+kE7KG11GEkQhU7/2/cHR3Yb2fCb2S04nxI423Dqwg2XiQ0B/UZlzYQvPiBlZNRcovw= x-amz-request-id: 9F341CD3C4BA79E0 Date: Tue, 17 Oct 2017 23:54:05 GMT A series of messages ``` ### Example 3: Parquet object + The `InputSerialization` element describes the format of the data in the object that is being queried. It must specify `CSV`, `JSON`, or `Parquet`. + The `OutputSerialization ` element describes the format of the data that you want Amazon S3 to return in response to the query. It must specify `CSV`, `JSON`. Amazon S3 doesn't support outputting data in the `Parquet` format. + The format of the `InputSerialization` doesn't need to match the format of the `OutputSerialization`. So, for example, you can specify `JSON` in the `InputSerialization` and `CSV` in the `OutputSerialization`. ``` POST /exampleobject.parquet?select&select-type=2 HTTP/1.1 Host: examplebucket.s3..amazonaws.com Date: Tue, 17 Oct 2017 01:49:52 GMT Authorization: authorization string Content-Length: content length Select * from S3Object SQL NONE ASNEEDED \n , " " ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/SelectObjectContent) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/SelectObjectContent) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/SelectObjectContent) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/SelectObjectContent) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/SelectObjectContent) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/SelectObjectContent) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/SelectObjectContent) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/SelectObjectContent) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/SelectObjectContent) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/SelectObjectContent) # UpdateBucketMetadataInventoryTableConfiguration Enables or disables a live inventory table for an S3 Metadata configuration on a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. Permissions To use this operation, you must have the following permissions. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. If you want to encrypt your inventory table with server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), you need additional permissions in your KMS key policy. For more information, see [ Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. + `s3:UpdateBucketMetadataInventoryTableConfiguration` + `s3tables:CreateTableBucket` + `s3tables:CreateNamespace` + `s3tables:GetTable` + `s3tables:CreateTable` + `s3tables:PutTablePolicy` + `s3tables:PutTableEncryption` + `kms:DescribeKey` The following operations are related to `UpdateBucketMetadataInventoryTableConfiguration`: + [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) + [DeleteBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html) + [GetBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html) + [UpdateBucketMetadataJournalTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?metadataInventoryTable HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner string string string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_UpdateBucketMetadataInventoryTableConfiguration_RequestSyntax) ** The general purpose bucket that corresponds to the metadata configuration that you want to enable or disable an inventory table for. Required: Yes ** [Content-MD5](#API_UpdateBucketMetadataInventoryTableConfiguration_RequestSyntax) ** The `Content-MD5` header for the inventory table configuration. ** [x-amz-expected-bucket-owner](#API_UpdateBucketMetadataInventoryTableConfiguration_RequestSyntax) ** The expected owner of the general purpose bucket that corresponds to the metadata table configuration that you want to enable or disable an inventory table for. ** [x-amz-sdk-checksum-algorithm](#API_UpdateBucketMetadataInventoryTableConfiguration_RequestSyntax) ** The checksum algorithm to use with your inventory table configuration. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [InventoryTableConfiguration](#API_UpdateBucketMetadataInventoryTableConfiguration_RequestSyntax) ** Root level tag for the InventoryTableConfiguration parameters. Required: Yes ** [ConfigurationState](#API_UpdateBucketMetadataInventoryTableConfiguration_RequestSyntax) ** The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled. Type: String Valid Values: `ENABLED | DISABLED` Required: Yes ** [EncryptionConfiguration](#API_UpdateBucketMetadataInventoryTableConfiguration_RequestSyntax) ** The encryption configuration for the inventory table. Type: [MetadataTableEncryptionConfiguration](API_MetadataTableEncryptionConfiguration.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration) # UpdateBucketMetadataJournalTableConfiguration Enables or disables journal table record expiration for an S3 Metadata configuration on a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. Permissions To use this operation, you must have the `s3:UpdateBucketMetadataJournalTableConfiguration` permission. For more information, see [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) in the *Amazon S3 User Guide*. The following operations are related to `UpdateBucketMetadataJournalTableConfiguration`: + [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) + [DeleteBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html) + [GetBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html) + [UpdateBucketMetadataInventoryTableConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /?metadataJournalTable HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-expected-bucket-owner: ExpectedBucketOwner integer string ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_UpdateBucketMetadataJournalTableConfiguration_RequestSyntax) ** The general purpose bucket that corresponds to the metadata configuration that you want to enable or disable journal table record expiration for. Required: Yes ** [Content-MD5](#API_UpdateBucketMetadataJournalTableConfiguration_RequestSyntax) ** The `Content-MD5` header for the journal table configuration. ** [x-amz-expected-bucket-owner](#API_UpdateBucketMetadataJournalTableConfiguration_RequestSyntax) ** The expected owner of the general purpose bucket that corresponds to the metadata table configuration that you want to enable or disable journal table record expiration for. ** [x-amz-sdk-checksum-algorithm](#API_UpdateBucketMetadataJournalTableConfiguration_RequestSyntax) ** The checksum algorithm to use with your journal table configuration. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [JournalTableConfiguration](#API_UpdateBucketMetadataJournalTableConfiguration_RequestSyntax) ** Root level tag for the JournalTableConfiguration parameters. Required: Yes ** [RecordExpiration](#API_UpdateBucketMetadataJournalTableConfiguration_RequestSyntax) ** The journal table record expiration settings for the journal table. Type: [RecordExpiration](API_RecordExpiration.md) data type Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration) # UpdateObjectEncryption **Note** This operation is not supported for directory buckets or Amazon S3 on Outposts buckets. Updates the server-side encryption type of an existing encrypted object in a general purpose bucket. You can use the `UpdateObjectEncryption` operation to change encrypted objects from server-side encryption with Amazon S3 managed keys (SSE-S3) to server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), or to apply S3 Bucket Keys. You can also use the `UpdateObjectEncryption` operation to change the customer-managed KMS key used to encrypt your data so that you can comply with custom key-rotation standards. Using the `UpdateObjectEncryption` operation, you can atomically update the server-side encryption type of an existing object in a general purpose bucket without any data movement. The `UpdateObjectEncryption` operation uses envelope encryption to re-encrypt the data key used to encrypt and decrypt your object with your newly specified server-side encryption type. In other words, when you use the `UpdateObjectEncryption` operation, your data isn't copied, archived objects in the S3 Glacier Flexible Retrieval and S3 Glacier Deep Archive storage classes aren't restored, and objects in the S3 Intelligent-Tiering storage class aren't moved between tiers. Additionally, the `UpdateObjectEncryption` operation preserves all object metadata properties, including the storage class, creation date, last modified date, ETag, and checksum properties. For more information, see [ Updating server-side encryption for existing objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/update-sse-encryption.html) in the *Amazon S3 User Guide*. By default, all `UpdateObjectEncryption` requests that specify a customer-managed KMS key are restricted to KMS keys that are owned by the bucket owner's AWS account. If you're using AWS Organizations, you can request the ability to use KMS keys owned by other member accounts within your organization by contacting AWS Support. **Note** Source objects that are unencrypted, or encrypted with either dual-layer server-side encryption with AWS KMS keys (DSSE-KMS) or server-side encryption with customer-provided keys (SSE-C) aren't supported by this operation. Additionally, you cannot specify SSE-S3 encryption as the requested new encryption type `UpdateObjectEncryption` request. Permissions + To use the `UpdateObjectEncryption` operation, you must have the following permissions: + `s3:PutObject` + `s3:UpdateObjectEncryption` + `kms:Encrypt` + `kms:Decrypt` + `kms:GenerateDataKey` + `kms:ReEncrypt*` + If you're using AWS Organizations, to use this operation with customer-managed KMS keys from other AWS accounts within your organization, you must have the `organizations:DescribeAccount` permission. Errors + You might receive an `InvalidRequest` error for several reasons. Depending on the reason for the error, you might receive one of the following messages: + The `UpdateObjectEncryption` operation doesn't supported unencrypted source objects. Only source objects encrypted with SSE-S3 or SSE-KMS are supported. + The `UpdateObjectEncryption` operation doesn't support source objects with the encryption type DSSE-KMS or SSE-C. Only source objects encrypted with SSE-S3 or SSE-KMS are supported. + The `UpdateObjectEncryption` operation doesn't support updating the encryption type to DSSE-KMS or SSE-C. Modify the request to specify SSE-KMS for the updated encryption type, and then try again. + Requests that modify an object encryption configuration require AWS Signature Version 4. Modify the request to use AWS Signature Version 4, and then try again. + Requests that modify an object encryption configuration require a valid new encryption type. Valid values are `SSEKMS`. Modify the request to specify SSE-KMS for the updated encryption type, and then try again. + Requests that modify an object's encryption type to SSE-KMS require an AWS KMS key Amazon Resource Name (ARN). Modify the request to specify a KMS key ARN, and then try again. + Requests that modify an object's encryption type to SSE-KMS require a valid AWS KMS key Amazon Resource Name (ARN). Confirm that you have a correctly formatted KMS key ARN in your request, and then try again. + The `BucketKeyEnabled` value isn't valid. Valid values are `true` or `false`. Modify the request to specify a valid value, and then try again. + You might receive an `AccessDenied` error for several reasons. Depending on the reason for the error, you might receive one of the following messages: + The AWS KMS key in the request must be owned by the same account as the bucket. Modify the request to specify a KMS key from the same account, and then try again. + The bucket owner's account was approved to make `UpdateObjectEncryption` requests that use any AWS KMS key in their organization, but the bucket owner's account isn't part of an organization in AWS Organizations. Make sure that the bucket owner's account and the specified KMS key belong to the same organization, and then try again. + The specified AWS KMS key must be from the same organization in AWS Organizations as the bucket. Specify a KMS key that belongs to the same organization as the bucket, and then try again. + The encryption type for the specified object can’t be updated because that object is protected by S3 Object Lock. If the object has a governance-mode retention period or a legal hold, you must first remove the Object Lock status on the object before you issue your `UpdateObjectEncryption` request. You can't use the `UpdateObjectEncryption` operation with objects that have an Object Lock compliance mode retention period applied to them. ## Request Syntax ``` PUT /{Key+}?encryption&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm

boolean string

``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_UpdateObjectEncryption_RequestSyntax) ** The name of the general purpose bucket that contains the specified object key name. When you use this operation with an access point attached to a general purpose bucket, you must either provide the alias of the access point in place of the bucket name or you must specify the access point Amazon Resource Name (ARN). When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form ` AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com`. When using this operation with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [ Referencing access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-naming.html) in the *Amazon S3 User Guide*. Required: Yes ** [Content-MD5](#API_UpdateObjectEncryption_RequestSyntax) ** The MD5 hash for the request body. For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically. ** [Key](#API_UpdateObjectEncryption_RequestSyntax) ** The key name of the object that you want to update the server-side encryption type for. Length Constraints: Minimum length of 1. Required: Yes ** [versionId](#API_UpdateObjectEncryption_RequestSyntax) ** The version ID of the object that you want to update the server-side encryption type for. ** [x-amz-expected-bucket-owner](#API_UpdateObjectEncryption_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide doesn't match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_UpdateObjectEncryption_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_UpdateObjectEncryption_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use an AWS SDK. This header doesn't provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [ Checking object integrity ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ## Request Body The request accepts the following data in XML format. ** [ObjectEncryption](#API_UpdateObjectEncryption_RequestSyntax) ** Root level tag for the ObjectEncryption parameters. Required: Yes ** [SSEKMS](#API_UpdateObjectEncryption_RequestSyntax) ** Specifies to update the object encryption type to server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). Type: [SSEKMSEncryption](API_SSEKMSEncryption.md) data type Required: No ## Response Syntax ``` HTTP/1.1 200 x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-request-charged](#API_UpdateObjectEncryption_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ## Errors ** AccessDenied ** You might receive this error for several reasons. For details, see the description of this API operation. HTTP Status Code: 403 ** InvalidRequest ** A parameter or header in your request isn't valid. For details, see the description of this API operation. HTTP Status Code: 400 ** NoSuchKey ** The specified key does not exist. HTTP Status Code: 404 ## Examples ### Sample Request: Updating encryption type to SSE-KMS with S3 Bucket Keys enabled The following example request illustrates updating the server-side encryption type of the `example.txt` object in the `amzn-s3-demo-bucket` bucket to SSE-KMS with S3 Bucket Keys enabled. ``` PUT /example.txt?encryption&versionId=VersionId HTTP/1.1 Host: amzn-s3-demo-bucket.s3..amazonaws.com x-amz-request-payer: x-amz-expected-bucket-owner: Content-MD5: x-amz-sdk-checksum-algorithm:

true arn:aws:kms:::key/

``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/UpdateObjectEncryption) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/UpdateObjectEncryption) # UploadPart Uploads a part in a multipart upload. **Note** In this operation, you provide new data as a part of an object in your request. However, you have an option to specify your existing Amazon S3 object as a data source for the part you are uploading. To upload a part from an existing object, you use the [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) operation. You must initiate a multipart upload (see [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)) before you can upload any part. In response to your initiate request, Amazon S3 returns an upload ID, a unique identifier that you must include in your upload part request. Part numbers can be any number from 1 to 10,000, inclusive. A part number uniquely identifies a part and also defines its position within the object being created. If you upload a new part using the same part number that was used with a previous part, the previously uploaded part is overwritten. For information about maximum and minimum part sizes and other multipart upload specifications, see [Multipart upload limits](https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) in the *Amazon S3 User Guide*. **Note** After you initiate multipart upload and upload one or more parts, you must either complete or abort multipart upload in order to stop getting charged for storage of the uploaded parts. Only after you either complete or abort multipart upload, Amazon S3 frees up the parts storage and stops charging you for the parts storage. For more information on multipart uploads, go to [Multipart Upload Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the *Amazon S3 User Guide *. **Note** **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Permissions + **General purpose bucket permissions** - To perform a multipart upload with encryption using an AWS Key Management Service key, the requester must have permission to the `kms:Decrypt` and `kms:GenerateDataKey` actions on the key. The requester must also have permissions for the `kms:GenerateDataKey` action for the `CreateMultipartUpload` API. Then, the requester needs permissions for the `kms:Decrypt` action on the `UploadPart` and `UploadPartCopy` APIs. These permissions are required because Amazon S3 must decrypt and read data from the encrypted file parts before it completes the multipart upload. For more information about KMS permissions, see [Protecting data using server-side encryption with AWS KMS](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) in the *Amazon S3 User Guide*. For information about the permissions required to use the multipart upload API, see [Multipart upload and permissions](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) and [Multipart upload API and permissions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - To grant access to this API operation on a directory bucket, we recommend that you use the [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) API operation for session-based authorization. Specifically, you grant the `s3express:CreateSession` permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the `CreateSession` API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another `CreateSession` API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). If the object is encrypted with SSE-KMS, you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key. Data integrity **General purpose bucket** - To ensure that data is not corrupted traversing the network, specify the `Content-MD5` header in the upload part request. Amazon S3 checks the part data against the provided MD5 value. If they do not match, Amazon S3 returns an error. If the upload request is signed with Signature Version 4, then AWS S3 uses the `x-amz-content-sha256` header as a checksum instead of `Content-MD5`. For more information see [Authenticating Requests: Using the Authorization Header (AWS Signature Version 4)](https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html). **Directory buckets** - MD5 is not supported by directory buckets. You can use checksum algorithms to check object integrity. Encryption + **General purpose bucket** - Server-side encryption is for data encryption at rest. Amazon S3 encrypts your data as it writes it to disks in its data centers and decrypts it when you access it. You have mutually exclusive options to protect data using server-side encryption in Amazon S3, depending on how you choose to manage the encryption keys. Specifically, the encryption key options are Amazon S3 managed keys (SSE-S3), AWS KMS keys (SSE-KMS), and Customer-Provided Keys (SSE-C). Amazon S3 encrypts data with server-side encryption using Amazon S3 managed keys (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at rest using server-side encryption with other key options. The option you use depends on whether you want to use KMS keys (SSE-KMS) or provide your own encryption key (SSE-C). Server-side encryption is supported by the S3 Multipart Upload operations. Unless you are using a customer-provided encryption key (SSE-C), you don't need to specify the encryption parameters in each UploadPart request. Instead, you only need to specify the server-side encryption parameters in the initial Initiate Multipart request. For more information, see [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). **Note** If you have server-side encryption with customer-provided keys (SSE-C) blocked for your general purpose bucket, you will get an HTTP 403 Access Denied error when you specify the SSE-C request headers while writing new data to your bucket. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). If you request server-side encryption using a customer-provided encryption key (SSE-C) in your initiate multipart upload request, you must provide identical encryption information in each part upload using the following request headers. + x-amz-server-side-encryption-customer-algorithm + x-amz-server-side-encryption-customer-key + x-amz-server-side-encryption-customer-key-MD5 For more information, see [Using Server-Side Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon S3 User Guide*. + **Directory buckets ** - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). Special errors + Error Code: `NoSuchUpload` + Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed. + HTTP Status Code: 404 Not Found + SOAP Fault Code Prefix: Client HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `UploadPart`: + [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) + [CompleteMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) + [AbortMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) + [ListMultipartUploads](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /Key+?partNumber=PartNumber&uploadId=UploadId HTTP/1.1 Host: Bucket.s3.amazonaws.com Content-Length: ContentLength Content-MD5: ContentMD5 x-amz-sdk-checksum-algorithm: ChecksumAlgorithm x-amz-checksum-crc32: ChecksumCRC32 x-amz-checksum-crc32c: ChecksumCRC32C x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-checksum-sha1: ChecksumSHA1 x-amz-checksum-sha256: ChecksumSHA256 x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner Body ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_UploadPart_RequestSyntax) ** The name of the bucket to which the multipart upload was initiated. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Content-Length](#API_UploadPart_RequestSyntax) ** Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. ** [Content-MD5](#API_UploadPart_RequestSyntax) ** The Base64 encoded 128-bit MD5 digest of the part data. This parameter is auto-populated when using the command from the CLI. This parameter is required if object lock parameters are specified. This functionality is not supported for directory buckets. ** [Key](#API_UploadPart_RequestSyntax) ** Object key for which the multipart upload was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [partNumber](#API_UploadPart_RequestSyntax) ** Part number of part being uploaded. This is a positive integer between 1 and 10,000. Required: Yes ** [uploadId](#API_UploadPart_RequestSyntax) ** Upload ID identifying the multipart upload whose part is being uploaded. Required: Yes ** [x-amz-checksum-crc32](#API_UploadPart_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32` checksum of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc32c](#API_UploadPart_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32C` checksum of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc64nvme](#API_UploadPart_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit `CRC64NVME` checksum of the part. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha1](#API_UploadPart_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 160-bit `SHA1` digest of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha256](#API_UploadPart_RequestSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 256-bit `SHA256` digest of the object. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-expected-bucket-owner](#API_UploadPart_RequestSyntax) ** The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_UploadPart_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-sdk-checksum-algorithm](#API_UploadPart_RequestSyntax) ** Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding `x-amz-checksum` or `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request with the HTTP status code `400 Bad Request`. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. If you provide an individual checksum, Amazon S3 ignores any provided `ChecksumAlgorithm` parameter. This checksum algorithm must be the same for all parts and it match the checksum value supplied in the `CreateMultipartUpload` request. Valid Values: `CRC32 | CRC32C | SHA1 | SHA256 | CRC64NVME` ** [x-amz-server-side-encryption-customer-algorithm](#API_UploadPart_RequestSyntax) ** Specifies the algorithm to use when encrypting the object (for example, AES256). This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key](#API_UploadPart_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm header`. This must be the same encryption key specified in the initiate multipart upload request. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_UploadPart_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported for directory buckets. ## Request Body The request accepts the following binary data. ** [Body](#API_UploadPart_RequestSyntax) ** ## Response Syntax ``` HTTP/1.1 200 x-amz-server-side-encryption: ServerSideEncryption ETag: ETag x-amz-checksum-crc32: ChecksumCRC32 x-amz-checksum-crc32c: ChecksumCRC32C x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-checksum-sha1: ChecksumSHA1 x-amz-checksum-sha256: ChecksumSHA256 x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-request-charged: RequestCharged ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [ETag](#API_UploadPart_ResponseSyntax) ** Entity tag for the uploaded object. ** [x-amz-checksum-crc32](#API_UploadPart_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32 checksum` of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc32c](#API_UploadPart_ResponseSyntax) ** The Base64 encoded, 32-bit `CRC32C` checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-crc64nvme](#API_UploadPart_ResponseSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit `CRC64NVME` checksum of the part. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha1](#API_UploadPart_ResponseSyntax) ** The Base64 encoded, 160-bit `SHA1` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-checksum-sha256](#API_UploadPart_ResponseSyntax) ** The Base64 encoded, 256-bit `SHA256` digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see [ Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) in the *Amazon S3 User Guide*. ** [x-amz-request-charged](#API_UploadPart_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_UploadPart_ResponseSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_UploadPart_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_UploadPart_ResponseSyntax) ** Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-server-side-encryption-customer-algorithm](#API_UploadPart_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_UploadPart_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key. This functionality is not supported for directory buckets. ## Examples ### Sample Request for general purpose buckets The following PUT request uploads a part (part number 1) in a multipart upload. The request includes the upload ID that you get in response to your Initiate Multipart Upload request. ``` PUT /my-movie.m2ts?partNumber=1&uploadId=VCVsb2FkIElEIGZvciBlbZZpbmcncyBteS1tb3ZpZS5tMnRzIHVwbG9hZR HTTP/1.1 Host: example-bucket.s3..amazonaws.com Date: Mon, 1 Nov 2010 20:34:56 GMT Content-Length: 10485760 Content-MD5: pUNXr/BjKK5G2UKvaRRrOA== Authorization: authorization string ***part data omitted*** ``` ### Sample Response for general purpose buckets The response includes the ETag header. You need to retain this value for use when you send the Complete Multipart Upload request. ``` HTTP/1.1 200 OK x-amz-id-2: Vvag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 1 Nov 2010 20:34:56 GMT ETag: "b54357faf0632cce46e942fa68356b38" Content-Length: 0 Connection: keep-alive Server: AmazonS3 ``` ### Example for general purpose buckets: Upload a part with an encryption key in the request for server-side encryption If you initiated a multipart upload with a request to save an object using server-side encryption with a customer-provided encryption key, each part upload must also include the same set of encryption-specific headers as shown in the following example request. ``` PUT /example-object?partNumber=1&uploadId=EXAMPLEJZ6e0YupT2h66iePQCc9IEbYbDUy4RTpMeoSMLPRp8Z5o1u8feSRonpvnWsKKG35tI2LB9VDPiCgTy.Gq2VxQLYjrue4Nq.NBdqI- HTTP/1.1 Host: example-bucket.s3..amazonaws.com Authorization: authorization string Date: Wed, 28 May 2014 19:40:11 +0000 x-amz-server-side-encryption-customer-key: g0lCfA3Dv40jZz5SQJ1ZukLRFqtI5WorC/8SEEXAMPLE x-amz-server-side-encryption-customer-key-MD5: ZjQrne1X/iTcskbY2example x-amz-server-side-encryption-customer-algorithm: AES256 ``` ### Example for general purpose buckets In the response, Amazon S3 returns encryption-specific headers providing the encryption algorithm used and MD5 digest of the encryption key you provided in the request. ``` HTTP/1.1 100 Continue HTTP/1.1 200 OK x-amz-id-2: Zn8bf8aEFQ+kBnGPBc/JaAf9SoWM68QDPS9+SyFwkIZOHUG2BiRLZi5oXw4cOCEt x-amz-request-id: 5A37448A37622243 Date: Wed, 28 May 2014 19:40:12 GMT ETag: "7e10e7d25dc4581d89b9285be5f384fd" x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key-MD5: ZjQrne1X/iTcskbY2example ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/UploadPart) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/UploadPart) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/UploadPart) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/UploadPart) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/UploadPart) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/UploadPart) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/UploadPart) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/UploadPart) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/UploadPart) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/UploadPart) # UploadPartCopy Uploads a part by copying data from an existing object as data source. To specify the data source, you add the request header `x-amz-copy-source` in your request. To specify a byte range, you add the request header `x-amz-copy-source-range` in your request. For information about maximum and minimum part sizes and other multipart upload specifications, see [Multipart upload limits](https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) in the *Amazon S3 User Guide*. **Note** Instead of copying data from an existing object as part data, you might use the [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) action to upload new data as a part of an object in your request. You must initiate a multipart upload before you can upload any part. In response to your initiate request, Amazon S3 returns the upload ID, a unique identifier that you must include in your upload part request. For conceptual information about multipart uploads, see [Uploading Objects Using Multipart Upload](https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) in the *Amazon S3 User Guide*. For information about copying objects using a single atomic action vs. a multipart upload, see [Operations on Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html) in the *Amazon S3 User Guide*. **Note** **Directory buckets** - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format `https://amzn-s3-demo-bucket.s3express-zone-id.region-code.amazonaws.com/key-name `. Path-style requests are not supported. For more information about endpoints in Availability Zones, see [Regional and Zonal endpoints for directory buckets in Availability Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html) in the *Amazon S3 User Guide*. For more information about endpoints in Local Zones, see [Concepts for directory buckets in Local Zones](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html) in the *Amazon S3 User Guide*. Authentication and authorization All `UploadPartCopy` requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the `x-amz-` prefix, including `x-amz-copy-source`, must be signed. For more information, see [REST Authentication](https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). **Directory buckets** - You must use IAM credentials to authenticate and authorize your access to the `UploadPartCopy` API operation, instead of using the temporary security credentials through the `CreateSession` API operation. AWS CLI or SDKs handles authentication and authorization on your behalf. Permissions You must have `READ` access to the source object and `WRITE` access to the destination bucket. + **General purpose bucket permissions** - You must have the permissions in a policy based on the bucket types of your source bucket and destination bucket in an `UploadPartCopy` operation. + If the source object is in a general purpose bucket, you must have the ** `s3:GetObject` ** permission to read the source object that is being copied. + If the destination bucket is a general purpose bucket, you must have the ** `s3:PutObject` ** permission to write the object copy to the destination bucket. + To perform a multipart upload with encryption using an AWS Key Management Service key, the requester must have permission to the `kms:Decrypt` and `kms:GenerateDataKey` actions on the key. The requester must also have permissions for the `kms:GenerateDataKey` action for the `CreateMultipartUpload` API. Then, the requester needs permissions for the `kms:Decrypt` action on the `UploadPart` and `UploadPartCopy` APIs. These permissions are required because Amazon S3 must decrypt and read data from the encrypted file parts before it completes the multipart upload. For more information about KMS permissions, see [Protecting data using server-side encryption with AWS KMS](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) in the *Amazon S3 User Guide*. For information about the permissions required to use the multipart upload API, see [Multipart upload and permissions](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) and [Multipart upload API and permissions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) in the *Amazon S3 User Guide*. + **Directory bucket permissions** - You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination bucket types in an `UploadPartCopy` operation. + If the source object that you want to copy is in a directory bucket, you must have the ** `s3express:CreateSession` ** permission in the `Action` element of a policy to read the object. If no session mode is specified, the session will be created with the maximum allowable privilege, attempting `ReadWrite` first, then `ReadOnly` if `ReadWrite` is not permitted. If you want to explicitly restrict the access to be read-only, you can set the `s3express:SessionMode` condition key to `ReadOnly` on the copy source bucket. + If the copy destination is a directory bucket, you must have the ** `s3express:CreateSession` ** permission in the `Action` element of a policy to write the object to the destination. The `s3express:SessionMode` condition key cannot be set to `ReadOnly` on the copy destination. If the object is encrypted with SSE-KMS, you must also have the `kms:GenerateDataKey` and `kms:Decrypt` permissions in IAM identity-based policies and AWS KMS key policies for the AWS KMS key. For example policies, see [Example bucket policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) and [AWS Identity and Access Management (IAM) identity-based policies for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) in the *Amazon S3 User Guide*. Encryption + **General purpose buckets ** - For information about using server-side encryption with customer-provided encryption keys with the `UploadPartCopy` operation, see [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) and [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html). **Note** If you have server-side encryption with customer-provided keys (SSE-C) blocked for your general purpose bucket, you will get an HTTP 403 Access Denied error when you specify the SSE-C request headers while writing new data to your bucket. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). + **Directory buckets ** - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and server-side encryption with AWS KMS keys (SSE-KMS) (`aws:kms`). For more information, see [Protecting data with server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html) in the *Amazon S3 User Guide*. **Note** For directory buckets, when you perform a `CreateMultipartUpload` operation and an `UploadPartCopy` operation, the request headers you provide in the `CreateMultipartUpload` request must match the default encryption configuration of the destination bucket. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html). In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object. Special errors + Error Code: `NoSuchUpload` + Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed. + HTTP Status Code: 404 Not Found + Error Code: `InvalidRequest` + Description: The specified copy source is not supported as a byte-range copy source. + HTTP Status Code: 400 Bad Request HTTP Host header syntax **Directory buckets ** - The HTTP Host header syntax is ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. The following operations are related to `UploadPartCopy`: + [CreateMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) + [UploadPart](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) + [CompleteMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) + [AbortMultipartUpload](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) + [ListParts](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) + [ListMultipartUploads](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` PUT /Key+?partNumber=PartNumber&uploadId=UploadId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-copy-source: CopySource x-amz-copy-source-if-match: CopySourceIfMatch x-amz-copy-source-if-modified-since: CopySourceIfModifiedSince x-amz-copy-source-if-none-match: CopySourceIfNoneMatch x-amz-copy-source-if-unmodified-since: CopySourceIfUnmodifiedSince x-amz-copy-source-range: CopySourceRange x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key: SSECustomerKey x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-copy-source-server-side-encryption-customer-algorithm: CopySourceSSECustomerAlgorithm x-amz-copy-source-server-side-encryption-customer-key: CopySourceSSECustomerKey x-amz-copy-source-server-side-encryption-customer-key-MD5: CopySourceSSECustomerKeyMD5 x-amz-request-payer: RequestPayer x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-source-expected-bucket-owner: ExpectedSourceBucketOwner ``` ## URI Request Parameters The request uses the following URI parameters. ** [Bucket](#API_UploadPartCopy_RequestSyntax) ** The bucket name. **Directory buckets** - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format ` Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style requests are not supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must follow the format ` bucket-base-name--zone-id--x-s3` (for example, ` amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide*. Copying objects across different AWS Regions isn't supported when the source or destination bucket is in AWS Local Zones. The source and destination buckets must have the same parent AWS Region. Otherwise, you get an HTTP `400 Bad Request` error with the error code `InvalidRequest`. **Access points** - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see [Using access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) in the *Amazon S3 User Guide*. Object Lambda access points are not supported by directory buckets. **S3 on Outposts** - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form ` AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com`. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see [What is S3 on Outposts?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. Required: Yes ** [Key](#API_UploadPartCopy_RequestSyntax) ** Object key for which the multipart upload was initiated. Length Constraints: Minimum length of 1. Required: Yes ** [partNumber](#API_UploadPartCopy_RequestSyntax) ** Part number of part being copied. This is a positive integer between 1 and 10,000. Required: Yes ** [uploadId](#API_UploadPartCopy_RequestSyntax) ** Upload ID identifying the multipart upload whose part is being copied. Required: Yes ** [x-amz-copy-source](#API_UploadPartCopy_RequestSyntax) ** Specifies the source object for the copy operation. You specify the value in one of two formats, depending on whether you want to access the source object through an [access point](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html): + For objects not accessed through an access point, specify the name of the source bucket and key of the source object, separated by a slash (/). For example, to copy the object `reports/january.pdf` from the bucket `awsexamplebucket`, use `awsexamplebucket/reports/january.pdf`. The value must be URL-encoded. + For objects accessed through access points, specify the Amazon Resource Name (ARN) of the object as accessed through the access point, in the format `arn:aws:s3:::accesspoint//object/`. For example, to copy the object `reports/january.pdf` through access point `my-access-point` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`. The value must be URL encoded. **Note** Amazon S3 supports copy operations using Access points only when the source and destination buckets are in the same AWS Region. Access points are not supported by directory buckets. Alternatively, for objects accessed through Amazon S3 on Outposts, specify the ARN of the object as accessed in the format `arn:aws:s3-outposts:::outpost//object/`. For example, to copy the object `reports/january.pdf` through outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`. The value must be URL-encoded. If your bucket has versioning enabled, you could have multiple versions of the same object. By default, `x-amz-copy-source` identifies the current version of the source object to copy. To copy a specific version of the source object to copy, append `?versionId=` to the `x-amz-copy-source` request header (for example, `x-amz-copy-source: /awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`). If the current version is a delete marker and you don't specify a versionId in the `x-amz-copy-source` request header, Amazon S3 returns a `404 Not Found` error, because the object does not exist. If you specify versionId in the `x-amz-copy-source` and the versionId is a delete marker, Amazon S3 returns an HTTP `400 Bad Request` error, because you are not allowed to specify a delete marker as a version for the `x-amz-copy-source`. **Directory buckets** - S3 Versioning isn't enabled and supported for directory buckets. Pattern: `\/?.+\/.+` Required: Yes ** [x-amz-copy-source-if-match](#API_UploadPartCopy_RequestSyntax) ** Copies the object if its entity tag (ETag) matches the specified tag. If both of the `x-amz-copy-source-if-match` and `x-amz-copy-source-if-unmodified-since` headers are present in the request as follows: `x-amz-copy-source-if-match` condition evaluates to `true`, and; `x-amz-copy-source-if-unmodified-since` condition evaluates to `false`; Amazon S3 returns `200 OK` and copies the data. ** [x-amz-copy-source-if-modified-since](#API_UploadPartCopy_RequestSyntax) ** Copies the object if it has been modified since the specified time. If both of the `x-amz-copy-source-if-none-match` and `x-amz-copy-source-if-modified-since` headers are present in the request as follows: `x-amz-copy-source-if-none-match` condition evaluates to `false`, and; `x-amz-copy-source-if-modified-since` condition evaluates to `true`; Amazon S3 returns `412 Precondition Failed` response code. ** [x-amz-copy-source-if-none-match](#API_UploadPartCopy_RequestSyntax) ** Copies the object if its entity tag (ETag) is different than the specified ETag. If both of the `x-amz-copy-source-if-none-match` and `x-amz-copy-source-if-modified-since` headers are present in the request as follows: `x-amz-copy-source-if-none-match` condition evaluates to `false`, and; `x-amz-copy-source-if-modified-since` condition evaluates to `true`; Amazon S3 returns `412 Precondition Failed` response code. ** [x-amz-copy-source-if-unmodified-since](#API_UploadPartCopy_RequestSyntax) ** Copies the object if it hasn't been modified since the specified time. If both of the `x-amz-copy-source-if-match` and `x-amz-copy-source-if-unmodified-since` headers are present in the request as follows: `x-amz-copy-source-if-match` condition evaluates to `true`, and; `x-amz-copy-source-if-unmodified-since` condition evaluates to `false`; Amazon S3 returns `200 OK` and copies the data. ** [x-amz-copy-source-range](#API_UploadPartCopy_RequestSyntax) ** The range of bytes to copy from the source object. The range value must use the form bytes=first-last, where the first and last are the zero-based byte offsets to copy. For example, bytes=0-9 indicates that you want to copy the first 10 bytes of the source. You can copy a range only if the source object is greater than 5 MB. ** [x-amz-copy-source-server-side-encryption-customer-algorithm](#API_UploadPartCopy_RequestSyntax) ** Specifies the algorithm to use when decrypting the source object (for example, `AES256`). This functionality is not supported when the source object is in a directory bucket. ** [x-amz-copy-source-server-side-encryption-customer-key](#API_UploadPartCopy_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created. This functionality is not supported when the source object is in a directory bucket. ** [x-amz-copy-source-server-side-encryption-customer-key-MD5](#API_UploadPartCopy_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported when the source object is in a directory bucket. ** [x-amz-expected-bucket-owner](#API_UploadPartCopy_RequestSyntax) ** The account ID of the expected destination bucket owner. If the account ID that you provide does not match the actual owner of the destination bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ** [x-amz-request-payer](#API_UploadPartCopy_RequestSyntax) ** Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see [Downloading Objects in Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the *Amazon S3 User Guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption-customer-algorithm](#API_UploadPartCopy_RequestSyntax) ** Specifies the algorithm to use when encrypting the object (for example, AES256). This functionality is not supported when the destination bucket is a directory bucket. ** [x-amz-server-side-encryption-customer-key](#API_UploadPartCopy_RequestSyntax) ** Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the `x-amz-server-side-encryption-customer-algorithm` header. This must be the same encryption key specified in the initiate multipart upload request. This functionality is not supported when the destination bucket is a directory bucket. ** [x-amz-server-side-encryption-customer-key-MD5](#API_UploadPartCopy_RequestSyntax) ** Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error. This functionality is not supported when the destination bucket is a directory bucket. ** [x-amz-source-expected-bucket-owner](#API_UploadPartCopy_RequestSyntax) ** The account ID of the expected source bucket owner. If the account ID that you provide does not match the actual owner of the source bucket, the request fails with the HTTP status code `403 Forbidden` (access denied). ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 x-amz-copy-source-version-id: CopySourceVersionId x-amz-server-side-encryption: ServerSideEncryption x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled x-amz-request-charged: RequestCharged string timestamp string string string string string ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The response returns the following HTTP headers. ** [x-amz-copy-source-version-id](#API_UploadPartCopy_ResponseSyntax) ** The version of the source object that was copied, if you have enabled versioning on the source bucket. This functionality is not supported when the source object is in a directory bucket. ** [x-amz-request-charged](#API_UploadPartCopy_ResponseSyntax) ** If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*. This functionality is not supported for directory buckets. Valid Values: `requester` ** [x-amz-server-side-encryption](#API_UploadPartCopy_ResponseSyntax) ** The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`. Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` ** [x-amz-server-side-encryption-aws-kms-key-id](#API_UploadPartCopy_ResponseSyntax) ** If present, indicates the ID of the KMS key that was used for object encryption. ** [x-amz-server-side-encryption-bucket-key-enabled](#API_UploadPartCopy_ResponseSyntax) ** Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS). ** [x-amz-server-side-encryption-customer-algorithm](#API_UploadPartCopy_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used. This functionality is not supported for directory buckets. ** [x-amz-server-side-encryption-customer-key-MD5](#API_UploadPartCopy_ResponseSyntax) ** If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key. This functionality is not supported for directory buckets. The following data is returned in XML format by the service. ** [CopyPartResult](#API_UploadPartCopy_ResponseSyntax) ** Root level tag for the CopyPartResult parameters. Required: Yes ** [ChecksumCRC32](#API_UploadPartCopy_ResponseSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32` checksum of the part. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumCRC32C](#API_UploadPartCopy_ResponseSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit `CRC32C` checksum of the part. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumCRC64NVME](#API_UploadPartCopy_ResponseSyntax) ** The Base64 encoded, 64-bit `CRC64NVME` checksum of the part. This checksum is present if the multipart upload request was created with the `CRC64NVME` checksum algorithm to the uploaded object). For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumSHA1](#API_UploadPartCopy_ResponseSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 160-bit `SHA1` checksum of the part. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ChecksumSHA256](#API_UploadPartCopy_ResponseSyntax) ** This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 256-bit `SHA256` checksum of the part. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*. Type: String ** [ETag](#API_UploadPartCopy_ResponseSyntax) ** Entity tag of the object. Type: String ** [LastModified](#API_UploadPartCopy_ResponseSyntax) ** Date and time at which the object was uploaded. Type: Timestamp ## Examples ### Sample Request for general purpose buckets The following PUT request uploads a part (part number 2) in a multipart upload. The request specifies a byte range from an existing object as the source of this upload. The request includes the upload ID that you get in response to your Initiate Multipart Upload request. ``` PUT /newobject?partNumber=2&uploadId=VCVsb2FkIElEIGZvciBlbZZpbmcncyBteS1tb3ZpZS5tMnRzIHVwbG9hZR HTTP/1.1 Host: target-bucket.s3..amazonaws.com Date: Mon, 11 Apr 2011 20:34:56 GMT x-amz-copy-source: /source-bucket/sourceobject x-amz-copy-source-range:bytes=500-6291456 Authorization: authorization string ``` ### Sample Response for general purpose buckets The response includes the ETag value. You need to retain this value to use when you send the Complete Multipart Upload request. ``` HTTP/1.1 200 OK x-amz-id-2: Vvag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 Date: Mon, 11 Apr 2011 20:34:56 GMT Server: AmazonS3 2011-04-11T20:34:56.000Z "9b2cf535f27731c974343645a3985328" ``` ### Sample Request for general purpose buckets The following PUT request uploads a part (part number 2) in a multipart upload. The request does not specify the optional byte range header, but requests the entire source object copy as part 2. The request includes the upload ID that you got in response to your Initiate Multipart Upload request. ``` PUT /newobject?partNumber=2&uploadId=VCVsb2FkIElEIGZvciBlbZZpbmcncyBteS1tb3ZpZS5tMnRzIHVwbG9hZR HTTP/1.1 Host: target-bucket.s3..amazonaws.com Date: Mon, 11 Apr 2011 20:34:56 GMT x-amz-copy-source: /source-bucket/sourceobject?versionId=3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo Authorization: authorization string ``` ### Sample Response for general purpose buckets The response includes the ETag value. You need to retain this value to use when you send the Complete Multipart Upload request. ``` HTTP/1.1 200 OK x-amz-id-2: Vvag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== x-amz-request-id: 656c76696e6727732072657175657374 x-amz-copy-source-version-id: 3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo Date: Mon, 11 Apr 2011 20:34:56 GMT Server: AmazonS3 2011-04-11T20:34:56.000Z "9b2cf535f27731c974343645a3985328" ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/UploadPartCopy) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/UploadPartCopy) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/UploadPartCopy) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/UploadPartCopy) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/UploadPartCopy) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/UploadPartCopy) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/UploadPartCopy) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/UploadPartCopy) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/UploadPartCopy) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/UploadPartCopy) # WriteGetObjectResponse **Note** This operation is not supported for directory buckets. Passes transformed objects to a `GetObject` operation when using Object Lambda access points. For information about Object Lambda access points, see [Transforming objects with Object Lambda access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html) in the *Amazon S3 User Guide*. This operation supports metadata that can be returned by [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html), in addition to `RequestRoute`, `RequestToken`, `StatusCode`, `ErrorCode`, and `ErrorMessage`. The `GetObject` response metadata is supported so that the `WriteGetObjectResponse` caller, typically an AWS Lambda function, can provide the same metadata when it internally invokes `GetObject`. When `WriteGetObjectResponse` is called by a customer-owned Lambda function, the metadata returned to the end user `GetObject` call might differ from what Amazon S3 would normally return. You can include any number of metadata headers. When including a metadata header, it should be prefaced with `x-amz-meta`. For example, `x-amz-meta-my-custom-header: MyCustomValue`. The primary use case for this is to forward `GetObject` metadata. AWS provides some prebuilt Lambda functions that you can use with S3 Object Lambda to detect and redact personally identifiable information (PII) and decompress S3 objects. These Lambda functions are available in the AWS Serverless Application Repository, and can be selected through the AWS Management Console when you create your Object Lambda access point. Example 1: PII Access Control - This Lambda function uses Amazon Comprehend, a natural language processing (NLP) service using machine learning to find insights and relationships in text. It automatically detects personally identifiable information (PII) such as names, addresses, dates, credit card numbers, and social security numbers from documents in your Amazon S3 bucket. Example 2: PII Redaction - This Lambda function uses Amazon Comprehend, a natural language processing (NLP) service using machine learning to find insights and relationships in text. It automatically redacts personally identifiable information (PII) such as names, addresses, dates, credit card numbers, and social security numbers from documents in your Amazon S3 bucket. Example 3: Decompression - The Lambda function S3ObjectLambdaDecompression, is equipped to decompress objects stored in S3 in one of six compressed file formats including bzip2, gzip, snappy, zlib, zstandard and ZIP. For information on how to view and use these functions, see [Using AWS built Lambda functions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/olap-examples.html) in the *Amazon S3 User Guide*. **Important** You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt`, containing two spaces after `my`, you must URL encode this value to `my%20%20file.txt`. ## Request Syntax ``` POST /WriteGetObjectResponse HTTP/1.1 Host: s3.amazonaws.com x-amz-request-route: RequestRoute x-amz-request-token: RequestToken x-amz-fwd-status: StatusCode x-amz-fwd-error-code: ErrorCode x-amz-fwd-error-message: ErrorMessage x-amz-fwd-header-accept-ranges: AcceptRanges x-amz-fwd-header-Cache-Control: CacheControl x-amz-fwd-header-Content-Disposition: ContentDisposition x-amz-fwd-header-Content-Encoding: ContentEncoding x-amz-fwd-header-Content-Language: ContentLanguage Content-Length: ContentLength x-amz-fwd-header-Content-Range: ContentRange x-amz-fwd-header-Content-Type: ContentType x-amz-fwd-header-x-amz-checksum-crc32: ChecksumCRC32 x-amz-fwd-header-x-amz-checksum-crc32c: ChecksumCRC32C x-amz-fwd-header-x-amz-checksum-crc64nvme: ChecksumCRC64NVME x-amz-fwd-header-x-amz-checksum-sha1: ChecksumSHA1 x-amz-fwd-header-x-amz-checksum-sha256: ChecksumSHA256 x-amz-fwd-header-x-amz-delete-marker: DeleteMarker x-amz-fwd-header-ETag: ETag x-amz-fwd-header-Expires: Expires x-amz-fwd-header-x-amz-expiration: Expiration x-amz-fwd-header-Last-Modified: LastModified x-amz-fwd-header-x-amz-missing-meta: MissingMeta x-amz-fwd-header-x-amz-object-lock-mode: ObjectLockMode x-amz-fwd-header-x-amz-object-lock-legal-hold: ObjectLockLegalHoldStatus x-amz-fwd-header-x-amz-object-lock-retain-until-date: ObjectLockRetainUntilDate x-amz-fwd-header-x-amz-mp-parts-count: PartsCount x-amz-fwd-header-x-amz-replication-status: ReplicationStatus x-amz-fwd-header-x-amz-request-charged: RequestCharged x-amz-fwd-header-x-amz-restore: Restore x-amz-fwd-header-x-amz-server-side-encryption: ServerSideEncryption x-amz-fwd-header-x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm x-amz-fwd-header-x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId x-amz-fwd-header-x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5 x-amz-fwd-header-x-amz-storage-class: StorageClass x-amz-fwd-header-x-amz-tagging-count: TagCount x-amz-fwd-header-x-amz-version-id: VersionId x-amz-fwd-header-x-amz-server-side-encryption-bucket-key-enabled: BucketKeyEnabled Body ``` ## URI Request Parameters The request uses the following URI parameters. ** [Content-Length](#API_WriteGetObjectResponse_RequestSyntax) ** The size of the content body in bytes. ** [x-amz-fwd-error-code](#API_WriteGetObjectResponse_RequestSyntax) ** A string that uniquely identifies an error condition. Returned in the

 tag of the error XML response for a corresponding `GetObject` call. Cannot be used with a successful `StatusCode` header or when the transformed object is provided in the body. All error codes from S3 are sentence-cased. The regular expression (regex) value is `"^[A-Z][a-zA-Z]+$"`.

 ** [x-amz-fwd-error-message](#API_WriteGetObjectResponse_RequestSyntax) **   
Contains a generic description of the error condition. Returned in the  tag of the error XML response for a corresponding `GetObject` call. Cannot be used with a successful `StatusCode` header or when the transformed object is provided in body.

 ** [x-amz-fwd-header-accept-ranges](#API_WriteGetObjectResponse_RequestSyntax) **   
Indicates that a range of bytes was specified.

 ** [x-amz-fwd-header-Cache-Control](#API_WriteGetObjectResponse_RequestSyntax) **   
Specifies caching behavior along the request/reply chain.

 ** [x-amz-fwd-header-Content-Disposition](#API_WriteGetObjectResponse_RequestSyntax) **   
Specifies presentational information for the object.

 ** [x-amz-fwd-header-Content-Encoding](#API_WriteGetObjectResponse_RequestSyntax) **   
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

 ** [x-amz-fwd-header-Content-Language](#API_WriteGetObjectResponse_RequestSyntax) **   
The language the content is in.

 ** [x-amz-fwd-header-Content-Range](#API_WriteGetObjectResponse_RequestSyntax) **   
The portion of the object returned in the response.

 ** [x-amz-fwd-header-Content-Type](#API_WriteGetObjectResponse_RequestSyntax) **   
A standard MIME type describing the format of the object data.

 ** [x-amz-fwd-header-ETag](#API_WriteGetObjectResponse_RequestSyntax) **   
An opaque identifier assigned by a web server to a specific version of a resource found at a URL. 

 ** [x-amz-fwd-header-Expires](#API_WriteGetObjectResponse_RequestSyntax) **   
The date and time at which the object is no longer cacheable.

 ** [x-amz-fwd-header-Last-Modified](#API_WriteGetObjectResponse_RequestSyntax) **   
The date and time that the object was last modified.

 ** [x-amz-fwd-header-x-amz-checksum-crc32](#API_WriteGetObjectResponse_RequestSyntax) **   
This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This specifies the Base64 encoded, 32-bit `CRC32` checksum of the object returned by the Object Lambda function. This may not match the checksum for the object stored in Amazon S3. Amazon S3 will perform validation of the checksum values only when the original `GetObject` request required checksum validation. For more information about checksums, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*.  
Only one checksum header can be specified at a time. If you supply multiple checksum headers, this request will fail.  


 ** [x-amz-fwd-header-x-amz-checksum-crc32c](#API_WriteGetObjectResponse_RequestSyntax) **   
This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This specifies the Base64 encoded, 32-bit `CRC32C` checksum of the object returned by the Object Lambda function. This may not match the checksum for the object stored in Amazon S3. Amazon S3 will perform validation of the checksum values only when the original `GetObject` request required checksum validation. For more information about checksums, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*.  
Only one checksum header can be specified at a time. If you supply multiple checksum headers, this request will fail.

 ** [x-amz-fwd-header-x-amz-checksum-crc64nvme](#API_WriteGetObjectResponse_RequestSyntax) **   
This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit `CRC64NVME` checksum of the part. For more information, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*.

 ** [x-amz-fwd-header-x-amz-checksum-sha1](#API_WriteGetObjectResponse_RequestSyntax) **   
This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This specifies the Base64 encoded, 160-bit `SHA1` digest of the object returned by the Object Lambda function. This may not match the checksum for the object stored in Amazon S3. Amazon S3 will perform validation of the checksum values only when the original `GetObject` request required checksum validation. For more information about checksums, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*.  
Only one checksum header can be specified at a time. If you supply multiple checksum headers, this request will fail.

 ** [x-amz-fwd-header-x-amz-checksum-sha256](#API_WriteGetObjectResponse_RequestSyntax) **   
This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This specifies the Base64 encoded, 256-bit `SHA256` digest of the object returned by the Object Lambda function. This may not match the checksum for the object stored in Amazon S3. Amazon S3 will perform validation of the checksum values only when the original `GetObject` request required checksum validation. For more information about checksums, see [Checking object integrity](https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) in the *Amazon S3 User Guide*.  
Only one checksum header can be specified at a time. If you supply multiple checksum headers, this request will fail.

 ** [x-amz-fwd-header-x-amz-delete-marker](#API_WriteGetObjectResponse_RequestSyntax) **   
Specifies whether an object stored in Amazon S3 is (`true`) or is not (`false`) a delete marker. To learn more about delete markers, see [Working with delete markers](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeleteMarker.html).

 ** [x-amz-fwd-header-x-amz-expiration](#API_WriteGetObjectResponse_RequestSyntax) **   
If the object expiration is configured (see PUT Bucket lifecycle), the response includes this header. It includes the `expiry-date` and `rule-id` key-value pairs that provide the object expiration information. The value of the `rule-id` is URL-encoded. 

 ** [x-amz-fwd-header-x-amz-missing-meta](#API_WriteGetObjectResponse_RequestSyntax) **   
Set to the number of metadata entries not returned in `x-amz-meta` headers. This can happen if you create metadata using an API like SOAP that supports more flexible metadata than the REST API. For example, using SOAP, you can create metadata whose values are not legal HTTP headers.

 ** [x-amz-fwd-header-x-amz-mp-parts-count](#API_WriteGetObjectResponse_RequestSyntax) **   
The count of parts this object has.

 ** [x-amz-fwd-header-x-amz-object-lock-legal-hold](#API_WriteGetObjectResponse_RequestSyntax) **   
Indicates whether an object stored in Amazon S3 has an active legal hold.  
Valid Values: `ON | OFF` 

 ** [x-amz-fwd-header-x-amz-object-lock-mode](#API_WriteGetObjectResponse_RequestSyntax) **   
Indicates whether an object stored in Amazon S3 has Object Lock enabled. For more information about S3 Object Lock, see [Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html).  
Valid Values: `GOVERNANCE | COMPLIANCE` 

 ** [x-amz-fwd-header-x-amz-object-lock-retain-until-date](#API_WriteGetObjectResponse_RequestSyntax) **   
The date and time when Object Lock is configured to expire.

 ** [x-amz-fwd-header-x-amz-replication-status](#API_WriteGetObjectResponse_RequestSyntax) **   
Indicates if request involves bucket that is either a source or destination in a Replication rule. For more information about S3 Replication, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html).  
Valid Values: `COMPLETE | PENDING | FAILED | REPLICA | COMPLETED` 

 ** [x-amz-fwd-header-x-amz-request-charged](#API_WriteGetObjectResponse_RequestSyntax) **   
If present, indicates that the requester was successfully charged for the request. For more information, see [Using Requester Pays buckets for storage transfers and usage](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service user guide*.  
This functionality is not supported for directory buckets.
Valid Values: `requester` 

 ** [x-amz-fwd-header-x-amz-restore](#API_WriteGetObjectResponse_RequestSyntax) **   
Provides information about object restoration operation and expiration time of the restored object copy.

 ** [x-amz-fwd-header-x-amz-server-side-encryption](#API_WriteGetObjectResponse_RequestSyntax) **   
 The server-side encryption algorithm used when storing requested object in Amazon S3 or Amazon FSx.  
When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx`.
Valid Values: `AES256 | aws:fsx | aws:kms | aws:kms:dsse` 

 ** [x-amz-fwd-header-x-amz-server-side-encryption-aws-kms-key-id](#API_WriteGetObjectResponse_RequestSyntax) **   
 If present, specifies the ID (Key ID, Key ARN, or Key Alias) of the AWS Key Management Service (AWS KMS) symmetric encryption customer managed key that was used for stored in Amazon S3 object. 

 ** [x-amz-fwd-header-x-amz-server-side-encryption-bucket-key-enabled](#API_WriteGetObjectResponse_RequestSyntax) **   
 Indicates whether the object stored in Amazon S3 uses an S3 bucket key for server-side encryption with AWS KMS (SSE-KMS).

 ** [x-amz-fwd-header-x-amz-server-side-encryption-customer-algorithm](#API_WriteGetObjectResponse_RequestSyntax) **   
Encryption algorithm used if server-side encryption with a customer-provided encryption key was specified for object stored in Amazon S3.

 ** [x-amz-fwd-header-x-amz-server-side-encryption-customer-key-MD5](#API_WriteGetObjectResponse_RequestSyntax) **   
 128-bit MD5 digest of customer-provided encryption key used in Amazon S3 to encrypt data stored in S3. For more information, see [Protecting data using server-side encryption with customer-provided encryption keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html).

 ** [x-amz-fwd-header-x-amz-storage-class](#API_WriteGetObjectResponse_RequestSyntax) **   
Provides storage class information of the object. Amazon S3 returns this header for all objects except for S3 Standard storage class objects.  
For more information, see [Storage Classes](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html).  
Valid Values: `STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE | FSX_OPENZFS | FSX_ONTAP` 

 ** [x-amz-fwd-header-x-amz-tagging-count](#API_WriteGetObjectResponse_RequestSyntax) **   
The number of tags, if any, on the object.

 ** [x-amz-fwd-header-x-amz-version-id](#API_WriteGetObjectResponse_RequestSyntax) **   
An ID used to reference a specific version of the object.

 ** [x-amz-fwd-status](#API_WriteGetObjectResponse_RequestSyntax) **   
The integer status code for an HTTP response of a corresponding `GetObject` request. The following is a list of status codes.  
+  `200 - OK` 
+  `206 - Partial Content` 
+  `304 - Not Modified` 
+  `400 - Bad Request` 
+  `401 - Unauthorized` 
+  `403 - Forbidden` 
+  `404 - Not Found` 
+  `405 - Method Not Allowed` 
+  `409 - Conflict` 
+  `411 - Length Required` 
+  `412 - Precondition Failed` 
+  `416 - Range Not Satisfiable` 
+  `500 - Internal Server Error` 
+  `503 - Service Unavailable` 

 ** [x-amz-request-route](#API_WriteGetObjectResponse_RequestSyntax) **   
Route prefix to the HTTP URL generated.  
Required: Yes

 ** [x-amz-request-token](#API_WriteGetObjectResponse_RequestSyntax) **   
A single use encrypted token that maps `WriteGetObjectResponse` to the end user `GetObject` request.  
Required: Yes

## Request Body


The request accepts the following binary data.

 ** [Body](#API_WriteGetObjectResponse_RequestSyntax) **   

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample Response


The following illustrates a sample response.

```
             HTTP/1.1 200 OK
             x-amz-request-id: 19684529-d1aa-413e-9382-9ff490962d12
             Date: Wed, 24 Feb 2021 10:57:53 GMT
             Content-Length: 0
```

### Sample Request


The following illustrates a sample request from a POST.

```
             POST /WriteGetObjectResponse HTTP/1.1
             Host: .s3-object-lambda..amazonaws.com
             x-amz-request-token: 
             Authorization: authorization string
             Content-Type: text/plain
             Content-Length: 16
             [16 bytes of object data]
```

### Sample Error Response


The following response returns a `ValidationError` error because the RequestToken could not be decrypted.

```
            
            
            ValidationError
            Invalid token
            fcd2cd5e-def0-4001-8030-1fd1d61d2c9d
            
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/WriteGetObjectResponse) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/WriteGetObjectResponse) 

# Amazon S3 Control


The following actions are supported by Amazon S3 Control:
+  [AssociateAccessGrantsIdentityCenter](API_control_AssociateAccessGrantsIdentityCenter.md) 
+  [CreateAccessGrant](API_control_CreateAccessGrant.md) 
+  [CreateAccessGrantsInstance](API_control_CreateAccessGrantsInstance.md) 
+  [CreateAccessGrantsLocation](API_control_CreateAccessGrantsLocation.md) 
+  [CreateAccessPoint](API_control_CreateAccessPoint.md) 
+  [CreateAccessPointForObjectLambda](API_control_CreateAccessPointForObjectLambda.md) 
+  [CreateBucket](API_control_CreateBucket.md) 
+  [CreateJob](API_control_CreateJob.md) 
+  [CreateMultiRegionAccessPoint](API_control_CreateMultiRegionAccessPoint.md) 
+  [CreateStorageLensGroup](API_control_CreateStorageLensGroup.md) 
+  [DeleteAccessGrant](API_control_DeleteAccessGrant.md) 
+  [DeleteAccessGrantsInstance](API_control_DeleteAccessGrantsInstance.md) 
+  [DeleteAccessGrantsInstanceResourcePolicy](API_control_DeleteAccessGrantsInstanceResourcePolicy.md) 
+  [DeleteAccessGrantsLocation](API_control_DeleteAccessGrantsLocation.md) 
+  [DeleteAccessPoint](API_control_DeleteAccessPoint.md) 
+  [DeleteAccessPointForObjectLambda](API_control_DeleteAccessPointForObjectLambda.md) 
+  [DeleteAccessPointPolicy](API_control_DeleteAccessPointPolicy.md) 
+  [DeleteAccessPointPolicyForObjectLambda](API_control_DeleteAccessPointPolicyForObjectLambda.md) 
+  [DeleteAccessPointScope](API_control_DeleteAccessPointScope.md) 
+  [DeleteBucket](API_control_DeleteBucket.md) 
+  [DeleteBucketLifecycleConfiguration](API_control_DeleteBucketLifecycleConfiguration.md) 
+  [DeleteBucketPolicy](API_control_DeleteBucketPolicy.md) 
+  [DeleteBucketReplication](API_control_DeleteBucketReplication.md) 
+  [DeleteBucketTagging](API_control_DeleteBucketTagging.md) 
+  [DeleteJobTagging](API_control_DeleteJobTagging.md) 
+  [DeleteMultiRegionAccessPoint](API_control_DeleteMultiRegionAccessPoint.md) 
+  [DeletePublicAccessBlock](API_control_DeletePublicAccessBlock.md) 
+  [DeleteStorageLensConfiguration](API_control_DeleteStorageLensConfiguration.md) 
+  [DeleteStorageLensConfigurationTagging](API_control_DeleteStorageLensConfigurationTagging.md) 
+  [DeleteStorageLensGroup](API_control_DeleteStorageLensGroup.md) 
+  [DescribeJob](API_control_DescribeJob.md) 
+  [DescribeMultiRegionAccessPointOperation](API_control_DescribeMultiRegionAccessPointOperation.md) 
+  [DissociateAccessGrantsIdentityCenter](API_control_DissociateAccessGrantsIdentityCenter.md) 
+  [GetAccessGrant](API_control_GetAccessGrant.md) 
+  [GetAccessGrantsInstance](API_control_GetAccessGrantsInstance.md) 
+  [GetAccessGrantsInstanceForPrefix](API_control_GetAccessGrantsInstanceForPrefix.md) 
+  [GetAccessGrantsInstanceResourcePolicy](API_control_GetAccessGrantsInstanceResourcePolicy.md) 
+  [GetAccessGrantsLocation](API_control_GetAccessGrantsLocation.md) 
+  [GetAccessPoint](API_control_GetAccessPoint.md) 
+  [GetAccessPointConfigurationForObjectLambda](API_control_GetAccessPointConfigurationForObjectLambda.md) 
+  [GetAccessPointForObjectLambda](API_control_GetAccessPointForObjectLambda.md) 
+  [GetAccessPointPolicy](API_control_GetAccessPointPolicy.md) 
+  [GetAccessPointPolicyForObjectLambda](API_control_GetAccessPointPolicyForObjectLambda.md) 
+  [GetAccessPointPolicyStatus](API_control_GetAccessPointPolicyStatus.md) 
+  [GetAccessPointPolicyStatusForObjectLambda](API_control_GetAccessPointPolicyStatusForObjectLambda.md) 
+  [GetAccessPointScope](API_control_GetAccessPointScope.md) 
+  [GetBucket](API_control_GetBucket.md) 
+  [GetBucketLifecycleConfiguration](API_control_GetBucketLifecycleConfiguration.md) 
+  [GetBucketPolicy](API_control_GetBucketPolicy.md) 
+  [GetBucketReplication](API_control_GetBucketReplication.md) 
+  [GetBucketTagging](API_control_GetBucketTagging.md) 
+  [GetBucketVersioning](API_control_GetBucketVersioning.md) 
+  [GetDataAccess](API_control_GetDataAccess.md) 
+  [GetJobTagging](API_control_GetJobTagging.md) 
+  [GetMultiRegionAccessPoint](API_control_GetMultiRegionAccessPoint.md) 
+  [GetMultiRegionAccessPointPolicy](API_control_GetMultiRegionAccessPointPolicy.md) 
+  [GetMultiRegionAccessPointPolicyStatus](API_control_GetMultiRegionAccessPointPolicyStatus.md) 
+  [GetMultiRegionAccessPointRoutes](API_control_GetMultiRegionAccessPointRoutes.md) 
+  [GetPublicAccessBlock](API_control_GetPublicAccessBlock.md) 
+  [GetStorageLensConfiguration](API_control_GetStorageLensConfiguration.md) 
+  [GetStorageLensConfigurationTagging](API_control_GetStorageLensConfigurationTagging.md) 
+  [GetStorageLensGroup](API_control_GetStorageLensGroup.md) 
+  [ListAccessGrants](API_control_ListAccessGrants.md) 
+  [ListAccessGrantsInstances](API_control_ListAccessGrantsInstances.md) 
+  [ListAccessGrantsLocations](API_control_ListAccessGrantsLocations.md) 
+  [ListAccessPoints](API_control_ListAccessPoints.md) 
+  [ListAccessPointsForDirectoryBuckets](API_control_ListAccessPointsForDirectoryBuckets.md) 
+  [ListAccessPointsForObjectLambda](API_control_ListAccessPointsForObjectLambda.md) 
+  [ListCallerAccessGrants](API_control_ListCallerAccessGrants.md) 
+  [ListJobs](API_control_ListJobs.md) 
+  [ListMultiRegionAccessPoints](API_control_ListMultiRegionAccessPoints.md) 
+  [ListRegionalBuckets](API_control_ListRegionalBuckets.md) 
+  [ListStorageLensConfigurations](API_control_ListStorageLensConfigurations.md) 
+  [ListStorageLensGroups](API_control_ListStorageLensGroups.md) 
+  [ListTagsForResource](API_control_ListTagsForResource.md) 
+  [PutAccessGrantsInstanceResourcePolicy](API_control_PutAccessGrantsInstanceResourcePolicy.md) 
+  [PutAccessPointConfigurationForObjectLambda](API_control_PutAccessPointConfigurationForObjectLambda.md) 
+  [PutAccessPointPolicy](API_control_PutAccessPointPolicy.md) 
+  [PutAccessPointPolicyForObjectLambda](API_control_PutAccessPointPolicyForObjectLambda.md) 
+  [PutAccessPointScope](API_control_PutAccessPointScope.md) 
+  [PutBucketLifecycleConfiguration](API_control_PutBucketLifecycleConfiguration.md) 
+  [PutBucketPolicy](API_control_PutBucketPolicy.md) 
+  [PutBucketReplication](API_control_PutBucketReplication.md) 
+  [PutBucketTagging](API_control_PutBucketTagging.md) 
+  [PutBucketVersioning](API_control_PutBucketVersioning.md) 
+  [PutJobTagging](API_control_PutJobTagging.md) 
+  [PutMultiRegionAccessPointPolicy](API_control_PutMultiRegionAccessPointPolicy.md) 
+  [PutPublicAccessBlock](API_control_PutPublicAccessBlock.md) 
+  [PutStorageLensConfiguration](API_control_PutStorageLensConfiguration.md) 
+  [PutStorageLensConfigurationTagging](API_control_PutStorageLensConfigurationTagging.md) 
+  [SubmitMultiRegionAccessPointRoutes](API_control_SubmitMultiRegionAccessPointRoutes.md) 
+  [TagResource](API_control_TagResource.md) 
+  [UntagResource](API_control_UntagResource.md) 
+  [UpdateAccessGrantsLocation](API_control_UpdateAccessGrantsLocation.md) 
+  [UpdateJobPriority](API_control_UpdateJobPriority.md) 
+  [UpdateJobStatus](API_control_UpdateJobStatus.md) 
+  [UpdateStorageLensGroup](API_control_UpdateStorageLensGroup.md) 

# AssociateAccessGrantsIdentityCenter


Associate your S3 Access Grants instance with an AWS IAM Identity Center instance. Use this action if you want to create access grants for users or groups from your corporate identity directory. First, you must add your corporate identity directory to AWS IAM Identity Center. Then, you can associate this IAM Identity Center instance with your S3 Access Grants instance.

Permissions  
You must have the `s3:AssociateAccessGrantsIdentityCenter` permission to use this operation. 

Additional Permissions  
You must also have the following permissions: `sso:CreateApplication`, `sso:PutApplicationGrant`, and `sso:PutApplicationAuthenticationMethod`. 

## Request Syntax


```
POST /v20180820/accessgrantsinstance/identitycenter HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_AssociateAccessGrantsIdentityCenter_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [AssociateAccessGrantsIdentityCenterRequest](#API_control_AssociateAccessGrantsIdentityCenter_RequestSyntax) **   
Root level tag for the AssociateAccessGrantsIdentityCenterRequest parameters.  
Required: Yes

 ** [IdentityCenterArn](#API_control_AssociateAccessGrantsIdentityCenter_RequestSyntax) **   
The Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 

# CreateAccessGrant


Creates an access grant that gives a grantee access to your S3 data. The grantee can be an IAM user or role or a directory user, or group. Before you can create a grant, you must have an S3 Access Grants instance in the same Region as the S3 data. You can create an S3 Access Grants instance using the [CreateAccessGrantsInstance](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessGrantsInstance.html). You must also have registered at least one S3 data location in your S3 Access Grants instance using [CreateAccessGrantsLocation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessGrantsLocation.html). 

Permissions  
You must have the `s3:CreateAccessGrant` permission to use this operation. 

Additional Permissions  
For any directory identity - `sso:DescribeInstance` and `sso:DescribeApplication`   
For directory users - `identitystore:DescribeUser`   
For directory groups - `identitystore:DescribeGroup` 

## Request Syntax


```
POST /v20180820/accessgrantsinstance/grant HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   
      string
   
   
      string
      string
   
   string
   string
   string
   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateAccessGrant_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessGrantRequest](#API_control_CreateAccessGrant_RequestSyntax) **   
Root level tag for the CreateAccessGrantRequest parameters.  
Required: Yes

 ** [AccessGrantsLocationConfiguration](#API_control_CreateAccessGrant_RequestSyntax) **   
The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.  
Type: [AccessGrantsLocationConfiguration](API_control_AccessGrantsLocationConfiguration.md) data type  
Required: No

 ** [AccessGrantsLocationId](#API_control_CreateAccessGrant_RequestSyntax) **   
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
If you are passing the `default` location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the `Subprefix` field.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [ApplicationArn](#API_control_CreateAccessGrant_RequestSyntax) **   
The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If an application ARN is included in the request to create an access grant, the grantee can only access the S3 data through this application.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$`   
Required: No

 ** [Grantee](#API_control_CreateAccessGrant_RequestSyntax) **   
The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.  
Type: [Grantee](API_control_Grantee.md) data type  
Required: Yes

 ** [Permission](#API_control_CreateAccessGrant_RequestSyntax) **   
The type of access that you are granting to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Type: String  
Valid Values: `READ | WRITE | READWRITE`   
Required: Yes

 ** [S3PrefixType](#API_control_CreateAccessGrant_RequestSyntax) **   
The type of `S3SubPrefix`. The only possible value is `Object`. Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.   
Type: String  
Valid Values: `Object`   
Required: No

 ** [Tags](#API_control_CreateAccessGrant_RequestSyntax) **   
The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 200


   timestamp
   string
   string
   
      string
      string
   
   string
   
      string
   
   string
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessGrantResult](#API_control_CreateAccessGrant_ResponseSyntax) **   
Root level tag for the CreateAccessGrantResult parameters.  
Required: Yes

 ** [AccessGrantArn](#API_control_CreateAccessGrant_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the access grant.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/grant/[a-zA-Z0-9\-]+` 

 ** [AccessGrantId](#API_control_CreateAccessGrant_ResponseSyntax) **   
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationConfiguration](#API_control_CreateAccessGrant_ResponseSyntax) **   
The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access.   
Type: [AccessGrantsLocationConfiguration](API_control_AccessGrantsLocationConfiguration.md) data type

 ** [AccessGrantsLocationId](#API_control_CreateAccessGrant_ResponseSyntax) **   
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [ApplicationArn](#API_control_CreateAccessGrant_ResponseSyntax) **   
The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [CreatedAt](#API_control_CreateAccessGrant_ResponseSyntax) **   
The date and time when you created the access grant.   
Type: Timestamp

 ** [Grantee](#API_control_CreateAccessGrant_ResponseSyntax) **   
The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.  
Type: [Grantee](API_control_Grantee.md) data type

 ** [GrantScope](#API_control_CreateAccessGrant_ResponseSyntax) **   
The S3 path of the data to which you are granting access. It is the result of appending the `Subprefix` to the location scope.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [Permission](#API_control_CreateAccessGrant_ResponseSyntax) **   
The type of access that you are granting to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Type: String  
Valid Values: `READ | WRITE | READWRITE` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateAccessGrant) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessGrant) 

# CreateAccessGrantsInstance


Creates an S3 Access Grants instance, which serves as a logical grouping for access grants. You can create one S3 Access Grants instance per Region per account. 

Permissions  
You must have the `s3:CreateAccessGrantsInstance` permission to use this operation. 

Additional Permissions  
To associate an IAM Identity Center instance with your S3 Access Grants instance, you must also have the `sso:DescribeInstance`, `sso:CreateApplication`, `sso:PutApplicationGrant`, and `sso:PutApplicationAuthenticationMethod` permissions. 

## Request Syntax


```
POST /v20180820/accessgrantsinstance HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessGrantsInstanceRequest](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   
Root level tag for the CreateAccessGrantsInstanceRequest parameters.  
Required: Yes

 ** [IdentityCenterArn](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   
If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$`   
Required: No

 ** [Tags](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   
The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 200


   timestamp
   string
   string
   string
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessGrantsInstanceResult](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   
Root level tag for the CreateAccessGrantsInstanceResult parameters.  
Required: Yes

 ** [AccessGrantsInstanceArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsInstanceId](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   
The ID of the S3 Access Grants instance. The ID is `default`. You can have one S3 Access Grants instance per Region per account.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   
The date and time when you created the S3 Access Grants instance.   
Type: Timestamp

 ** [IdentityCenterApplicationArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   
If you associated your S3 Access Grants instance with an AWS IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [IdentityCenterArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   
 *This parameter has been deprecated.*   
If you associated your S3 Access Grants instance with an AWS IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

 ** [IdentityCenterInstanceArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessGrantsInstance) 

# CreateAccessGrantsLocation


The S3 data location that you would like to register in your S3 Access Grants instance. Your S3 data must be in the same Region as your S3 Access Grants instance. The location can be one of the following: 
+ The default S3 location `s3://` 
+ A bucket - `S3://` 
+ A bucket and prefix - `S3:///` 

When you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering. Give S3 Access Grants permission to assume this role [using a policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-location.html). S3 Access Grants assumes this role to manage access to the location and to vend temporary credentials to grantees or client applications. 

Permissions  
You must have the `s3:CreateAccessGrantsLocation` permission to use this operation. 

Additional Permissions  
You must also have the following permission for the specified IAM role: `iam:PassRole` 

## Request Syntax


```
POST /v20180820/accessgrantsinstance/location HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   string
   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessGrantsLocationRequest](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   
Root level tag for the CreateAccessGrantsLocationRequest parameters.  
Required: Yes

 ** [IAMRoleArn](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*`   
Required: Yes

 ** [LocationScope](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   
The S3 path to the location that you are registering. The location scope can be the default S3 location `s3://`, the S3 path to a bucket `s3://`, or the S3 path to a bucket and prefix `s3:///`. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$`   
Required: Yes

 ** [Tags](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   
The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.  
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 200


   timestamp
   string
   string
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessGrantsLocationResult](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   
Root level tag for the CreateAccessGrantsLocationResult parameters.  
Required: Yes

 ** [AccessGrantsLocationArn](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the location you are registering.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/location/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationId](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   
The date and time when you registered the location.   
Type: Timestamp

 ** [IAMRoleArn](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*` 

 ** [LocationScope](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   
The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://`, the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessGrantsLocation) 

# CreateAccessPoint


Creates an access point and associates it to a specified bucket. For more information, see [Managing access to shared datasets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html) or [Managing access to shared datasets in directory buckets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.

To create an access point and attach it to a volume on an Amazon FSx file system, see [CreateAndAttachS3AccessPoint](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateAndAttachS3AccessPoint.html) in the *Amazon FSx API Reference*.



**Note**  
S3 on Outposts only supports VPC-style access points.   
For more information, see [ Accessing Amazon S3 on Outposts using virtual private cloud (VPC) only access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html#API_control_CreateAccessPoint_Examples) section.



The following actions are related to `CreateAccessPoint`:
+  [GetAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html) 
+  [DeleteAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html) 
+  [ListAccessPoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html) 
+  [ListAccessPointsForDirectoryBuckets](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPointsForDirectoryBuckets.html) 

## Request Syntax


```
PUT /v20180820/accesspoint/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   
      string
   
   
      boolean
      boolean
      boolean
      boolean
   
   string
   
      
         string
      
      
         string
      
   
   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_CreateAccessPoint_RequestSyntax) **   
The name you want to assign to this access point.  
For directory buckets, the access point name must consist of a base name that you provide and suffix that includes the `ZoneID` (AWS Availability Zone or Local Zone) of your bucket location, followed by `--xa-s3`. For more information, see [Managing access to shared datasets in directory buckets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_CreateAccessPoint_RequestSyntax) **   
The AWS account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessPointRequest](#API_control_CreateAccessPoint_RequestSyntax) **   
Root level tag for the CreateAccessPointRequest parameters.  
Required: Yes

 ** [Bucket](#API_control_CreateAccessPoint_RequestSyntax) **   
The name of the bucket that you want to associate this access point with.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [BucketAccountId](#API_control_CreateAccessPoint_RequestSyntax) **   
The AWS account ID associated with the S3 bucket associated with this access point.  
For same account access point when your bucket and access point belong to the same account owner, the `BucketAccountId` is not required. For cross-account access point when your bucket and access point are not in the same account, the `BucketAccountId` is required.   
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: No

 ** [PublicAccessBlockConfiguration](#API_control_CreateAccessPoint_RequestSyntax) **   
 The `PublicAccessBlock` configuration that you want to apply to the access point.   
Type: [PublicAccessBlockConfiguration](API_control_PublicAccessBlockConfiguration.md) data type  
Required: No

 ** [Scope](#API_control_CreateAccessPoint_RequestSyntax) **   
For directory buckets, you can filter access control to specific prefixes, API operations, or a combination of both. For more information, see [Managing access to shared datasets in directory buckets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.  
Scope is only supported for access points attached to directory buckets.
Type: [Scope](API_control_Scope.md) data type  
Required: No

 ** [Tags](#API_control_CreateAccessPoint_RequestSyntax) **   
An array of tags that you can apply to an access point. Tags are key-value pairs of metadata used to control access to your access points. For more information about tags, see [Using tags with Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html). For information about tagging access points, see [Using tags for attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#using-tags-for-abac).  
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

 ** [VpcConfiguration](#API_control_CreateAccessPoint_RequestSyntax) **   
If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).  
This is required for creating an access point for Amazon S3 on Outposts buckets.
Type: [VpcConfiguration](API_control_VpcConfiguration.md) data type  
Required: No

## Response Syntax


```
HTTP/1.1 200


   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessPointResult](#API_control_CreateAccessPoint_ResponseSyntax) **   
Root level tag for the CreateAccessPointResult parameters.  
Required: Yes

 ** [AccessPointArn](#API_control_CreateAccessPoint_ResponseSyntax) **   
The ARN of the access point.  
This is only supported by Amazon S3 on Outposts.
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 128.

 ** [Alias](#API_control_CreateAccessPoint_ResponseSyntax) **   
The name or alias of the access point.  
Type: String  
Length Constraints: Maximum length of 63.  
Pattern: `^[0-9a-z\\-]{63}` 

## Examples


### Sample request for creating an access point for an Amazon S3 on Outposts bucket


This request creates an access point for S3 on Outposts bucket.

```
            PUT /v20180820/accesspoint/example-access-point HTTP/1.1
            Host:s3-outposts..amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            
               
                  example-outpost-bucket 
               
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessPoint) 

# CreateAccessPointForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Creates an Object Lambda Access Point. For more information, see [Transforming objects with Object Lambda Access Points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html) in the *Amazon S3 User Guide*.

The following actions are related to `CreateAccessPointForObjectLambda`:
+  [DeleteAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html) 
+  [GetAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html) 
+  [ListAccessPointsForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html) 

## Request Syntax


```
PUT /v20180820/accesspointforobjectlambda/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
      
      boolean
      string
      
         
            
               string
            
            
               
                  string
                  string
               
            
         
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   
The name you want to assign to this Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   
The AWS account ID for owner of the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessPointForObjectLambdaRequest](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   
Root level tag for the CreateAccessPointForObjectLambdaRequest parameters.  
Required: Yes

 ** [Configuration](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   
Object Lambda Access Point configuration as a JSON document.  
Type: [ObjectLambdaConfiguration](API_control_ObjectLambdaConfiguration.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200


   string
   
      string
      string
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessPointForObjectLambdaResult](#API_control_CreateAccessPointForObjectLambda_ResponseSyntax) **   
Root level tag for the CreateAccessPointForObjectLambdaResult parameters.  
Required: Yes

 ** [Alias](#API_control_CreateAccessPointForObjectLambda_ResponseSyntax) **   
The alias of the Object Lambda Access Point.  
Type: [ObjectLambdaAccessPointAlias](API_control_ObjectLambdaAccessPointAlias.md) data type

 ** [ObjectLambdaAccessPointArn](#API_control_CreateAccessPointForObjectLambda_ResponseSyntax) **   
Specifies the ARN for the Object Lambda Access Point.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:s3-object-lambda:[^:]*:\d{12}:accesspoint/.*` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 

# CreateBucket


**Note**  
This action creates an Amazon S3 on Outposts bucket. To create an S3 bucket, see [Create Bucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) in the *Amazon S3 API Reference*. 

Creates a new Outposts bucket. By creating the bucket, you become the bucket owner. To create an Outposts bucket, you must have S3 on Outposts. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

Not every string is an acceptable bucket name. For information on bucket naming restrictions, see [Working with Amazon S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules).

S3 on Outposts buckets support:
+ Tags
+ LifecycleConfigurations for deleting expired objects

For a complete list of restrictions and Amazon S3 feature limitations on S3 on Outposts, see [ Amazon S3 on Outposts Restrictions and Limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OnOutpostsRestrictionsLimitations.html).

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and `x-amz-outpost-id` in your API request, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html#API_control_CreateBucket_Examples) section.

The following actions are related to `CreateBucket` for Amazon S3 on Outposts:
+  [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) 
+  [GetBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucket.html) 
+  [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucket.html) 
+  [CreateAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [PutAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html) 

## Request Syntax


```
PUT /v20180820/bucket/name HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-acl: ACL
x-amz-grant-full-control: GrantFullControl
x-amz-grant-read: GrantRead
x-amz-grant-read-acp: GrantReadACP
x-amz-grant-write: GrantWrite
x-amz-grant-write-acp: GrantWriteACP
x-amz-bucket-object-lock-enabled: ObjectLockEnabledForBucket
x-amz-outpost-id: OutpostId


   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_CreateBucket_RequestSyntax) **   
The name of the bucket.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-acl](#API_control_CreateBucket_RequestSyntax) **   
The canned ACL to apply to the bucket.  
This is not supported by Amazon S3 on Outposts buckets.
Valid Values: `private | public-read | public-read-write | authenticated-read` 

 ** [x-amz-bucket-object-lock-enabled](#API_control_CreateBucket_RequestSyntax) **   
Specifies whether you want S3 Object Lock to be enabled for the new bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-full-control](#API_control_CreateBucket_RequestSyntax) **   
Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-read](#API_control_CreateBucket_RequestSyntax) **   
Allows grantee to list the objects in the bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-read-acp](#API_control_CreateBucket_RequestSyntax) **   
Allows grantee to read the bucket ACL.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-write](#API_control_CreateBucket_RequestSyntax) **   
Allows grantee to create, overwrite, and delete any object in the bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-write-acp](#API_control_CreateBucket_RequestSyntax) **   
Allows grantee to write the ACL for the applicable bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-outpost-id](#API_control_CreateBucket_RequestSyntax) **   
The ID of the Outposts where the bucket is being created.  
This ID is required by Amazon S3 on Outposts buckets.
Length Constraints: Minimum length of 1. Maximum length of 64.

## Request Body


The request accepts the following data in XML format.

 ** [CreateBucketConfiguration](#API_control_CreateBucket_RequestSyntax) **   
Root level tag for the CreateBucketConfiguration parameters.  
Required: Yes

 ** [LocationConstraint](#API_control_CreateBucket_RequestSyntax) **   
Specifies the Region where the bucket will be created. If you are creating a bucket on the US East (N. Virginia) Region (us-east-1), you do not need to specify the location.   
This is not supported by Amazon S3 on Outposts buckets.
Type: String  
Valid Values: `EU | eu-west-1 | us-west-1 | us-west-2 | ap-south-1 | ap-southeast-1 | ap-southeast-2 | ap-northeast-1 | sa-east-1 | cn-north-1 | eu-central-1`   
Required: No

## Response Syntax


```
HTTP/1.1 200
Location: Location


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The response returns the following HTTP headers.

 ** [Location](#API_control_CreateBucket_ResponseSyntax) **   
The location of the bucket.

The following data is returned in XML format by the service.

 ** [CreateBucketResult](#API_control_CreateBucket_ResponseSyntax) **   
Root level tag for the CreateBucketResult parameters.  
Required: Yes

 ** [BucketArn](#API_control_CreateBucket_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 128.

## Errors


 ** BucketAlreadyExists **   
The requested Outposts bucket name is not available. The bucket namespace is shared by all users of the AWS Outposts in this Region. Select a different name and try again.  
HTTP Status Code: 400

 ** BucketAlreadyOwnedByYou **   
The Outposts bucket you tried to create already exists, and you own it.   
HTTP Status Code: 400

## Examples


### Sample request to create an Amazon S3 on Outposts bucket


This request creates an Outposts bucket named `example-outpost-bucket`.

```
            PUT /v20180820/bucket/example-outpost-bucket/  HTTP/1.1
            Host:s3-outposts..amazonaws.com
            x-amz-outpost-id: op-01ac5d28a6a232904
            Content-Length: 
            Date: Wed, 01 Mar  2006 12:00:00 GMT
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateBucket) 

# CreateJob


This operation creates an S3 Batch Operations job.

You can use S3 Batch Operations to perform large-scale batch actions on Amazon S3 objects. Batch Operations can run a single action on lists of Amazon S3 objects that you specify. For more information, see [S3 Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
For information about permissions required to use the Batch Operations, see [Granting permissions for S3 Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/batch-ops-iam-role-policies.html) in the *Amazon S3 User Guide*.



Related actions include:
+  [DescribeJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [ListJobs](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [UpdateJobPriority](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobPriority.html) 
+  [UpdateJobStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 
+  [JobOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_JobOperation.html) 

## Request Syntax


```
POST /v20180820/jobs HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   boolean
   
      
         string
         string
         
            
               string
               string
            
         
      
      
         string
         string
      
      
      
      
         integer
         string
      
      
         
            
               
                  
                     
                        string
                        string
                        string
                     
                     string
                  
               
               
                  string
                  string
               
            
            string
         
      
      
         
            
               
                  string
                  string
                  string
               
               string
            
         
         boolean
         string
         string
         string
         timestamp
         
            string
            string
            string
            string
            long
            string
            string
            timestamp
            boolean
            string
            
               
                  string
                  string
               
            
         
         
            
               string
               string
            
         
         string
         string
         timestamp
         string
         boolean
         string
         string
         string
         string
         timestamp
      
      
         
            string
         
      
      
         boolean
         
            string
            timestamp
         
      
      
         
            
               string
               string
            
         
      
      
      
      
         
            
               boolean
               string
            
         
      
   
   
      string
      boolean
      string
      string
      string
      string
   
   string
   
      
         string
         string
         string
      
      
         
            string
         
         string
      
   
   string
   integer
   string
   
      
         string
         string
      
   
   
      
         boolean
         string
         
            timestamp
            timestamp
            boolean
            
               
                  string
               
               
                  string
               
               
                  string
               
            
            
               
                  
                     string
                  
                  
                  
                  
                  
                  
                     boolean
                     string
                  
                  
                  
               
            
            
               string
            
            
               string
            
            long
            long
         
         
            string
            string
            
               
                  string
               
               
               
            
            string
            string
         
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateJob_RequestSyntax) **   
The AWS account ID that creates the job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateJobRequest](#API_control_CreateJob_RequestSyntax) **   
Root level tag for the CreateJobRequest parameters.  
Required: Yes

 ** [ClientRequestToken](#API_control_CreateJob_RequestSyntax) **   
An idempotency token to ensure that you don't accidentally submit the same request twice. You can use any string up to the maximum length.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Required: Yes

 ** [ConfirmationRequired](#API_control_CreateJob_RequestSyntax) **   
Indicates whether confirmation is required before Amazon S3 runs the job. Confirmation is only required for jobs created through the Amazon S3 console.  
Type: Boolean  
Required: No

 ** [Description](#API_control_CreateJob_RequestSyntax) **   
A description for this job. You can use any string within the permitted length. Descriptions don't need to be unique and can be used for multiple jobs.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 256.  
Required: No

 ** [Manifest](#API_control_CreateJob_RequestSyntax) **   
Configuration parameters for the manifest.  
Type: [JobManifest](API_control_JobManifest.md) data type  
Required: No

 ** [ManifestGenerator](#API_control_CreateJob_RequestSyntax) **   
The attribute container for the ManifestGenerator details. Jobs must be created with either a manifest file or a ManifestGenerator, but not both.  
Type: [JobManifestGenerator](API_control_JobManifestGenerator.md) data type  
 **Note: **This object is a Union. Only one member of this object can be specified or returned.  
Required: No

 ** [Operation](#API_control_CreateJob_RequestSyntax) **   
The action that you want this job to perform on every object listed in the manifest. For more information about the available actions, see [Operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/batch-ops-operations.html) in the *Amazon S3 User Guide*.  
Type: [JobOperation](API_control_JobOperation.md) data type  
Required: Yes

 ** [Priority](#API_control_CreateJob_RequestSyntax) **   
The numerical priority for this job. Higher numbers indicate higher priority.  
Type: Integer  
Valid Range: Minimum value of 0. Maximum value of 2147483647.  
Required: Yes

 ** [Report](#API_control_CreateJob_RequestSyntax) **   
Configuration parameters for the optional job-completion report.  
Type: [JobReport](API_control_JobReport.md) data type  
Required: Yes

 ** [RoleArn](#API_control_CreateJob_RequestSyntax) **   
The Amazon Resource Name (ARN) for the AWS Identity and Access Management (IAM) role that Batch Operations will use to run this job's action on every object in the manifest.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*`   
Required: Yes

 ** [Tags](#API_control_CreateJob_RequestSyntax) **   
A set of tags to associate with the S3 Batch Operations job. This is an optional parameter.   
Type: Array of [S3Tag](API_control_S3Tag.md) data types  
Required: No

## Response Syntax


```
HTTP/1.1 200


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateJobResult](#API_control_CreateJob_ResponseSyntax) **   
Root level tag for the CreateJobResult parameters.  
Required: Yes

 ** [JobId](#API_control_CreateJob_ResponseSyntax) **   
The ID for this job. Amazon S3 generates this ID automatically and returns it after a successful `Create Job` request.  
Type: String  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+` 

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** IdempotencyException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateJob) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateJob) 

# CreateMultiRegionAccessPoint


**Note**  
This operation is not supported by directory buckets.

Creates a Multi-Region Access Point and associates it with the specified buckets. For more information about creating Multi-Region Access Points, see [Creating Multi-Region Access Points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html) in the *Amazon S3 User Guide*.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with `DescribeMultiRegionAccessPointOperation`.

The following actions are related to `CreateMultiRegionAccessPoint`:
+  [DeleteMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [GetMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 
+  [ListMultiRegionAccessPoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
POST /v20180820/async-requests/mrap/create HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   
      string
      
         boolean
         boolean
         boolean
         boolean
      
      
         
            string
            string
         
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point. The owner of the Multi-Region Access Point also must own the underlying buckets.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateMultiRegionAccessPointRequest](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   
Root level tag for the CreateMultiRegionAccessPointRequest parameters.  
Required: Yes

 ** [ClientToken](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   
An idempotency token used to identify the request and guarantee that requests are unique.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `\S+`   
Required: Yes

 ** [Details](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   
A container element containing details about the Multi-Region Access Point.  
Type: [CreateMultiRegionAccessPointInput](API_control_CreateMultiRegionAccessPointInput.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateMultiRegionAccessPointResult](#API_control_CreateMultiRegionAccessPoint_ResponseSyntax) **   
Root level tag for the CreateMultiRegionAccessPointResult parameters.  
Required: Yes

 ** [RequestTokenARN](#API_control_CreateMultiRegionAccessPoint_ResponseSyntax) **   
The request token associated with the request. You can use this token with [DescribeMultiRegionAccessPointOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) to determine the status of asynchronous requests.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 

# CreateStorageLensGroup


 Creates a new S3 Storage Lens group and associates it with the specified AWS account ID. An S3 Storage Lens group is a custom grouping of objects based on prefix, suffix, object tags, object size, object age, or a combination of these filters. For each Storage Lens group that you’ve created, you can also optionally add AWS resource tags. For more information about S3 Storage Lens groups, see [Working with S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-lens-groups-overview.html).

To use this operation, you must have the permission to perform the `s3:CreateStorageLensGroup` action. If you’re trying to create a Storage Lens group with AWS resource tags, you must also have permission to perform the `s3:TagResource` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
POST /v20180820/storagelensgroup HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         
            
               string
            
            
               string
            
            
               
                  string
                  string
               
            
            
               integer
               integer
            
            
               long
               long
            
         
         
            string
         
         
            string
         
         
            
               string
               string
            
         
         
            integer
            integer
         
         
            long
            long
         
         
            
               string
            
            
               string
            
            
               
                  string
                  string
               
            
            
               integer
               integer
            
            
               long
               long
            
         
      
      string
      string
   
   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateStorageLensGroup_RequestSyntax) **   
 The AWS account ID that the Storage Lens group is created from and associated with.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateStorageLensGroupRequest](#API_control_CreateStorageLensGroup_RequestSyntax) **   
Root level tag for the CreateStorageLensGroupRequest parameters.  
Required: Yes

 ** [StorageLensGroup](#API_control_CreateStorageLensGroup_RequestSyntax) **   
 The Storage Lens group configuration.   
Type: [StorageLensGroup](API_control_StorageLensGroup.md) data type  
Required: Yes

 ** [Tags](#API_control_CreateStorageLensGroup_RequestSyntax) **   
 The AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/CreateStorageLensGroup) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/CreateStorageLensGroup) 

# DeleteAccessGrant


Deletes the access grant from the S3 Access Grants instance. You cannot undo an access grant deletion and the grantee will no longer have access to the S3 data.

Permissions  
You must have the `s3:DeleteAccessGrant` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/grant/id HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DeleteAccessGrant_RequestSyntax) **   
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessGrant_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessGrant) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrant) 

# DeleteAccessGrantsInstance


Deletes your S3 Access Grants instance. You must first delete the access grants and locations before S3 Access Grants can delete the instance. See [DeleteAccessGrant](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessGrant.html) and [DeleteAccessGrantsLocation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessGrantsLocation.html). If you have associated an IAM Identity Center instance with your S3 Access Grants instance, you must first dissassociate the Identity Center instance from the S3 Access Grants instance before you can delete the S3 Access Grants instance. See [AssociateAccessGrantsIdentityCenter](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AssociateAccessGrantsIdentityCenter.html) and [DissociateAccessGrantsIdentityCenter](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DissociateAccessGrantsIdentityCenter.html).

Permissions  
You must have the `s3:DeleteAccessGrantsInstance` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeleteAccessGrantsInstance_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrantsInstance) 

# DeleteAccessGrantsInstanceResourcePolicy


Deletes the resource policy of the S3 Access Grants instance. The resource policy is used to manage cross-account access to your S3 Access Grants instance. By deleting the resource policy, you delete any cross-account permissions to your S3 Access Grants instance. 

Permissions  
You must have the `s3:DeleteAccessGrantsInstanceResourcePolicy` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/resourcepolicy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeleteAccessGrantsInstanceResourcePolicy_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 

# DeleteAccessGrantsLocation


Deregisters a location from your S3 Access Grants instance. You can only delete a location registration from an S3 Access Grants instance if there are no grants associated with this location. See [Delete a grant](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessGrant.html) for information on how to delete grants. You need to have at least one registered location in your S3 Access Grants instance in order to create access grants. 

Permissions  
You must have the `s3:DeleteAccessGrantsLocation` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/location/id HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DeleteAccessGrantsLocation_RequestSyntax) **   
The ID of the registered location that you are deregistering from your S3 Access Grants instance. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessGrantsLocation_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrantsLocation) 

# DeleteAccessPoint


Deletes the specified access point.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html#API_control_DeleteAccessPoint_Examples) section.

The following actions are related to `DeleteAccessPoint`:
+  [CreateAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [GetAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html) 
+  [ListAccessPoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html) 

## Request Syntax


```
DELETE /v20180820/accesspoint/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPoint_RequestSyntax) **   
The name of the access point you want to delete.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:::outpost//accesspoint/`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPoint_RequestSyntax) **   
The AWS account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### DeleteAccessPoint syntax for Amazon S3 on Outposts


The following request deletes the access point of the specified Outpost.

```
           DELETE  /v20180820/accesspoint/example-access-point  HTTP/1.1
           Host: s3-outposts..amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
           Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPoint) 

# DeleteAccessPointForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Deletes the specified Object Lambda Access Point.

The following actions are related to `DeleteAccessPointForObjectLambda`:
+  [CreateAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html) 
+  [GetAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html) 
+  [ListAccessPointsForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html) 

## Request Syntax


```
DELETE /v20180820/accesspointforobjectlambda/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointForObjectLambda_RequestSyntax) **   
The name of the access point you want to delete.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 

# DeleteAccessPointPolicy


Deletes the access point policy for the specified access point.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html#API_control_DeleteAccessPointPolicy_Examples) section.

The following actions are related to `DeleteAccessPointPolicy`:
+  [PutAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html) 
+  [GetAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html) 

## Request Syntax


```
DELETE /v20180820/accesspoint/name/policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointPolicy_RequestSyntax) **   
The name of the access point whose policy you want to delete.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:::outpost//accesspoint/`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointPolicy_RequestSyntax) **   
The account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request syntax for using the DeleteAccessPointPolicy action with Amazon S3 on Outposts access point


This example illustrates one usage of DeleteAccessPointPolicy.

```
           DELETE  /v20180820/accesspoint/example-access-point/policy  HTTP/1.1
           Host: s3-outposts..amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointPolicy) 

# DeleteAccessPointPolicyForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Removes the resource policy for an Object Lambda Access Point.

The following actions are related to `DeleteAccessPointPolicyForObjectLambda`:
+  [GetAccessPointPolicyForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyForObjectLambda.html) 
+  [PutAccessPointPolicyForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicyForObjectLambda.html) 

## Request Syntax


```
DELETE /v20180820/accesspointforobjectlambda/name/policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointPolicyForObjectLambda_RequestSyntax) **   
The name of the Object Lambda Access Point you want to delete the policy for.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointPolicyForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 

# DeleteAccessPointScope


 Deletes an existing access point scope for a directory bucket.

**Note**  
When you delete the scope of an access point, all prefixes and permissions are deleted.

To use this operation, you must have the permission to perform the `s3express:DeleteAccessPointScope` action.

For information about REST API errors, see [REST error responses](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
DELETE /v20180820/accesspoint/name/scope HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointScope_RequestSyntax) **   
 The name of the access point with the scope that you want to delete.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointScope_RequestSyntax) **   
 The AWS account ID that owns the access point with the scope that you want to delete.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteAccessPointScope) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointScope) 

# DeleteBucket


**Note**  
This action deletes an Amazon S3 on Outposts bucket. To delete an S3 bucket, see [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) in the *Amazon S3 API Reference*. 

Deletes the Amazon S3 on Outposts bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucket.html#API_control_DeleteBucket_Examples) section.

**Related Resources**
+  [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html) 
+  [GetBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucket.html) 
+  [DeleteObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucket_RequestSyntax) **   
Specifies the bucket being deleted.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucket_RequestSyntax) **   
The account ID that owns the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request to delete an Amazon S3 on Outposts bucket


This request deletes the Outposts bucket named `example-outpost-bucket`. 

```
DELETE /v20180820/bucket/example-outpost-bucket/ HTTP/1.1
Host: s3-outposts..amazonaws.com
x-amz-outpost-id: op-01ac5d28a6a232904
x-amz-account-id:example-account-id
Date: Wed, 01 Mar  2006 12:00:00 GMT
Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucket) 

# DeleteBucketLifecycleConfiguration


**Note**  
This action deletes an Amazon S3 on Outposts bucket's lifecycle configuration. To delete an S3 bucket's lifecycle configuration, see [DeleteBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) in the *Amazon S3 API Reference*. 

Deletes the lifecycle configuration from the specified Outposts bucket. Amazon S3 on Outposts removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 on Outposts no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

To use this operation, you must have permission to perform the `s3-outposts:PutLifecycleConfiguration` action. By default, the bucket owner has this permission and the Outposts bucket owner can grant this permission to others.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketLifecycleConfiguration.html#API_control_DeleteBucketLifecycleConfiguration_Examples) section.

For more information about object expiration, see [Elements to Describe Lifecycle Actions](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#intro-lifecycle-rules-actions).

Related actions include:
+  [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/lifecycleconfiguration HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketLifecycleConfiguration_RequestSyntax) **   
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketLifecycleConfiguration_RequestSyntax) **   
The account ID of the lifecycle configuration to delete.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request to delete the lifecycle configuration of an Amazon S3 on Outposts bucket


This example illustrates one usage of DeleteBucketLifecycleConfiguration.

```
                  DELETE /v20180820/bucket/example-outpost-bucket/lifecycleconfiguration HTTP/1.1
                  Host: s3-outposts..amazonaws.com 
                  x-amz-outpost-id: op-01ac5d28a6a232904
                  x-amz-account-id:example-account-id
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 

# DeleteBucketPolicy


**Note**  
This action deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see [DeleteBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketPolicy.html) in the *Amazon S3 API Reference*. 

This implementation of the DELETE action uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the `s3-outposts:DeleteBucketPolicy` permissions on the specified Outposts bucket and belong to the bucket owner's account to use this action. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

If you don't have `DeleteBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error. 

**Important**  
As a security precaution, the root user of the AWS account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). 

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html#API_control_DeleteBucketPolicy_Examples) section.

The following actions are related to `DeleteBucketPolicy`:
+  [GetBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketPolicy.html) 
+  [PutBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketPolicy.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/policy HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketPolicy_RequestSyntax) **   
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketPolicy_RequestSyntax) **   
The account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request for deleting a bucket policy for an Amazon S3 on Outposts bucket


This example illustrates one usage of DeleteBucketPolicy.

```
            DELETE v20180820/bucket/example-outpost-bucket/policy  HTTP/1.1
            Host: s3-outposts..amazonaws.com  
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketPolicy) 

# DeleteBucketReplication


**Note**  
This operation deletes an Amazon S3 on Outposts bucket's replication configuration. To delete an S3 bucket's replication configuration, see [DeleteBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html) in the *Amazon S3 API Reference*. 

Deletes the replication configuration from the specified S3 on Outposts bucket.

To use this operation, you must have permissions to perform the `s3-outposts:PutReplicationConfiguration` action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see [Setting up IAM with S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsIAM.html) and [Managing access to S3 on Outposts buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsBucketPolicy.html) in the *Amazon S3 User Guide*.

**Note**  
It can take a while to propagate `PUT` or `DELETE` requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a `GET` request soon after a `PUT` or `DELETE` request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketReplication.html#API_control_DeleteBucketReplication_Examples) section.

For information about S3 replication on Outposts configuration, see [Replicating objects for S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsReplication.html) in the *Amazon S3 User Guide*.

The following operations are related to `DeleteBucketReplication`:
+  [PutBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketReplication.html) 
+  [GetBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketReplication.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/replication HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketReplication_RequestSyntax) **   
Specifies the S3 on Outposts bucket to delete the replication configuration for.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketReplication_RequestSyntax) **   
The AWS account ID of the Outposts bucket to delete the replication configuration for.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample Request


The following `DELETE` request deletes the `replication` subresource from the specified S3 on Outposts bucket. This request removes the replication configuration that is set for the bucket. 

```
DELETE /v20180820/bucket/example-outpost-bucket/replication HTTP/1.1
Host: s3-outposts..amazonaws.com 
x-amz-outpost-id: op-01ac5d28a6a232904
x-amz-account-id:example-account-id
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteBucketReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketReplication) 

# DeleteBucketTagging


**Note**  
This action deletes an Amazon S3 on Outposts bucket's tags. To delete an S3 bucket tags, see [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) in the *Amazon S3 API Reference*. 

Deletes the tags from the Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

To use this action, you must have permission to perform the `PutBucketTagging` action. By default, the bucket owner has this permission and can grant this permission to others. 

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketTagging.html#API_control_DeleteBucketTagging_Examples) section.

The following actions are related to `DeleteBucketTagging`:
+  [GetBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketTagging.html) 
+  [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketTagging.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/tagging HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketTagging_RequestSyntax) **   
The bucket ARN that has the tag set to be removed.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketTagging_RequestSyntax) **   
The AWS account ID of the Outposts bucket tag set to be removed.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Examples


### Sample request to delete tags for Amazon S3 on Outposts bucket


The following DELETE request deletes the tag set from the Outposts bucket `example-outpost-bucket`. 

```
            DELETE v20180820/bucket/example-outpost-bucket/tagging HTTP/1.1
            Host: s3-outposts..amazonaws.com 
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Date: Wed, 14 Dec 2020 05:37:16 GMT
            Authorization: signatureValue
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteBucketTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketTagging) 

# DeleteJobTagging


Removes the entire tag set from the specified S3 Batch Operations job.

Permissions  
To use the `DeleteJobTagging` operation, you must have permission to perform the `s3:DeleteJobTagging` action. For more information, see [Controlling access and labeling jobs using tags](https://docs.aws.amazon.com/AmazonS3/latest/dev/batch-ops-managing-jobs.html#batch-ops-job-tags) in the *Amazon S3 User Guide*.

Related actions include:
+  [CreateJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [GetJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetJobTagging.html) 
+  [PutJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutJobTagging.html) 

## Request Syntax


```
DELETE /v20180820/jobs/id/tagging HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DeleteJobTagging_RequestSyntax) **   
The ID for the S3 Batch Operations job whose tags you want to delete.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteJobTagging_RequestSyntax) **   
The AWS account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteJobTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteJobTagging) 

# DeleteMultiRegionAccessPoint


**Note**  
This operation is not supported by directory buckets.

Deletes a Multi-Region Access Point. This action does not delete the buckets associated with the Multi-Region Access Point, only the Multi-Region Access Point itself.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with `DescribeMultiRegionAccessPointOperation`.

The following actions are related to `DeleteMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [GetMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 
+  [ListMultiRegionAccessPoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
POST /v20180820/async-requests/mrap/delete HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   
      string
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [DeleteMultiRegionAccessPointRequest](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   
Root level tag for the DeleteMultiRegionAccessPointRequest parameters.  
Required: Yes

 ** [ClientToken](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   
An idempotency token used to identify the request and guarantee that requests are unique.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `\S+`   
Required: Yes

 ** [Details](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   
A container element containing details about the Multi-Region Access Point.  
Type: [DeleteMultiRegionAccessPointInput](API_control_DeleteMultiRegionAccessPointInput.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [DeleteMultiRegionAccessPointResult](#API_control_DeleteMultiRegionAccessPoint_ResponseSyntax) **   
Root level tag for the DeleteMultiRegionAccessPointResult parameters.  
Required: Yes

 ** [RequestTokenARN](#API_control_DeleteMultiRegionAccessPoint_ResponseSyntax) **   
The request token associated with the request. You can use this token with [DescribeMultiRegionAccessPointOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) to determine the status of asynchronous requests.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 

# DeletePublicAccessBlock


**Note**  
This operation is not supported by directory buckets.

Removes the `PublicAccessBlock` configuration for an AWS account. This operation might be restricted when the account is managed by organization-level Block Public Access policies. You’ll get an Access Denied (403) error when the account is managed by organization-level Block Public Access policies. Organization-level policies override account-level settings, preventing direct account-level modifications. For more information, see [ Using Amazon S3 block public access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html).

Related actions include:
+  [GetPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetPublicAccessBlock.html) 
+  [PutPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutPublicAccessBlock.html) 

## Request Syntax


```
DELETE /v20180820/configuration/publicAccessBlock HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeletePublicAccessBlock_RequestSyntax) **   
The account ID for the AWS account whose `PublicAccessBlock` configuration you want to remove.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeletePublicAccessBlock) 

# DeleteStorageLensConfiguration


**Note**  
This operation is not supported by directory buckets.

Deletes the Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:DeleteStorageLensConfiguration` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
DELETE /v20180820/storagelens/storagelensid HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_DeleteStorageLensConfiguration_RequestSyntax) **   
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteStorageLensConfiguration_RequestSyntax) **   
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteStorageLensConfiguration) 

# DeleteStorageLensConfigurationTagging


**Note**  
This operation is not supported by directory buckets.

Deletes the Amazon S3 Storage Lens configuration tags. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:DeleteStorageLensConfigurationTagging` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
DELETE /v20180820/storagelens/storagelensid/tagging HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_DeleteStorageLensConfigurationTagging_RequestSyntax) **   
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteStorageLensConfigurationTagging_RequestSyntax) **   
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 

# DeleteStorageLensGroup


 Deletes an existing S3 Storage Lens group.

To use this operation, you must have the permission to perform the `s3:DeleteStorageLensGroup` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
DELETE /v20180820/storagelensgroup/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteStorageLensGroup_RequestSyntax) **   
 The name of the Storage Lens group that you're trying to delete.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteStorageLensGroup_RequestSyntax) **   
 The AWS account ID used to create the Storage Lens group that you're trying to delete.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DeleteStorageLensGroup) 

# DescribeJob


Retrieves the configuration parameters and status for a Batch Operations job. For more information, see [S3 Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `DescribeJob` operation, you must have permission to perform the `s3:DescribeJob` action.

Related actions include:
+  [CreateJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [ListJobs](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [UpdateJobPriority](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobPriority.html) 
+  [UpdateJobStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
GET /v20180820/jobs/id HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DescribeJob_RequestSyntax) **   
The ID for the job whose information you want to retrieve.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DescribeJob_RequestSyntax) **   
The AWS account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      boolean
      timestamp
      string
      
         
            string
            string
         
      
      
         string
         
            string
            string
            string
         
      
      string
      string
      
         
            string
            string
            string
         
         
            
               string
            
            string
         
      
      
         
            boolean
            string
            
               timestamp
               timestamp
               boolean
               
                  
                     string
                  
                  
                     string
                  
                  
                     string
                  
               
               
                  
                     
                        string
                     
                     
                     
                     
                     
                     
                        boolean
                        string
                     
                     
                     
                  
               
               
                  string
               
               
                  string
               
               long
               long
            
            
               string
               string
               
                  
                     string
                  
                  
                  
               
               string
               string
            
            string
         
      
      
         
            string
            string
            
               
                  string
                  string
               
            
         
         
            string
            string
         
         
         
         
            integer
            string
         
         
            
               
                  
                     
                        
                           string
                           string
                           string
                        
                        string
                     
                  
                  
                     string
                     string
                  
               
               string
            
         
         
            
               
                  
                     string
                     string
                     string
                  
                  string
               
            
            boolean
            string
            string
            string
            timestamp
            
               string
               string
               string
               string
               long
               string
               string
               timestamp
               boolean
               string
               
                  
                     string
                     string
                  
               
            
            
               
                  string
                  string
               
            
            string
            string
            timestamp
            string
            boolean
            string
            string
            string
            string
            timestamp
         
         
            
               string
            
         
         
            boolean
            
               string
               timestamp
            
         
         
            
               
                  string
                  string
               
            
         
         
         
         
            
               
                  boolean
                  string
               
            
         
      
      integer
      
         long
         long
         
            long
         
         long
      
      
         string
         boolean
         string
         string
         string
         string
      
      string
      string
      string
      string
      timestamp
      timestamp
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [DescribeJobResult](#API_control_DescribeJob_ResponseSyntax) **   
Root level tag for the DescribeJobResult parameters.  
Required: Yes

 ** [Job](#API_control_DescribeJob_ResponseSyntax) **   
Contains the configuration parameters and status for the job specified in the `Describe Job` request.  
Type: [JobDescriptor](API_control_JobDescriptor.md) data type

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DescribeJob) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DescribeJob) 

# DescribeMultiRegionAccessPointOperation


**Note**  
This operation is not supported by directory buckets.

Retrieves the status of an asynchronous request to manage a Multi-Region Access Point. For more information about managing Multi-Region Access Points and how asynchronous requests work, see [Using Multi-Region Access Points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MrapOperations.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DeleteMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [GetMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 
+  [ListMultiRegionAccessPoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
GET /v20180820/async-requests/mrap/request_token+ HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [request\$1token](#API_control_DescribeMultiRegionAccessPointOperation_RequestSyntax) **   
The request token associated with the request you want to know about. This request token is returned as part of the response when you make an asynchronous request. You provide this token to query about the status of the asynchronous action.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DescribeMultiRegionAccessPointOperation_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      timestamp
      string
      
         
            string
            
               boolean
               boolean
               boolean
               boolean
            
            
               
                  string
                  string
               
            
         
         
            string
         
         
            string
            string
         
      
      string
      string
      
         
            string
            string
            string
            string
         
         
            
               
                  string
                  string
               
            
         
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [DescribeMultiRegionAccessPointOperationResult](#API_control_DescribeMultiRegionAccessPointOperation_ResponseSyntax) **   
Root level tag for the DescribeMultiRegionAccessPointOperationResult parameters.  
Required: Yes

 ** [AsyncOperation](#API_control_DescribeMultiRegionAccessPointOperation_ResponseSyntax) **   
A container element containing the details of the asynchronous operation.  
Type: [AsyncOperation](API_control_AsyncOperation.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 

# DissociateAccessGrantsIdentityCenter


Dissociates the AWS IAM Identity Center instance from the S3 Access Grants instance. 

Permissions  
You must have the `s3:DissociateAccessGrantsIdentityCenter` permission to use this operation. 

Additional Permissions  
You must have the `sso:DeleteApplication` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/identitycenter HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DissociateAccessGrantsIdentityCenter_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 

# GetAccessGrant


Get the details of an access grant from your S3 Access Grants instance.

Permissions  
You must have the `s3:GetAccessGrant` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/grant/id HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_GetAccessGrant_RequestSyntax) **   
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessGrant_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   timestamp
   string
   string
   
      string
      string
   
   string
   string
   
      string
   
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantResult](#API_control_GetAccessGrant_ResponseSyntax) **   
Root level tag for the GetAccessGrantResult parameters.  
Required: Yes

 ** [AccessGrantArn](#API_control_GetAccessGrant_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the access grant.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/grant/[a-zA-Z0-9\-]+` 

 ** [AccessGrantId](#API_control_GetAccessGrant_ResponseSyntax) **   
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationConfiguration](#API_control_GetAccessGrant_ResponseSyntax) **   
The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access.   
Type: [AccessGrantsLocationConfiguration](API_control_AccessGrantsLocationConfiguration.md) data type

 ** [AccessGrantsLocationId](#API_control_GetAccessGrant_ResponseSyntax) **   
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [ApplicationArn](#API_control_GetAccessGrant_ResponseSyntax) **   
The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [CreatedAt](#API_control_GetAccessGrant_ResponseSyntax) **   
The date and time when you created the access grant.   
Type: Timestamp

 ** [Grantee](#API_control_GetAccessGrant_ResponseSyntax) **   
The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added a corporate directory to AWS IAM Identity Center and associated this Identity Center instance with the S3 Access Grants instance, the grantee can also be a corporate directory user or group.  
Type: [Grantee](API_control_Grantee.md) data type

 ** [GrantScope](#API_control_GetAccessGrant_ResponseSyntax) **   
The S3 path of the data to which you are granting access. It is the result of appending the `Subprefix` to the location scope.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [Permission](#API_control_GetAccessGrant_ResponseSyntax) **   
The type of permission that was granted in the access grant. Can be one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Type: String  
Valid Values: `READ | WRITE | READWRITE` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessGrant) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrant) 

# GetAccessGrantsInstance


Retrieves the S3 Access Grants instance for a Region in your account. 

Permissions  
You must have the `s3:GetAccessGrantsInstance` permission to use this operation. 

**Note**  
 `GetAccessGrantsInstance` is not supported for cross-account access. You can only call the API from the account that owns the S3 Access Grants instance.

## Request Syntax


```
GET /v20180820/accessgrantsinstance HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_GetAccessGrantsInstance_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   string
   string
   string
   string
   timestamp

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsInstanceResult](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   
Root level tag for the GetAccessGrantsInstanceResult parameters.  
Required: Yes

 ** [AccessGrantsInstanceArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsInstanceId](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   
The ID of the S3 Access Grants instance. The ID is `default`. You can have one S3 Access Grants instance per Region per account.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   
The date and time when you created the S3 Access Grants instance.   
Type: Timestamp

 ** [IdentityCenterApplicationArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   
If you associated your S3 Access Grants instance with an AWS IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [IdentityCenterArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   
 *This parameter has been deprecated.*   
If you associated your S3 Access Grants instance with an AWS IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

 ** [IdentityCenterInstanceArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsInstance) 

# GetAccessGrantsInstanceForPrefix


Retrieve the S3 Access Grants instance that contains a particular prefix. 

Permissions  
You must have the `s3:GetAccessGrantsInstanceForPrefix` permission for the caller account to use this operation. 

Additional Permissions  
The prefix owner account must grant you the following permissions to their S3 Access Grants instance: `s3:GetAccessGrantsInstanceForPrefix`. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/prefix?s3prefix=S3Prefix HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [s3prefix](#API_control_GetAccessGrantsInstanceForPrefix_RequestSyntax) **   
The S3 prefix of the access grants that you would like to retrieve.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessGrantsInstanceForPrefix_RequestSyntax) **   
The ID of the AWS account that is making this request.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsInstanceForPrefixResult](#API_control_GetAccessGrantsInstanceForPrefix_ResponseSyntax) **   
Root level tag for the GetAccessGrantsInstanceForPrefixResult parameters.  
Required: Yes

 ** [AccessGrantsInstanceArn](#API_control_GetAccessGrantsInstanceForPrefix_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsInstanceId](#API_control_GetAccessGrantsInstanceForPrefix_ResponseSyntax) **   
The ID of the S3 Access Grants instance. The ID is `default`. You can have one S3 Access Grants instance per Region per account.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 

# GetAccessGrantsInstanceResourcePolicy


Returns the resource policy of the S3 Access Grants instance. 

Permissions  
You must have the `s3:GetAccessGrantsInstanceResourcePolicy` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/resourcepolicy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_GetAccessGrantsInstanceResourcePolicy_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   string
   timestamp

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsInstanceResourcePolicyResult](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
Root level tag for the GetAccessGrantsInstanceResourcePolicyResult parameters.  
Required: Yes

 ** [CreatedAt](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
The date and time when you created the S3 Access Grants instance resource policy.   
Type: Timestamp

 ** [Organization](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
The Organization of the resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 12. Maximum length of 34.  
Pattern: `^o-[a-z0-9]{10,32}$` 

 ** [Policy](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
The resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 350000.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 

# GetAccessGrantsLocation


Retrieves the details of a particular location registered in your S3 Access Grants instance. 

Permissions  
You must have the `s3:GetAccessGrantsLocation` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/location/id HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_GetAccessGrantsLocation_RequestSyntax) **   
The ID of the registered location that you are retrieving. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessGrantsLocation_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   timestamp
   string
   string
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsLocationResult](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   
Root level tag for the GetAccessGrantsLocationResult parameters.  
Required: Yes

 ** [AccessGrantsLocationArn](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/location/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationId](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   
The date and time when you registered the location.   
Type: Timestamp

 ** [IAMRoleArn](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*` 

 ** [LocationScope](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   
The S3 URI path to the registered location. The location scope can be the default S3 location `s3://`, the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsLocation) 

# GetAccessPoint


Returns configuration information about the specified access point.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html#API_control_GetAccessPoint_Examples) section.

The following actions are related to `GetAccessPoint`:
+  [CreateAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [DeleteAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html) 
+  [ListAccessPoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html) 

## Request Syntax


```
GET /v20180820/accesspoint/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPoint_RequestSyntax) **   
The name of the access point whose configuration information you want to retrieve.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:::outpost//accesspoint/`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPoint_RequestSyntax) **   
The AWS account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   string
   string
   
      string
   
   
      boolean
      boolean
      boolean
      boolean
   
   timestamp
   string
   string
   
      
         string
         string
      
   
   string
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointResult](#API_control_GetAccessPoint_ResponseSyntax) **   
Root level tag for the GetAccessPointResult parameters.  
Required: Yes

 ** [AccessPointArn](#API_control_GetAccessPoint_ResponseSyntax) **   
The ARN of the access point.  
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 128.

 ** [Alias](#API_control_GetAccessPoint_ResponseSyntax) **   
The name or alias of the access point.  
Type: String  
Length Constraints: Maximum length of 63.  
Pattern: `^[0-9a-z\\-]{63}` 

 ** [Bucket](#API_control_GetAccessPoint_ResponseSyntax) **   
The name of the bucket associated with the specified access point.  
Type: String  
Length Constraints: Maximum length of 255.

 ** [BucketAccountId](#API_control_GetAccessPoint_ResponseSyntax) **   
The AWS account ID associated with the S3 bucket associated with this access point.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$` 

 ** [CreationDate](#API_control_GetAccessPoint_ResponseSyntax) **   
The date and time when the specified access point was created.  
Type: Timestamp

 ** [DataSourceId](#API_control_GetAccessPoint_ResponseSyntax) **   
The unique identifier for the data source of the access point.  
Type: String  
Length Constraints: Maximum length of 191.

 ** [DataSourceType](#API_control_GetAccessPoint_ResponseSyntax) **   
The type of the data source that the access point is attached to.  
Type: String

 ** [Endpoints](#API_control_GetAccessPoint_ResponseSyntax) **   
The VPC endpoint for the access point.  
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 64.  
Value Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [Name](#API_control_GetAccessPoint_ResponseSyntax) **   
The name of the specified access point.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [NetworkOrigin](#API_control_GetAccessPoint_ResponseSyntax) **   
Indicates whether this access point allows access from the public internet. If `VpcConfiguration` is specified for this access point, then `NetworkOrigin` is `VPC`, and the access point doesn't allow access from the public internet. Otherwise, `NetworkOrigin` is `Internet`, and the access point allows access from the public internet, subject to the access point and bucket access policies.  
This will always be true for an Amazon S3 on Outposts access point  
Type: String  
Valid Values: `Internet | VPC` 

 ** [PublicAccessBlockConfiguration](#API_control_GetAccessPoint_ResponseSyntax) **   
The `PublicAccessBlock` configuration that you want to apply to this Amazon S3 account. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.  
This data type is not supported for Amazon S3 on Outposts.  
Type: [PublicAccessBlockConfiguration](API_control_PublicAccessBlockConfiguration.md) data type

 ** [VpcConfiguration](#API_control_GetAccessPoint_ResponseSyntax) **   
Contains the virtual private cloud (VPC) configuration for the specified access point.  
This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other AWS services.
Type: [VpcConfiguration](API_control_VpcConfiguration.md) data type

## Examples


### Sample request syntax for getting an Amazon S3 on Outposts access point


The following request returns the access point of the specified S3 on Outposts access point.

```
           GET /v20180820/accesspoint/example-access-point HTTP/1.1
           Host: s3-outposts..amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPoint) 

# GetAccessPointConfigurationForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns configuration for an Object Lambda Access Point.

The following actions are related to `GetAccessPointConfigurationForObjectLambda`:
+  [PutAccessPointConfigurationForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointConfigurationForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name/configuration HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointConfigurationForObjectLambda_RequestSyntax) **   
The name of the Object Lambda Access Point you want to return the configuration for.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointConfigurationForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
      
      boolean
      string
      
         
            
               string
            
            
               
                  string
                  string
               
            
         
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointConfigurationForObjectLambdaResult](#API_control_GetAccessPointConfigurationForObjectLambda_ResponseSyntax) **   
Root level tag for the GetAccessPointConfigurationForObjectLambdaResult parameters.  
Required: Yes

 ** [Configuration](#API_control_GetAccessPointConfigurationForObjectLambda_ResponseSyntax) **   
Object Lambda Access Point configuration document.  
Type: [ObjectLambdaConfiguration](API_control_ObjectLambdaConfiguration.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 

# GetAccessPointForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns configuration information about the specified Object Lambda Access Point

The following actions are related to `GetAccessPointForObjectLambda`:
+  [CreateAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html) 
+  [DeleteAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html) 
+  [ListAccessPointsForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointForObjectLambda_RequestSyntax) **   
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      boolean
      boolean
      boolean
      boolean
   
   timestamp
   
      string
      string
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointForObjectLambdaResult](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   
Root level tag for the GetAccessPointForObjectLambdaResult parameters.  
Required: Yes

 ** [Alias](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   
The alias of the Object Lambda Access Point.  
Type: [ObjectLambdaAccessPointAlias](API_control_ObjectLambdaAccessPointAlias.md) data type

 ** [CreationDate](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   
The date and time when the specified Object Lambda Access Point was created.  
Type: Timestamp

 ** [Name](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   
The name of the Object Lambda Access Point.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$` 

 ** [PublicAccessBlockConfiguration](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   
Configuration to block all public access. This setting is turned on and can not be edited.   
Type: [PublicAccessBlockConfiguration](API_control_PublicAccessBlockConfiguration.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointForObjectLambda) 

# GetAccessPointPolicy


Returns the access point policy associated with the specified access point.

The following actions are related to `GetAccessPointPolicy`:
+  [PutAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html) 
+  [DeleteAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html) 

## Request Syntax


```
GET /v20180820/accesspoint/name/policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicy_RequestSyntax) **   
The name of the access point whose policy you want to retrieve.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:::outpost//accesspoint/`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicy_RequestSyntax) **   
The account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyResult](#API_control_GetAccessPointPolicy_ResponseSyntax) **   
Root level tag for the GetAccessPointPolicyResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetAccessPointPolicy_ResponseSyntax) **   
The access point policy associated with the specified access point.  
Type: String

## Examples


### Sample request


The following request returns the access point of the specified Amazon S3 on Outposts.

```
           GET /v20180820/accesspoint/example-access-point/policy  HTTP/1.1
           Host: s3-outposts..amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: 123456789012
           x-amz-outpost-id: op-123456
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPointPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicy) 

# GetAccessPointPolicyForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns the resource policy for an Object Lambda Access Point.

The following actions are related to `GetAccessPointPolicyForObjectLambda`:
+  [DeleteAccessPointPolicyForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicyForObjectLambda.html) 
+  [PutAccessPointPolicyForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicyForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name/policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicyForObjectLambda_RequestSyntax) **   
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicyForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyForObjectLambdaResult](#API_control_GetAccessPointPolicyForObjectLambda_ResponseSyntax) **   
Root level tag for the GetAccessPointPolicyForObjectLambdaResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetAccessPointPolicyForObjectLambda_ResponseSyntax) **   
Object Lambda Access Point resource policy document.  
Type: String

## Examples


### Sample resource policy


The following illustrates a sample resource policy.

```
{
    "Version" : "2008-10-17",		 	 	 
    "Statement":[{
        "Sid": "Grant account 123456789012 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::123456789012:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        },
        {
        "Sid": "Grant account 444455556666 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::444455556666:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        }
    ]
}
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 

# GetAccessPointPolicyStatus


**Note**  
This operation is not supported by directory buckets.

Indicates whether the specified access point currently has a policy that allows public access. For more information about public access through access points, see [Managing Data Access with Amazon S3 access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/accesspoint/name/policyStatus HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicyStatus_RequestSyntax) **   
The name of the access point whose policy status you want to retrieve.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicyStatus_RequestSyntax) **   
The account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      boolean
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyStatusResult](#API_control_GetAccessPointPolicyStatus_ResponseSyntax) **   
Root level tag for the GetAccessPointPolicyStatusResult parameters.  
Required: Yes

 ** [PolicyStatus](#API_control_GetAccessPointPolicyStatus_ResponseSyntax) **   
Indicates the current policy status of the specified access point.  
Type: [PolicyStatus](API_control_PolicyStatus.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicyStatus) 

# GetAccessPointPolicyStatusForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns the status of the resource policy associated with an Object Lambda Access Point.

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name/policyStatus HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicyStatusForObjectLambda_RequestSyntax) **   
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicyStatusForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      boolean
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyStatusForObjectLambdaResult](#API_control_GetAccessPointPolicyStatusForObjectLambda_ResponseSyntax) **   
Root level tag for the GetAccessPointPolicyStatusForObjectLambdaResult parameters.  
Required: Yes

 ** [PolicyStatus](#API_control_GetAccessPointPolicyStatusForObjectLambda_ResponseSyntax) **   
Indicates whether this access point policy is public. For more information about how Amazon S3 evaluates policies to determine whether they are public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.   
Type: [PolicyStatus](API_control_PolicyStatus.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 

# GetAccessPointScope


 Returns the access point scope for a directory bucket.

To use this operation, you must have the permission to perform the `s3express:GetAccessPointScope` action.

For information about REST API errors, see [REST error responses](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
GET /v20180820/accesspoint/name/scope HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointScope_RequestSyntax) **   
The name of the access point with the scope you want to retrieve.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointScope_RequestSyntax) **   
 The AWS account ID that owns the access point with the scope that you want to retrieve.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
      
      
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointScopeResult](#API_control_GetAccessPointScope_ResponseSyntax) **   
Root level tag for the GetAccessPointScopeResult parameters.  
Required: Yes

 ** [Scope](#API_control_GetAccessPointScope_ResponseSyntax) **   
The contents of the access point scope.  
Type: [Scope](API_control_Scope.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetAccessPointScope) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointScope) 

# GetBucket


Gets an Amazon S3 on Outposts bucket. For more information, see [ Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

If you are using an identity other than the root user of the AWS account that owns the Outposts bucket, the calling identity must have the `s3-outposts:GetBucket` permissions on the specified Outposts bucket and belong to the Outposts bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. 

If you don't have `s3-outposts:GetBucket` permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `403 Access Denied` error.

The following actions are related to `GetBucket` for Amazon S3 on Outposts:

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucket.html#API_control_GetBucket_Examples) section.
+  [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) 
+  [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html) 
+  [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucket.html) 

## Request Syntax


```
GET /v20180820/bucket/name HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucket_RequestSyntax) **   
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucket_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   boolean
   timestamp

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketResult](#API_control_GetBucket_ResponseSyntax) **   
Root level tag for the GetBucketResult parameters.  
Required: Yes

 ** [Bucket](#API_control_GetBucket_ResponseSyntax) **   
The Outposts bucket requested.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [CreationDate](#API_control_GetBucket_ResponseSyntax) **   
The creation date of the Outposts bucket.  
Type: Timestamp

 ** [PublicAccessBlockEnabled](#API_control_GetBucket_ResponseSyntax) **   
  
Type: Boolean

## Examples


### Sample request for getting Amazon S3 on Outposts bucket


This example illustrates one usage of GetBucket.

```
GET /v20180820/bucket/example-outpost-bucket/ HTTP/1.1
Host: s3-outposts..amazonaws.com  
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-Date: 20200928T203757Z
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetBucket) 

# GetBucketLifecycleConfiguration


**Note**  
This action gets an Amazon S3 on Outposts bucket's lifecycle configuration. To get an S3 bucket's lifecycle configuration, see [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) in the *Amazon S3 API Reference*. 

Returns the lifecycle configuration information set on the Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) and for information about lifecycle configuration, see [ Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in *Amazon S3 User Guide*.

To use this action, you must have permission to perform the `s3-outposts:GetLifecycleConfiguration` action. The Outposts bucket owner has this permission, by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html#API_control_GetBucketLifecycleConfiguration_Examples) section.

 `GetBucketLifecycleConfiguration` has the following special error:
+ Error code: `NoSuchLifecycleConfiguration` 
  + Description: The lifecycle configuration does not exist.
  + HTTP Status Code: 404 Not Found
  + SOAP Fault Code Prefix: Client

The following actions are related to `GetBucketLifecycleConfiguration`:
+  [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [DeleteBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketLifecycleConfiguration.html) 

## Request Syntax


```
GET /v20180820/bucket/name/lifecycleconfiguration HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketLifecycleConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketLifecycleConfiguration_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         
            integer
         
         
            timestamp
            integer
            boolean
         
         
            
               long
               long
               string
               
                  
                     string
                     string
                  
               
            
            long
            long
            string
            
               string
               string
            
         
         string
         
            integer
            integer
         
         
            
               integer
               string
            
         
         string
         
            
               timestamp
               integer
               string
            
         
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketLifecycleConfigurationResult](#API_control_GetBucketLifecycleConfiguration_ResponseSyntax) **   
Root level tag for the GetBucketLifecycleConfigurationResult parameters.  
Required: Yes

 ** [Rules](#API_control_GetBucketLifecycleConfiguration_ResponseSyntax) **   
Container for the lifecycle rule of the Outposts bucket.  
Type: Array of [LifecycleRule](API_control_LifecycleRule.md) data types

## Examples


### Sample request to get the lifecycle configuration of the Amazon S3 on Outposts bucket


The following example shows how to get the lifecycle configuration of the Outposts bucket.

```
            GET /v20180820/bucket/example-outpost-bucket/lifecycleconfiguration HTTP/1.1
            Host: s3-outposts..amazonaws.com 
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-date: Thu, 15 Nov 2012 00:17:21 GMT
            Authorization: signatureValue
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 

# GetBucketPolicy


**Note**  
This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see [GetBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicy.html) in the *Amazon S3 API Reference*. 

Returns the policy of a specified Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the `GetBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this action.

Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. If you don't have `s3-outposts:GetBucketPolicy` permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `403 Access Denied` error.

**Important**  
As a security precaution, the root user of the AWS account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketPolicy.html#API_control_GetBucketPolicy_Examples) section.

The following actions are related to `GetBucketPolicy`:
+  [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) 
+  [PutBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketPolicy.html) 
+  [DeleteBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html) 

## Request Syntax


```
GET /v20180820/bucket/name/policy HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketPolicy_RequestSyntax) **   
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketPolicy_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketPolicyResult](#API_control_GetBucketPolicy_ResponseSyntax) **   
Root level tag for the GetBucketPolicyResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetBucketPolicy_ResponseSyntax) **   
The policy of the Outposts bucket.  
Type: String

## Examples


### Sample GetBucketPolicy request for an Amazon S3 on Outposts bucket


The following request gets the policy of the specified Outposts bucket `example-outpost-bucket`.

```
           GET /v20180820/bucket/example-outpost-bucket/policy HTTP/1.1
           Host: s3-outposts..amazonaws.com
           Date: Wed, 28 Oct 2009 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketPolicy) 

# GetBucketReplication


**Note**  
This operation gets an Amazon S3 on Outposts bucket's replication configuration. To get an S3 bucket's replication configuration, see [GetBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) in the *Amazon S3 API Reference*. 

Returns the replication configuration of an S3 on Outposts bucket. For more information about S3 on Outposts, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. For information about S3 replication on Outposts configuration, see [Replicating objects for S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsReplication.html) in the *Amazon S3 User Guide*.

**Note**  
It can take a while to propagate `PUT` or `DELETE` requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a `GET` request soon after a `PUT` or `DELETE` request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.

This action requires permissions for the `s3-outposts:GetReplicationConfiguration` action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see [Setting up IAM with S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsIAM.html) and [Managing access to S3 on Outposts bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsBucketPolicy.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketReplication.html#API_control_GetBucketReplication_Examples) section.

If you include the `Filter` element in a replication configuration, you must also include the `DeleteMarkerReplication`, `Status`, and `Priority` elements. The response also returns those elements.

For information about S3 on Outposts replication failure reasons, see [Replication failure reasons](https://docs.aws.amazon.com/AmazonS3/latest/userguide/outposts-replication-eventbridge.html#outposts-replication-failure-codes) in the *Amazon S3 User Guide*.

The following operations are related to `GetBucketReplication`:
+  [PutBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketReplication.html) 
+  [DeleteBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketReplication.html) 

## Request Syntax


```
GET /v20180820/bucket/name/replication HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketReplication_RequestSyntax) **   
Specifies the bucket to get the replication information for.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketReplication_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      string
      
         
            string
            
               string
            
            
               
                  string
               
               string
               string
               
                  string
               
               
                  
                     integer
                  
                  string
               
               
                  string
                  
                     integer
                  
               
               string
            
            
               string
            
            
               
                  string
                  
                     
                        string
                        string
                     
                  
               
               string
               
                  string
                  string
               
            
            string
            string
            integer
            
               
                  string
               
               
                  string
               
            
            string
         
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketReplicationResult](#API_control_GetBucketReplication_ResponseSyntax) **   
Root level tag for the GetBucketReplicationResult parameters.  
Required: Yes

 ** [ReplicationConfiguration](#API_control_GetBucketReplication_ResponseSyntax) **   
A container for one or more replication rules. A replication configuration must have at least one rule and you can add up to 100 rules. The maximum size of a replication configuration is 128 KB.  
Type: [ReplicationConfiguration](API_control_ReplicationConfiguration.md) data type

## Examples


### Sample request to get the replication configuration of an Amazon S3 on Outposts bucket


The following example shows how to get the replication configuration of an Outposts bucket.

```
GET /v20180820/bucket/example-outpost-bucket/replication HTTP/1.1
Host: s3-outposts..amazonaws.com 
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
Authorization: signatureValue
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetBucketReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketReplication) 

# GetBucketTagging


**Note**  
This action gets an Amazon S3 on Outposts bucket's tags. To get an S3 bucket tags, see [GetBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) in the *Amazon S3 API Reference*. 

Returns the tag set associated with the Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

To use this action, you must have permission to perform the `GetBucketTagging` action. By default, the bucket owner has this permission and can grant this permission to others.

 `GetBucketTagging` has the following special error:
+ Error code: `NoSuchTagSetError` 
  + Description: There is no tag set associated with the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketTagging.html#API_control_GetBucketTagging_Examples) section.

The following actions are related to `GetBucketTagging`:
+  [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketTagging.html) 
+  [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketTagging.html) 

## Request Syntax


```
GET /v20180820/bucket/name/tagging HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketTagging_RequestSyntax) **   
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketTagging_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketTaggingResult](#API_control_GetBucketTagging_ResponseSyntax) **   
Root level tag for the GetBucketTaggingResult parameters.  
Required: Yes

 ** [TagSet](#API_control_GetBucketTagging_ResponseSyntax) **   
The tags set of the Outposts bucket.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types

## Examples


### Amazon S3 on Outposts request example for getting a tag set for an Outposts bucket


The following request gets the tag set of the specified Outposts bucket `example-outpost-bucket`.

```
            GET /v20180820/bucket/example-outpost-bucket/tagging HTTP/1.1
            Host: s3-outposts..amazonaws.com
            x-amz-date: Wed, 28 Oct 2020 22:32:00 GMT
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetBucketTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketTagging) 

# GetBucketVersioning


**Note**  
This operation returns the versioning state for S3 on Outposts buckets only. To return the versioning state for an S3 bucket, see [GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) in the *Amazon S3 API Reference*. 

Returns the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures.

If you've never set versioning on your bucket, it has no versioning state. In that case, the `GetBucketVersioning` request does not return a versioning state value.

For more information about versioning, see [Versioning](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Versioning.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketVersioning.html#API_control_GetBucketVersioning_Examples) section.

The following operations are related to `GetBucketVersioning` for S3 on Outposts.
+  [PutBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketVersioning.html) 
+  [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 

## Request Syntax


```
GET /v20180820/bucket/name/versioning HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketVersioning_RequestSyntax) **   
The S3 on Outposts bucket to return the versioning state for.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketVersioning_RequestSyntax) **   
The AWS account ID of the S3 on Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketVersioningResult](#API_control_GetBucketVersioning_ResponseSyntax) **   
Root level tag for the GetBucketVersioningResult parameters.  
Required: Yes

 ** [MFADelete](#API_control_GetBucketVersioning_ResponseSyntax) **   
Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is returned only if the bucket has been configured with MFA delete. If MFA delete has never been configured for the bucket, this element is not returned.  
Type: String  
Valid Values: `Enabled | Disabled` 

 ** [Status](#API_control_GetBucketVersioning_ResponseSyntax) **   
The versioning state of the S3 on Outposts bucket.  
Type: String  
Valid Values: `Enabled | Suspended` 

## Examples


### Sample GetBucketVersioning request on an S3 on Outposts bucket


This request returns the versioning state for an S3 on Outposts bucket that's named `example-outpost-bucket`.

```
            GET /v20180820/bucket/example-outpost-bucket/?versioning HTTP/1.1
            Host:s3-outposts.region-code.amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-date: Wed, 25 May  2022 00:14:21 GMT
            Authorization: signatureValue
```

### Sample GetBucketVersioning response on a versioning-enabled S3 on Outposts bucket


If you enabled versioning on a bucket, the response is:

```
     
        Enabled
     
```

### Sample GetBucketVersioning response on a versioning-suspended bucket


If you suspended versioning on a bucket, the response is:

```
     
        Suspended
     
```

### Sample GetBucketVersioning response if you have never enabled versioning.


If you have never enabled versioning on a bucket, the response is:

```
     
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetBucketVersioning) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketVersioning) 

# GetDataAccess


Returns a temporary access credential from S3 Access Grants to the grantee or client application. The [temporary credential](https://docs.aws.amazon.com/STS/latest/APIReference/API_Credentials.html) is an AWS STS token that grants them access to the S3 data. 

Permissions  
You must have the `s3:GetDataAccess` permission to use this operation. 

Additional Permissions  
The IAM role that S3 Access Grants assumes must have the following permissions specified in the trust policy when registering the location: `sts:AssumeRole`, for directory users or groups `sts:SetContext`, and for IAM users or roles `sts:SetSourceIdentity`. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/dataaccess?auditContext=AuditContext&durationSeconds=DurationSeconds&permission=Permission&privilege=Privilege&target=Target&targetType=TargetType HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [auditContext](#API_control_GetDataAccess_RequestSyntax) **   
The context to identify the job or query associated with the credential request. This information will be displayed in CloudTrail log in your account.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\t]*` 

 ** [durationSeconds](#API_control_GetDataAccess_RequestSyntax) **   
The session duration, in seconds, of the temporary access credential that S3 Access Grants vends to the grantee or client application. The default value is 1 hour, but the grantee can specify a range from 900 seconds (15 minutes) up to 43200 seconds (12 hours). If the grantee requests a value higher than this maximum, the operation fails.   
Valid Range: Minimum value of 900. Maximum value of 43200.

 ** [permission](#API_control_GetDataAccess_RequestSyntax) **   
The type of permission granted to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Valid Values: `READ | WRITE | READWRITE`   
Required: Yes

 ** [privilege](#API_control_GetDataAccess_RequestSyntax) **   
The scope of the temporary access credential that S3 Access Grants vends to the grantee or client application.   
+  `Default` – The scope of the returned temporary access token is the scope of the grant that is closest to the target scope.
+  `Minimal` – The scope of the returned temporary access token is the same as the requested target scope as long as the requested scope is the same as or a subset of the grant scope. 
Valid Values: `Minimal | Default` 

 ** [target](#API_control_GetDataAccess_RequestSyntax) **   
The S3 URI path of the data to which you are requesting temporary access credentials. If the requesting account has an access grant for this data, S3 Access Grants vends temporary access credentials in the response.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$`   
Required: Yes

 ** [targetType](#API_control_GetDataAccess_RequestSyntax) **   
The type of `Target`. The only possible value is `Object`. Pass this value if the target data that you would like to access is a path to an object. Do not pass this value if the target data is a bucket or a bucket and a prefix.   
Valid Values: `Object` 

 ** [x-amz-account-id](#API_control_GetDataAccess_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      string
      timestamp
      string
      string
   
   string
   
      string
      string
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetDataAccessResult](#API_control_GetDataAccess_ResponseSyntax) **   
Root level tag for the GetDataAccessResult parameters.  
Required: Yes

 ** [Credentials](#API_control_GetDataAccess_ResponseSyntax) **   
The temporary credential token that S3 Access Grants vends.  
Type: [Credentials](API_control_Credentials.md) data type

 ** [Grantee](#API_control_GetDataAccess_ResponseSyntax) **   
The user, group, or role that was granted access to the S3 location scope. For directory identities, this API also returns the grants of the IAM role used for the identity-aware request. For more information on identity-aware sessions, see [Granting permissions to use identity-aware console sessions](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_sts-setcontext.html).   
Type: [Grantee](API_control_Grantee.md) data type

 ** [MatchedGrantTarget](#API_control_GetDataAccess_ResponseSyntax) **   
The S3 URI path of the data to which you are being granted temporary access credentials.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetDataAccess) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetDataAccess) 

# GetJobTagging


Returns the tags on an S3 Batch Operations job. 

Permissions  
To use the `GetJobTagging` operation, you must have permission to perform the `s3:GetJobTagging` action. For more information, see [Controlling access and labeling jobs using tags](https://docs.aws.amazon.com/AmazonS3/latest/dev/batch-ops-managing-jobs.html#batch-ops-job-tags) in the *Amazon S3 User Guide*.

Related actions include:
+  [CreateJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [PutJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutJobTagging.html) 
+  [DeleteJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteJobTagging.html) 

## Request Syntax


```
GET /v20180820/jobs/id/tagging HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_GetJobTagging_RequestSyntax) **   
The ID for the S3 Batch Operations job whose tags you want to retrieve.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetJobTagging_RequestSyntax) **   
The AWS account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetJobTaggingResult](#API_control_GetJobTagging_ResponseSyntax) **   
Root level tag for the GetJobTaggingResult parameters.  
Required: Yes

 ** [Tags](#API_control_GetJobTagging_ResponseSyntax) **   
The set of tags associated with the S3 Batch Operations job.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetJobTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetJobTagging) 

# GetMultiRegionAccessPoint


**Note**  
This operation is not supported by directory buckets.

Returns configuration information about the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DeleteMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [ListMultiRegionAccessPoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
GET /v20180820/mrap/instances/name+ HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetMultiRegionAccessPoint_RequestSyntax) **   
The name of the Multi-Region Access Point whose configuration information you want to receive. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see [Rules for naming Amazon S3 Multi-Region Access Points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html#multi-region-access-point-naming) in the *Amazon S3 User Guide*.  
Length Constraints: Maximum length of 50.  
Pattern: `^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPoint_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      string
      timestamp
      string
      
         boolean
         boolean
         boolean
         boolean
      
      
         
            string
            string
            string
         
      
      string
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointResult](#API_control_GetMultiRegionAccessPoint_ResponseSyntax) **   
Root level tag for the GetMultiRegionAccessPointResult parameters.  
Required: Yes

 ** [AccessPoint](#API_control_GetMultiRegionAccessPoint_ResponseSyntax) **   
A container element containing the details of the requested Multi-Region Access Point.  
Type: [MultiRegionAccessPointReport](API_control_MultiRegionAccessPointReport.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPoint) 

# GetMultiRegionAccessPointPolicy


**Note**  
This operation is not supported by directory buckets.

Returns the access control policy of the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPointPolicy`:
+  [GetMultiRegionAccessPointPolicyStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicyStatus.html) 
+  [PutMultiRegionAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutMultiRegionAccessPointPolicy.html) 

## Request Syntax


```
GET /v20180820/mrap/instances/name+/policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetMultiRegionAccessPointPolicy_RequestSyntax) **   
Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see [Rules for naming Amazon S3 Multi-Region Access Points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html#multi-region-access-point-naming) in the *Amazon S3 User Guide*.  
Length Constraints: Maximum length of 50.  
Pattern: `^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPointPolicy_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
      
      
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointPolicyResult](#API_control_GetMultiRegionAccessPointPolicy_ResponseSyntax) **   
Root level tag for the GetMultiRegionAccessPointPolicyResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetMultiRegionAccessPointPolicy_ResponseSyntax) **   
The policy associated with the specified Multi-Region Access Point.  
Type: [MultiRegionAccessPointPolicyDocument](API_control_MultiRegionAccessPointPolicyDocument.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 

# GetMultiRegionAccessPointPolicyStatus


**Note**  
This operation is not supported by directory buckets.

Indicates whether the specified Multi-Region Access Point has an access control policy that allows public access.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPointPolicyStatus`:
+  [GetMultiRegionAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicy.html) 
+  [PutMultiRegionAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutMultiRegionAccessPointPolicy.html) 

## Request Syntax


```
GET /v20180820/mrap/instances/name+/policystatus HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetMultiRegionAccessPointPolicyStatus_RequestSyntax) **   
Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see [Rules for naming Amazon S3 Multi-Region Access Points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html#multi-region-access-point-naming) in the *Amazon S3 User Guide*.  
Length Constraints: Maximum length of 50.  
Pattern: `^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPointPolicyStatus_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      boolean
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointPolicyStatusResult](#API_control_GetMultiRegionAccessPointPolicyStatus_ResponseSyntax) **   
Root level tag for the GetMultiRegionAccessPointPolicyStatusResult parameters.  
Required: Yes

 ** [Established](#API_control_GetMultiRegionAccessPointPolicyStatus_ResponseSyntax) **   
Indicates whether this access point policy is public. For more information about how Amazon S3 evaluates policies to determine whether they are public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.   
Type: [PolicyStatus](API_control_PolicyStatus.md) data type

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 

# GetMultiRegionAccessPointRoutes


**Note**  
This operation is not supported by directory buckets.

Returns the routing configuration for a Multi-Region Access Point, indicating which Regions are active or passive.

To obtain routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five AWS Regions:
+  `us-east-1` 
+  `us-west-2` 
+  `ap-southeast-2` 
+  `ap-northeast-1` 
+  `eu-west-1` 

## Request Syntax


```
GET /v20180820/mrap/instances/mrap+/routes HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [mrap](#API_control_GetMultiRegionAccessPointRoutes_RequestSyntax) **   
The Multi-Region Access Point ARN.  
Length Constraints: Maximum length of 200.  
Pattern: `^[a-zA-Z0-9\:.-]{3,200}$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPointRoutes_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         string
         string
         integer
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointRoutesResult](#API_control_GetMultiRegionAccessPointRoutes_ResponseSyntax) **   
Root level tag for the GetMultiRegionAccessPointRoutesResult parameters.  
Required: Yes

 ** [Mrap](#API_control_GetMultiRegionAccessPointRoutes_ResponseSyntax) **   
The Multi-Region Access Point ARN.  
Type: String  
Length Constraints: Maximum length of 200.  
Pattern: `^[a-zA-Z0-9\:.-]{3,200}$` 

 ** [Routes](#API_control_GetMultiRegionAccessPointRoutes_ResponseSyntax) **   
The different routes that make up the route configuration. Active routes return a value of `100`, and passive routes return a value of `0`.  
Type: Array of [MultiRegionAccessPointRoute](API_control_MultiRegionAccessPointRoute.md) data types

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 

# GetPublicAccessBlock


**Note**  
This operation is not supported by directory buckets.

Retrieves the `PublicAccessBlock` configuration for an AWS account. This operation returns the effective account-level configuration, which may inherit from organization-level policies. For more information, see [ Using Amazon S3 block public access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html).

Related actions include:
+  [DeletePublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeletePublicAccessBlock.html) 
+  [PutPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutPublicAccessBlock.html) 

## Request Syntax


```
GET /v20180820/configuration/publicAccessBlock HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_GetPublicAccessBlock_RequestSyntax) **   
The account ID for the AWS account whose `PublicAccessBlock` configuration you want to retrieve.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   boolean
   boolean
   boolean
   boolean

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [PublicAccessBlockConfiguration](#API_control_GetPublicAccessBlock_ResponseSyntax) **   
Root level tag for the PublicAccessBlockConfiguration parameters.  
Required: Yes

 ** [BlockPublicAcls](#API_control_GetPublicAccessBlock_ResponseSyntax) **   
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:  
+  `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.
+ PUT Object calls fail if the request includes a public ACL.
+ PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

 ** [BlockPublicPolicy](#API_control_GetPublicAccessBlock_ResponseSyntax) **   
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.   
Enabling this setting doesn't affect existing bucket policies.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

 ** [IgnorePublicAcls](#API_control_GetPublicAccessBlock_ResponseSyntax) **   
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.   
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

 ** [RestrictPublicBuckets](#API_control_GetPublicAccessBlock_ResponseSyntax) **   
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.  
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

## Errors


 ** NoSuchPublicAccessBlockConfiguration **   
Amazon S3 throws this exception if you make a `GetPublicAccessBlock` request against an account that doesn't have a `PublicAccessBlockConfiguration` set.  
HTTP Status Code: 404

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetPublicAccessBlock) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetPublicAccessBlock) 

# GetStorageLensConfiguration


**Note**  
This operation is not supported by directory buckets.

Gets the Amazon S3 Storage Lens configuration. For more information, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*. For a complete list of S3 Storage Lens metrics, see [S3 Storage Lens metrics glossary](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_metrics_glossary.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:GetStorageLensConfiguration` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/storagelens/storagelensid HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_GetStorageLensConfiguration_RequestSyntax) **   
The ID of the Amazon S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetStorageLensConfiguration_RequestSyntax) **   
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         boolean
      
      
         boolean
      
      
         boolean
      
      
         boolean
      
      
         
            boolean
         
         
            boolean
         
         
            boolean
         
         
            boolean
         
         
            boolean
         
         
            
               boolean
               
                  string
                  integer
                  double
               
            
         
      
      
         boolean
      
      
         
            
               string
            
            
               string
            
         
      
   
   
      
         string
      
      
         string
      
   
   
      
         string
      
      
         string
      
   
   
      
         boolean
      
      
         string
         string
         
            
               string
            
            
            
         
         string
         string
         string
      
      
         
            
               string
            
            
            
         
         boolean
      
   
   
      
         string
         string
         
            
               string
            
            
            
         
         string
         string
         string
      
      
         
            
               string
            
            
            
         
         boolean
      
   
   boolean
   
      string
   
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [StorageLensConfiguration](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
Root level tag for the StorageLensConfiguration parameters.  
Required: Yes

 ** [AccountLevel](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container for all the account-level configurations of your S3 Storage Lens configuration.  
Type: [AccountLevel](API_control_AccountLevel.md) data type

 ** [AwsOrg](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container for the AWS organization for this S3 Storage Lens configuration.  
Type: [StorageLensAwsOrg](API_control_StorageLensAwsOrg.md) data type

 ** [DataExport](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container to specify the properties of your S3 Storage Lens metrics export including, the destination, schema and format.  
Type: [StorageLensDataExport](API_control_StorageLensDataExport.md) data type

 ** [Exclude](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container for what is excluded in this configuration. This container can only be valid if there is no `Include` container submitted, and it's not empty.   
Type: [Exclude](API_control_Exclude.md) data type

 ** [ExpandedPrefixesDataExport](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container that configures your S3 Storage Lens expanded prefixes metrics report.   
Type: [StorageLensExpandedPrefixesDataExport](API_control_StorageLensExpandedPrefixesDataExport.md) data type

 ** [Id](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container for the Amazon S3 Storage Lens configuration ID.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+` 

 ** [Include](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container for what is included in this configuration. This container can only be valid if there is no `Exclude` container submitted, and it's not empty.   
Type: [Include](API_control_Include.md) data type

 ** [IsEnabled](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container for whether the S3 Storage Lens configuration is enabled.  
Type: Boolean

 ** [PrefixDelimiter](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
A container for all prefix delimiters that are used for object keys in this S3 Storage Lens configuration. The prefix delimiters determine how S3 Storage Lens counts prefix depth, by separating the hierarchical levels in object keys.  
+ If either a prefix delimiter or existing delimiter is undefined, Amazon S3 uses the delimiter that’s defined.
+ If both the prefix delimiter and existing delimiter are undefined, S3 uses `/` as the default delimiter.
+ When custom delimiters are used, both the prefix delimiter and existing delimiter must specify the same special character. Otherwise, your request results in an error.
Type: String  
Length Constraints: Maximum length of 1.

 ** [StorageLensArn](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the S3 Storage Lens configuration. This property is read-only and follows the following format: ` arn:aws:s3:us-east-1:example-account-id:storage-lens/your-dashboard-name `   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:storage\-lens\/.*` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetStorageLensConfiguration) 

# GetStorageLensConfigurationTagging


**Note**  
This operation is not supported by directory buckets.

Gets the tags of Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:GetStorageLensConfigurationTagging` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/storagelens/storagelensid/tagging HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_GetStorageLensConfigurationTagging_RequestSyntax) **   
The ID of the Amazon S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetStorageLensConfigurationTagging_RequestSyntax) **   
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetStorageLensConfigurationTaggingResult](#API_control_GetStorageLensConfigurationTagging_ResponseSyntax) **   
Root level tag for the GetStorageLensConfigurationTaggingResult parameters.  
Required: Yes

 ** [Tags](#API_control_GetStorageLensConfigurationTagging_ResponseSyntax) **   
The tags of S3 Storage Lens configuration requested.  
Type: Array of [StorageLensTag](API_control_StorageLensTag.md) data types

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 

# GetStorageLensGroup


 Retrieves the Storage Lens group configuration details.

To use this operation, you must have the permission to perform the `s3:GetStorageLensGroup` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
GET /v20180820/storagelensgroup/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetStorageLensGroup_RequestSyntax) **   
 The name of the Storage Lens group that you're trying to retrieve the configuration details for.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetStorageLensGroup_RequestSyntax) **   
 The AWS account ID associated with the Storage Lens group that you're trying to retrieve the details for.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         
            string
         
         
            string
         
         
            
               string
               string
            
         
         
            integer
            integer
         
         
            long
            long
         
      
      
         string
      
      
         string
      
      
         
            string
            string
         
      
      
         integer
         integer
      
      
         long
         long
      
      
         
            string
         
         
            string
         
         
            
               string
               string
            
         
         
            integer
            integer
         
         
            long
            long
         
      
   
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [StorageLensGroup](#API_control_GetStorageLensGroup_ResponseSyntax) **   
Root level tag for the StorageLensGroup parameters.  
Required: Yes

 ** [Filter](#API_control_GetStorageLensGroup_ResponseSyntax) **   
Sets the criteria for the Storage Lens group data that is displayed. For multiple filter conditions, the `AND` or `OR` logical operator is used.  
Type: [StorageLensGroupFilter](API_control_StorageLensGroupFilter.md) data type

 ** [Name](#API_control_GetStorageLensGroup_ResponseSyntax) **   
 Contains the name of the Storage Lens group.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+` 

 ** [StorageLensGroupArn](#API_control_GetStorageLensGroup_ResponseSyntax) **   
 Contains the Amazon Resource Name (ARN) of the Storage Lens group. This property is read-only.   
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 1024.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:storage\-lens\-group\/.*` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/GetStorageLensGroup) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/GetStorageLensGroup) 

# ListAccessGrants


Returns the list of access grants in your S3 Access Grants instance.

Permissions  
You must have the `s3:ListAccessGrants` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/grants?application_arn=ApplicationArn&granteeidentifier=GranteeIdentifier&granteetype=GranteeType&grantscope=GrantScope&maxResults=MaxResults&nextToken=NextToken&permission=Permission HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [application\$1arn](#API_control_ListAccessGrants_RequestSyntax) **   
The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.   
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [granteeidentifier](#API_control_ListAccessGrants_RequestSyntax) **   
The unique identifer of the `Grantee`. If the grantee type is `IAM`, the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`. You can obtain this UUID from your AWS IAM Identity Center instance.

 ** [granteetype](#API_control_ListAccessGrants_RequestSyntax) **   
The type of the grantee to which access has been granted. It can be one of the following values:  
+  `IAM` - An IAM user or role.
+  `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
+  `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
Valid Values: `DIRECTORY_USER | DIRECTORY_GROUP | IAM` 

 ** [grantscope](#API_control_ListAccessGrants_RequestSyntax) **   
The S3 path of the data to which you are granting access. It is the result of appending the `Subprefix` to the location scope.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [maxResults](#API_control_ListAccessGrants_RequestSyntax) **   
The maximum number of access grants that you would like returned in the `List Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessGrants_RequestSyntax) **   
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants` request in order to retrieve the next page of results.

 ** [permission](#API_control_ListAccessGrants_RequestSyntax) **   
The type of permission granted to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Valid Values: `READ | WRITE | READWRITE` 

 ** [x-amz-account-id](#API_control_ListAccessGrants_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         string
         string
         
            string
         
         string
         string
         timestamp
         
            string
            string
         
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessGrantsResult](#API_control_ListAccessGrants_ResponseSyntax) **   
Root level tag for the ListAccessGrantsResult parameters.  
Required: Yes

 ** [AccessGrantsList](#API_control_ListAccessGrants_ResponseSyntax) **   
A container for a list of grants in an S3 Access Grants instance.  
Type: Array of [ListAccessGrantEntry](API_control_ListAccessGrantEntry.md) data types

 ** [NextToken](#API_control_ListAccessGrants_ResponseSyntax) **   
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListAccessGrants) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessGrants) 

# ListAccessGrantsInstances


Returns a list of S3 Access Grants instances. An S3 Access Grants instance serves as a logical grouping for your individual access grants. You can only have one S3 Access Grants instance per Region per account.

Permissions  
You must have the `s3:ListAccessGrantsInstances` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstances?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListAccessGrantsInstances_RequestSyntax) **   
The maximum number of access grants that you would like returned in the `List Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessGrantsInstances_RequestSyntax) **   
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Instances` request in order to retrieve the next page of results.

 ** [x-amz-account-id](#API_control_ListAccessGrantsInstances_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         string
         string
         timestamp
         string
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessGrantsInstancesResult](#API_control_ListAccessGrantsInstances_ResponseSyntax) **   
Root level tag for the ListAccessGrantsInstancesResult parameters.  
Required: Yes

 ** [AccessGrantsInstancesList](#API_control_ListAccessGrantsInstances_ResponseSyntax) **   
A container for a list of S3 Access Grants instances.  
Type: Array of [ListAccessGrantsInstanceEntry](API_control_ListAccessGrantsInstanceEntry.md) data types

 ** [NextToken](#API_control_ListAccessGrantsInstances_ResponseSyntax) **   
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Instances` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessGrantsInstances) 

# ListAccessGrantsLocations


Returns a list of the locations registered in your S3 Access Grants instance.

Permissions  
You must have the `s3:ListAccessGrantsLocations` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/locations?locationscope=LocationScope&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [locationscope](#API_control_ListAccessGrantsLocations_RequestSyntax) **   
The S3 path to the location that you are registering. The location scope can be the default S3 location `s3://`, the S3 path to a bucket `s3://`, or the S3 path to a bucket and prefix `s3:///`. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [maxResults](#API_control_ListAccessGrantsLocations_RequestSyntax) **   
The maximum number of access grants that you would like returned in the `List Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessGrantsLocations_RequestSyntax) **   
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Locations` request in order to retrieve the next page of results.

 ** [x-amz-account-id](#API_control_ListAccessGrantsLocations_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         string
         string
         timestamp
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessGrantsLocationsResult](#API_control_ListAccessGrantsLocations_ResponseSyntax) **   
Root level tag for the ListAccessGrantsLocationsResult parameters.  
Required: Yes

 ** [AccessGrantsLocationsList](#API_control_ListAccessGrantsLocations_ResponseSyntax) **   
A container for a list of registered locations in an S3 Access Grants instance.  
Type: Array of [ListAccessGrantsLocationsEntry](API_control_ListAccessGrantsLocationsEntry.md) data types

 ** [NextToken](#API_control_ListAccessGrantsLocations_ResponseSyntax) **   
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Locations` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessGrantsLocations) 

# ListAccessPoints


**Note**  
This operation is not supported by directory buckets.

Returns a list of the access points. You can retrieve up to 1,000 access points per call. If the call returns more than 1,000 access points (or the number specified in `maxResults`, whichever is less), the response will include a continuation token that you can use to list the additional access points.

Returns only access points attached to S3 buckets by default. To return all access points specify `DataSourceType` as `ALL`.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html#API_control_GetAccessPoint_Examples) section.

The following actions are related to `ListAccessPoints`:
+  [CreateAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [DeleteAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html) 
+  [GetAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html) 

## Request Syntax


```
GET /v20180820/accesspoint?bucket=Bucket&dataSourceId=DataSourceId&dataSourceType=DataSourceType&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [bucket](#API_control_ListAccessPoints_RequestSyntax) **   
The name of the bucket whose associated access points you want to list.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [dataSourceId](#API_control_ListAccessPoints_RequestSyntax) **   
The unique identifier for the data source of the access point.  
Length Constraints: Maximum length of 191.

 ** [dataSourceType](#API_control_ListAccessPoints_RequestSyntax) **   
The type of the data source that the access point is attached to. Returns only access points attached to S3 buckets by default. To return all access points specify `DataSourceType` as `ALL`.

 ** [maxResults](#API_control_ListAccessPoints_RequestSyntax) **   
The maximum number of access points that you want to include in the list. If the specified bucket has more than this number of access points, then the response will include a continuation token in the `NextToken` field that you can use to retrieve the next page of access points.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessPoints_RequestSyntax) **   
A continuation token. If a previous call to `ListAccessPoints` returned a continuation token in the `NextToken` field, then providing that value here causes Amazon S3 to retrieve the next page of results.  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListAccessPoints_RequestSyntax) **   
The AWS account ID for the account that owns the specified access points.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         string
         string
         string
         string
         string
         string
         string
         
            string
         
      
   
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessPointsResult](#API_control_ListAccessPoints_ResponseSyntax) **   
Root level tag for the ListAccessPointsResult parameters.  
Required: Yes

 ** [AccessPointList](#API_control_ListAccessPoints_ResponseSyntax) **   
Contains identification and configuration information for one or more access points associated with the specified bucket.  
Type: Array of [AccessPoint](API_control_AccessPoint.md) data types

 ** [NextToken](#API_control_ListAccessPoints_ResponseSyntax) **   
If the specified bucket has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

## Examples


### Sample request syntax for ListAccessPoints for Amazon S3 on Outposts


The following request returns a list access points of the specified Amazon S3 on Outposts bucket `example-outpost-bucket`.

```
           GET /v20180820/accesspoint?Bucket=example-outpost-bucket&MaxResults=MaxResults&NextToken=NextToken HTTP/1.1
           Host: s3-outposts..amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListAccessPoints) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessPoints) 

# ListAccessPointsForDirectoryBuckets


Returns a list of the access points that are owned by the AWS account and that are associated with the specified directory bucket.

To list access points for general purpose buckets, see [ListAccesspoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html).

To use this operation, you must have the permission to perform the `s3express:ListAccessPointsForDirectoryBuckets` action.

For information about REST API errors, see [REST error responses](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
GET /v20180820/accesspointfordirectory?directoryBucket=DirectoryBucket&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [directoryBucket](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   
The name of the directory bucket associated with the access points you want to list.  
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [maxResults](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   
The maximum number of access points that you would like returned in the `ListAccessPointsForDirectoryBuckets` response. If the directory bucket is associated with more than this number of access points, the results include the pagination token `NextToken`. Make another call using the `NextToken` to retrieve more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   
 If `NextToken` is returned, there are more access points available than requested in the `maxResults` value. The value of `NextToken` is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.   
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   
The AWS account ID that owns the access points.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         string
         string
         string
         string
         string
         string
         string
         
            string
         
      
   
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessPointsForDirectoryBucketsResult](#API_control_ListAccessPointsForDirectoryBuckets_ResponseSyntax) **   
Root level tag for the ListAccessPointsForDirectoryBucketsResult parameters.  
Required: Yes

 ** [AccessPointList](#API_control_ListAccessPointsForDirectoryBuckets_ResponseSyntax) **   
Contains identification and configuration information for one or more access points associated with the directory bucket.  
Type: Array of [AccessPoint](API_control_AccessPoint.md) data types

 ** [NextToken](#API_control_ListAccessPointsForDirectoryBuckets_ResponseSyntax) **   
 If `NextToken` is returned, there are more access points available than requested in the `maxResults` value. The value of `NextToken` is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 

# ListAccessPointsForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns some or all (up to 1,000) access points associated with the Object Lambda Access Point per call. If there are more access points than what can be returned in one call, the response will include a continuation token that you can use to list the additional access points.

The following actions are related to `ListAccessPointsForObjectLambda`:
+  [CreateAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html) 
+  [DeleteAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html) 
+  [GetAccessPointForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListAccessPointsForObjectLambda_RequestSyntax) **   
The maximum number of access points that you want to include in the list. The response may contain fewer access points but will never contain more. If there are more than this number of access points, then the response will include a continuation token in the `NextToken` field that you can use to retrieve the next page of access points.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessPointsForObjectLambda_RequestSyntax) **   
If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListAccessPointsForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         
            string
            string
         
         string
         string
      
   
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessPointsForObjectLambdaResult](#API_control_ListAccessPointsForObjectLambda_ResponseSyntax) **   
Root level tag for the ListAccessPointsForObjectLambdaResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListAccessPointsForObjectLambda_ResponseSyntax) **   
If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [ObjectLambdaAccessPointList](#API_control_ListAccessPointsForObjectLambda_ResponseSyntax) **   
Returns list of Object Lambda Access Points.  
Type: Array of [ObjectLambdaAccessPoint](API_control_ObjectLambdaAccessPoint.md) data types

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 

# ListCallerAccessGrants


Use this API to list the access grants that grant the caller access to Amazon S3 data through S3 Access Grants. The caller (grantee) can be an AWS Identity and Access Management (IAM) identity or AWS Identity Center corporate directory identity. You must pass the AWS account of the S3 data owner (grantor) in the request. You can, optionally, narrow the results by `GrantScope`, using a fragment of the data's S3 path, and S3 Access Grants will return only the grants with a path that contains the path fragment. You can also pass the `AllowedByApplication` filter in the request, which returns only the grants authorized for applications, whether the application is the caller's Identity Center application or any other application (`ALL`). For more information, see [List the caller's access grants](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-list-grants.html) in the *Amazon S3 User Guide*.

Permissions  
You must have the `s3:ListCallerAccessGrants` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/caller/grants?allowedByApplication=AllowedByApplication&grantscope=GrantScope&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [allowedByApplication](#API_control_ListCallerAccessGrants_RequestSyntax) **   
If this optional parameter is passed in the request, a filter is applied to the results. The results will include only the access grants for the caller's Identity Center application or for any other applications (`ALL`).

 ** [grantscope](#API_control_ListCallerAccessGrants_RequestSyntax) **   
The S3 path of the data that you would like to access. Must start with `s3://`. You can optionally pass only the beginning characters of a path, and S3 Access Grants will search for all applicable grants for the path fragment.   
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [maxResults](#API_control_ListCallerAccessGrants_RequestSyntax) **   
The maximum number of access grants that you would like returned in the `List Caller Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListCallerAccessGrants_RequestSyntax) **   
A pagination token to request the next page of results. Pass this value into a subsequent `List Caller Access Grants` request in order to retrieve the next page of results.

 ** [x-amz-account-id](#API_control_ListCallerAccessGrants_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         string
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListCallerAccessGrantsResult](#API_control_ListCallerAccessGrants_ResponseSyntax) **   
Root level tag for the ListCallerAccessGrantsResult parameters.  
Required: Yes

 ** [CallerAccessGrantsList](#API_control_ListCallerAccessGrants_ResponseSyntax) **   
A list of the caller's access grants that were created using S3 Access Grants and that grant the caller access to the S3 data of the AWS account ID that was specified in the request.   
Type: Array of [ListCallerAccessGrantsEntry](API_control_ListCallerAccessGrantsEntry.md) data types

 ** [NextToken](#API_control_ListCallerAccessGrants_ResponseSyntax) **   
A pagination token that you can use to request the next page of results. Pass this value into a subsequent `List Caller Access Grants` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListCallerAccessGrants) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListCallerAccessGrants) 

# ListJobs


Lists current S3 Batch Operations jobs as well as the jobs that have ended within the last 90 days for the AWS account making the request. For more information, see [S3 Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `ListJobs` operation, you must have permission to perform the `s3:ListJobs` action.

Related actions include:


+  [CreateJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [DescribeJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [UpdateJobPriority](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobPriority.html) 
+  [UpdateJobStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
GET /v20180820/jobs?jobStatuses=JobStatuses&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [jobStatuses](#API_control_ListJobs_RequestSyntax) **   
The `List Jobs` request returns jobs that match the statuses listed in this element.  
Valid Values: `Active | Cancelled | Cancelling | Complete | Completing | Failed | Failing | New | Paused | Pausing | Preparing | Ready | Suspended` 

 ** [maxResults](#API_control_ListJobs_RequestSyntax) **   
The maximum number of jobs that Amazon S3 will include in the `List Jobs` response. If there are more jobs than this number, the response will include a pagination token in the `NextToken` field to enable you to retrieve the next page of results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListJobs_RequestSyntax) **   
A pagination token to request the next page of results. Use the token that Amazon S3 returned in the `NextToken` element of the `ListJobsResult` from the previous `List Jobs` request.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

 ** [x-amz-account-id](#API_control_ListJobs_RequestSyntax) **   
The AWS account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      
         timestamp
         string
         string
         string
         integer
         
            long
            long
            
               long
            
            long
         
         string
         timestamp
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListJobsResult](#API_control_ListJobs_ResponseSyntax) **   
Root level tag for the ListJobsResult parameters.  
Required: Yes

 ** [Jobs](#API_control_ListJobs_ResponseSyntax) **   
The list of current jobs and jobs that have ended within the last 30 days.  
Type: Array of [JobListDescriptor](API_control_JobListDescriptor.md) data types

 ** [NextToken](#API_control_ListJobs_ResponseSyntax) **   
If the `List Jobs` request produced more than the maximum number of results, you can pass this value into a subsequent `List Jobs` request in order to retrieve the next page of results.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** InvalidNextTokenException **   
  
HTTP Status Code: 400

 ** InvalidRequestException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListJobs) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListJobs) 

# ListMultiRegionAccessPoints


**Note**  
This operation is not supported by directory buckets.

Returns a list of the Multi-Region Access Points currently associated with the specified AWS account. Each call can return up to 100 Multi-Region Access Points, the maximum number of Multi-Region Access Points that can be associated with a single account.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `ListMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DeleteMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [GetMultiRegionAccessPoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 

## Request Syntax


```
GET /v20180820/mrap/instances?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListMultiRegionAccessPoints_RequestSyntax) **   
Not currently used. Do not use this parameter.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListMultiRegionAccessPoints_RequestSyntax) **   
Not currently used. Do not use this parameter.  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListMultiRegionAccessPoints_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         timestamp
         string
         
            boolean
            boolean
            boolean
            boolean
         
         
            
               string
               string
               string
            
         
         string
      
   
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListMultiRegionAccessPointsResult](#API_control_ListMultiRegionAccessPoints_ResponseSyntax) **   
Root level tag for the ListMultiRegionAccessPointsResult parameters.  
Required: Yes

 ** [AccessPoints](#API_control_ListMultiRegionAccessPoints_ResponseSyntax) **   
The list of Multi-Region Access Points associated with the user.  
Type: Array of [MultiRegionAccessPointReport](API_control_MultiRegionAccessPointReport.md) data types

 ** [NextToken](#API_control_ListMultiRegionAccessPoints_ResponseSyntax) **   
If the specified bucket has more Multi-Region Access Points than can be returned in one call to this action, this field contains a continuation token. You can use this token tin subsequent calls to this action to retrieve additional Multi-Region Access Points.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListMultiRegionAccessPoints) 

# ListRegionalBuckets


**Note**  
This operation is not supported by directory buckets.

Returns a list of all Outposts buckets in an Outpost that are owned by the authenticated sender of the request. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and `x-amz-outpost-id` in your request, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListRegionalBuckets.html#API_control_ListRegionalBuckets_Examples) section.

## Request Syntax


```
GET /v20180820/bucket?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
x-amz-outpost-id: OutpostId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListRegionalBuckets_RequestSyntax) **   
  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListRegionalBuckets_RequestSyntax) **   
  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListRegionalBuckets_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

 ** [x-amz-outpost-id](#API_control_ListRegionalBuckets_RequestSyntax) **   
The ID of the AWS Outposts resource.  
This ID is required by Amazon S3 on Outposts buckets.
Length Constraints: Minimum length of 1. Maximum length of 64.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         string
         timestamp
         string
         boolean
      
   
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListRegionalBucketsResult](#API_control_ListRegionalBuckets_ResponseSyntax) **   
Root level tag for the ListRegionalBucketsResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListRegionalBuckets_ResponseSyntax) **   
 `NextToken` is sent when `isTruncated` is true, which means there are more buckets that can be listed. The next list requests to Amazon S3 can be continued with this `NextToken`. `NextToken` is obfuscated and is not a real key.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [RegionalBucketList](#API_control_ListRegionalBuckets_ResponseSyntax) **   
  
Type: Array of [RegionalBucket](API_control_RegionalBucket.md) data types

## Examples


### Sample request to list an account's Outposts buckets


This request lists regional buckets.

```
            GET /v20180820/bucket HTTP /1.1            
            Host:s3-outposts.us-west-2.amazonaws.com
            Content-Length: 0
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-account-id: example-account-id
            Date: Wed, 01 Mar  2006 12:00:00 GMT
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListRegionalBuckets) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListRegionalBuckets) 

# ListStorageLensConfigurations


**Note**  
This operation is not supported by directory buckets.

Gets a list of Amazon S3 Storage Lens configurations. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:ListStorageLensConfigurations` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/storagelens?nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [nextToken](#API_control_ListStorageLensConfigurations_RequestSyntax) **   
A pagination token to request the next page of results.

 ** [x-amz-account-id](#API_control_ListStorageLensConfigurations_RequestSyntax) **   
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      string
      string
      boolean
      string
   
   ...

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListStorageLensConfigurationsResult](#API_control_ListStorageLensConfigurations_ResponseSyntax) **   
Root level tag for the ListStorageLensConfigurationsResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListStorageLensConfigurations_ResponseSyntax) **   
If the request produced more than the maximum number of S3 Storage Lens configuration results, you can pass this value into a subsequent request to retrieve the next page of results.  
Type: String

 ** [StorageLensConfiguration](#API_control_ListStorageLensConfigurations_ResponseSyntax) **   
A list of S3 Storage Lens configurations.  
Type: Array of [ListStorageLensConfigurationEntry](API_control_ListStorageLensConfigurationEntry.md) data types

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListStorageLensConfigurations) 

# ListStorageLensGroups


 Lists all the Storage Lens groups in the specified home Region. 

To use this operation, you must have the permission to perform the `s3:ListStorageLensGroups` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
GET /v20180820/storagelensgroup?nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [nextToken](#API_control_ListStorageLensGroups_RequestSyntax) **   
The token for the next set of results, or `null` if there are no more results. 

 ** [x-amz-account-id](#API_control_ListStorageLensGroups_RequestSyntax) **   
 The AWS account ID that owns the Storage Lens groups.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   
      string
      string
      string
   
   ...

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListStorageLensGroupsResult](#API_control_ListStorageLensGroups_ResponseSyntax) **   
Root level tag for the ListStorageLensGroupsResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListStorageLensGroups_ResponseSyntax) **   
 If `NextToken` is returned, there are more Storage Lens groups results available. The value of `NextToken` is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.   
Type: String

 ** [StorageLensGroup](#API_control_ListStorageLensGroups_ResponseSyntax) **   
 The list of Storage Lens groups that exist in the specified home Region.   
Type: Array of [ListStorageLensGroupEntry](API_control_ListStorageLensGroupEntry.md) data types

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListStorageLensGroups) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListStorageLensGroups) 

# ListTagsForResource


This operation allows you to list all of the tags for a specified resource. Each tag is a label consisting of a key and value. Tags can help you organize, track costs for, and control access to resources. 

**Note**  
This operation is only supported for the following Amazon S3 resources:  
 [General purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging.html) 
 [Access Points for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-db-tagging.html) 
 [Access Points for general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-tagging.html) 
 [Directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) 
 [S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-lens-groups.html) 
 [S3 Access Grants instances, registered locations, and grants](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-tagging.html).

Permissions  
For general purpose buckets, access points for general purpose buckets, Storage Lens groups, and S3 Access Grants, you must have the `s3:ListTagsForResource` permission to use this operation. 

Directory bucket permissions  
For directory buckets, you must have the `s3express:ListTagsForResource` permission to use this operation. For more information about directory buckets policies and permissions, see [Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-permissions.html) in the *Amazon S3 User Guide*.

HTTP Host header syntax  
 **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`.

For information about S3 Tagging errors, see [List of Amazon S3 Tagging error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3TaggingErrorCodeList).

## Request Syntax


```
GET /v20180820/tags/resourceArn+ HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_control_ListTagsForResource_RequestSyntax) **   
 The Amazon Resource Name (ARN) of the S3 resource that you want to list tags for. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.   
Length Constraints: Maximum length of 1011.  
Pattern: `arn:[^:]+:s3(express)?:[^:].*`   
Required: Yes

 ** [x-amz-account-id](#API_control_ListTagsForResource_RequestSyntax) **   
 The AWS account ID of the resource owner.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   
      
         string
         string
      
   

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListTagsForResourceResult](#API_control_ListTagsForResource_ResponseSyntax) **   
Root level tag for the ListTagsForResourceResult parameters.  
Required: Yes

 ** [Tags](#API_control_ListTagsForResource_ResponseSyntax) **   
 The AWS resource tags that are associated with the resource.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/ListTagsForResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/ListTagsForResource) 

# PutAccessGrantsInstanceResourcePolicy


Updates the resource policy of the S3 Access Grants instance. 

Permissions  
You must have the `s3:PutAccessGrantsInstanceResourcePolicy` permission to use this operation. 

## Request Syntax


```
PUT /v20180820/accessgrantsinstance/resourcepolicy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessGrantsInstanceResourcePolicyRequest](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   
Root level tag for the PutAccessGrantsInstanceResourcePolicyRequest parameters.  
Required: Yes

 ** [Organization](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   
The Organization of the resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 12. Maximum length of 34.  
Pattern: `^o-[a-z0-9]{10,32}$`   
Required: No

 ** [Policy](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   
The resource policy of the S3 Access Grants instance that you are updating.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 350000.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200


   string
   string
   timestamp

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [PutAccessGrantsInstanceResourcePolicyResult](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
Root level tag for the PutAccessGrantsInstanceResourcePolicyResult parameters.  
Required: Yes

 ** [CreatedAt](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
The date and time when you created the S3 Access Grants instance resource policy.   
Type: Timestamp

 ** [Organization](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
The Organization of the resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 12. Maximum length of 34.  
Pattern: `^o-[a-z0-9]{10,32}$` 

 ** [Policy](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   
The updated resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 350000.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 

# PutAccessPointConfigurationForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Replaces configuration for an Object Lambda Access Point.

The following actions are related to `PutAccessPointConfigurationForObjectLambda`:
+  [GetAccessPointConfigurationForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointConfigurationForObjectLambda.html) 

## Request Syntax


```
PUT /v20180820/accesspointforobjectlambda/name/configuration HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
      
      boolean
      string
      
         
            
               string
            
            
               
                  string
                  string
               
            
         
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointConfigurationForObjectLambdaRequest](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   
Root level tag for the PutAccessPointConfigurationForObjectLambdaRequest parameters.  
Required: Yes

 ** [Configuration](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   
Object Lambda Access Point configuration document.  
Type: [ObjectLambdaConfiguration](API_control_ObjectLambdaConfiguration.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 

# PutAccessPointPolicy


Associates an access policy with the specified access point. Each access point can have only one policy, so a request made to this API replaces any existing policy associated with the specified access point.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html#API_control_PutAccessPointPolicy_Examples) section.

The following actions are related to `PutAccessPointPolicy`:
+  [GetAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html) 
+  [DeleteAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html) 

## Request Syntax


```
PUT /v20180820/accesspoint/name/policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointPolicy_RequestSyntax) **   
The name of the access point that you want to associate with the specified policy.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:::outpost//accesspoint/`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointPolicy_RequestSyntax) **   
The AWS account ID for owner of the bucket associated with the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointPolicyRequest](#API_control_PutAccessPointPolicy_RequestSyntax) **   
Root level tag for the PutAccessPointPolicyRequest parameters.  
Required: Yes

 ** [Policy](#API_control_PutAccessPointPolicy_RequestSyntax) **   
The policy that you want to apply to the specified access point. For more information about access point policies, see [Managing data access with Amazon S3 access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html) or [Managing access to shared datasets in directory buckets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.  
Type: String  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request syntax for the PutAccessPointPolicy action for Amazon S3 on Outposts access point


This example illustrates one usage of PutAccessPointPolicy.

```
           PUT /v20180820/accesspoint/example-access-point/policy HTTP/1.1
           Host: s3-outposts..amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
           
               
                  
{
   "Version":"2012-10-17",		 	 	 
   "Id":"AccessPointPolicy-for-example-access-point",
   "Statement":[
      {
         "Sid":"st1",
         "Effect":"Allow",
         "Principal":{
            "AWS":"example-account-id"
         },
         "Action":"s3-outposts:*",
         "Resource":"arn:aws:s3-outposts:your-Region:example-account-id:outpost/op-01ac5d28a6a232904/accesspoint/example-access-point
      }
   ]
}
                  
               
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutAccessPointPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointPolicy) 

# PutAccessPointPolicyForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see [Creating Object Lambda Access Points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/olap-create.html#olap-create-cli) in the *Amazon S3 User Guide*.

The following actions are related to `PutAccessPointPolicyForObjectLambda`:
+  [DeleteAccessPointPolicyForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicyForObjectLambda.html) 
+  [GetAccessPointPolicyForObjectLambda](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyForObjectLambda.html) 

## Request Syntax


```
PUT /v20180820/accesspointforobjectlambda/name/policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointPolicyForObjectLambdaRequest](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   
Root level tag for the PutAccessPointPolicyForObjectLambdaRequest parameters.  
Required: Yes

 ** [Policy](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   
Object Lambda Access Point resource policy document.  
Type: String  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample resource policy


The following illustrates a sample resource policy.

```
{
    "Version" : "2008-10-17",		 	 	 
    "Statement":[{
        "Sid": "Grant account 123456789012 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::123456789012:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        },
        {
        "Sid": "Grant account 444455556666 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::444455556666:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        }
    ]
}
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 

# PutAccessPointScope


Creates or replaces the access point scope for a directory bucket. You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.

**Note**  
You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.

To use this operation, you must have the permission to perform the `s3express:PutAccessPointScope` action.

For information about REST API errors, see [REST error responses](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
PUT /v20180820/accesspoint/name/scope HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
      
      
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointScope_RequestSyntax) **   
The name of the access point with the scope that you want to create or replace.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointScope_RequestSyntax) **   
 The AWS account ID that owns the access point with scope that you want to create or replace.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointScopeRequest](#API_control_PutAccessPointScope_RequestSyntax) **   
Root level tag for the PutAccessPointScopeRequest parameters.  
Required: Yes

 ** [Scope](#API_control_PutAccessPointScope_RequestSyntax) **   
Object prefixes, API operations, or a combination of both.  
Type: [Scope](API_control_Scope.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutAccessPointScope) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointScope) 

# PutBucketLifecycleConfiguration


**Note**  
This action puts a lifecycle configuration to an Amazon S3 on Outposts bucket. To put a lifecycle configuration to an S3 bucket, see [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) in the *Amazon S3 API Reference*. 

Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html#API_control_PutBucketLifecycleConfiguration_Examples) section.

The following actions are related to `PutBucketLifecycleConfiguration`:
+  [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 
+  [DeleteBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketLifecycleConfiguration.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/lifecycleconfiguration HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         
            integer
         
         
            timestamp
            integer
            boolean
         
         
            
               long
               long
               string
               
                  
                     string
                     string
                  
               
            
            long
            long
            string
            
               string
               string
            
         
         string
         
            integer
            integer
         
         
            
               integer
               string
            
         
         string
         
            
               timestamp
               integer
               string
            
         
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   
The name of the bucket for which to set the configuration.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [LifecycleConfiguration](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   
Root level tag for the LifecycleConfiguration parameters.  
Required: Yes

 ** [Rules](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   
A lifecycle rule for individual objects in an Outposts bucket.   
Type: Array of [LifecycleRule](API_control_LifecycleRule.md) data types  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample PutBucketLifecycleConfiguration request on an Amazon S3 on Outposts bucket


This request puts a lifecycle configuration on an Outposts bucket named `example-outpost-bucket`.

```
            PUT /v20180820/bucket/example-outpost-bucket/lifecycleconfiguration HTTP/1.1
            Host:s3-outposts..amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Content-Length: 0
            Date: Wed, 01 Mar  2006 12:00:00 GMT
            Content-MD5: q6yJDlIkcBaGGfb3QLY69A==
            Authorization: authorization string
            Content-Length: 214
            
            
              
                id2
                
                   logs/
                
                Enabled
                
                  365
                
              
            
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 

# PutBucketPolicy


**Note**  
This action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see [PutBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketPolicy.html) in the *Amazon S3 API Reference*. 

Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

If you are using an identity other than the root user of the AWS account that owns the Outposts bucket, the calling identity must have the `PutBucketPolicy` permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this action.

If you don't have `PutBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error.

**Important**  
 As a security precaution, the root user of the AWS account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action. 

For more information about bucket policies, see [Using Bucket Policies and User Policies](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketPolicy.html#API_control_PutBucketPolicy_Examples) section.

The following actions are related to `PutBucketPolicy`:
+  [GetBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketPolicy.html) 
+  [DeleteBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/policy HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
x-amz-confirm-remove-self-bucket-access: ConfirmRemoveSelfBucketAccess


   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketPolicy_RequestSyntax) **   
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketPolicy_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

 ** [x-amz-confirm-remove-self-bucket-access](#API_control_PutBucketPolicy_RequestSyntax) **   
Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future.  
This is not supported by Amazon S3 on Outposts buckets.

## Request Body


The request accepts the following data in XML format.

 ** [PutBucketPolicyRequest](#API_control_PutBucketPolicy_RequestSyntax) **   
Root level tag for the PutBucketPolicyRequest parameters.  
Required: Yes

 ** [Policy](#API_control_PutBucketPolicy_RequestSyntax) **   
The bucket policy as a JSON document.  
Type: String  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request for putting a bucket policy in an Amazon S3 on Outposts bucket


The following request shows the PUT an individual policy request for the Outposts bucket `example-outpost-bucket`.

```
PUT v20180820/bucket/example-outpost-bucket/policy HTTP/1.1
Host: s3-outposts..amazonaws.com  
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Authorization: authorization string
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
{
   "Version":"2012-10-17",		 	 	 
   "Id":"exampleS3OnOutpostBucketPolicy",
   "Statement":[
      {
         "Sid":"st1",
         "Effect":"Allow",
         "Principal":{
            "AWS":"example-account-id"
         },
         "Action":"s3-outposts:*",
         "Resource":"arn:aws:s3-outposts::example-account-id:outpost/op-01ac5d28a6a232904/bucket/example-outpost-bucket"
      }
   ]
}
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketPolicy) 

# PutBucketReplication


**Note**  
This action creates an Amazon S3 on Outposts bucket's replication configuration. To create an S3 bucket's replication configuration, see [PutBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) in the *Amazon S3 API Reference*. 

Creates a replication configuration or replaces an existing one. For information about S3 replication on Outposts configuration, see [Replicating objects for S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsReplication.html) in the *Amazon S3 User Guide*.

**Note**  
It can take a while to propagate `PUT` or `DELETE` requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a `GET` request soon after a `PUT` or `DELETE` request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.

Specify the replication configuration in the request body. In the replication configuration, you provide the following information:
+ The name of the destination bucket or buckets where you want S3 on Outposts to replicate objects
+ The AWS Identity and Access Management (IAM) role that S3 on Outposts can assume to replicate objects on your behalf
+ Other relevant information, such as replication rules

A replication configuration must include at least one rule and can contain a maximum of 100. Each rule identifies a subset of objects to replicate by filtering the objects in the source Outposts bucket. To choose additional subsets of objects to replicate, add a rule for each subset.

To specify a subset of the objects in the source Outposts bucket to apply a replication rule to, add the `Filter` element as a child of the `Rule` element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add the `Filter` element in the configuration, you must also add the following elements: `DeleteMarkerReplication`, `Status`, and `Priority`.

Using `PutBucketReplication` on Outposts requires that both the source and destination buckets must have versioning enabled. For information about enabling versioning on a bucket, see [Managing S3 Versioning for your S3 on Outposts bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsManagingVersioning.html).

For information about S3 on Outposts replication failure reasons, see [Replication failure reasons](https://docs.aws.amazon.com/AmazonS3/latest/userguide/outposts-replication-eventbridge.html#outposts-replication-failure-codes) in the *Amazon S3 User Guide*.

 **Handling Replication of Encrypted Objects** 

Outposts buckets are encrypted at all times. All the objects in the source Outposts bucket are encrypted and can be replicated. Also, all the replicas in the destination Outposts bucket are encrypted with the same encryption key as the objects in the source Outposts bucket.

 **Permissions** 

To create a `PutBucketReplication` request, you must have `s3-outposts:PutReplicationConfiguration` permissions for the bucket. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see [Setting up IAM with S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsIAM.html) and [Managing access to S3 on Outposts buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsBucketPolicy.html). 

**Note**  
To perform this operation, the user or role must also have the `iam:CreateRole` and `iam:PassRole` permissions. For more information, see [Granting a user permissions to pass a role to an AWS service](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketReplication.html#API_control_PutBucketReplication_Examples) section.

The following operations are related to `PutBucketReplication`:
+  [GetBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketReplication.html) 
+  [DeleteBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketReplication.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/replication HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   
      
         string
         
            string
         
         
            
               string
            
            string
            string
            
               string
            
            
               
                  integer
               
               string
            
            
               string
               
                  integer
               
            
            string
         
         
            string
         
         
            
               string
               
                  
                     string
                     string
                  
               
            
            string
            
               string
               string
            
         
         string
         string
         integer
         
            
               string
            
            
               string
            
         
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketReplication_RequestSyntax) **   
Specifies the S3 on Outposts bucket to set the configuration for.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketReplication_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [ReplicationConfiguration](#API_control_PutBucketReplication_RequestSyntax) **   
Root level tag for the ReplicationConfiguration parameters.  
Required: Yes

 ** [Role](#API_control_PutBucketReplication_RequestSyntax) **   
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that S3 on Outposts assumes when replicating objects. For information about S3 replication on Outposts configuration, see [Setting up replication](https://docs.aws.amazon.com/AmazonS3/latest/userguide/outposts-replication-how-setup.html) in the *Amazon S3 User Guide*.  
Type: String  
Required: Yes

 ** [Rules](#API_control_PutBucketReplication_RequestSyntax) **   
A container for one or more replication rules. A replication configuration must have at least one rule and can contain an array of 100 rules at the most.   
Type: Array of [ReplicationRule](API_control_ReplicationRule.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample Request: Add a replication configuration to an Amazon S3 on Outposts bucket


The following sample `PUT` request creates a replication subresource on the specified Outposts bucket named `example-outpost-bucket` and saves the replication configuration in it. The replication configuration specifies a rule to replicate objects to the `example-outpost-bucket` bucket. The rule includes a filter to replicate only the objects that are created with the key name prefix `TaxDocs` and that have two specific tags.

After you add a replication configuration to your Outposts bucket, S3 on Outposts assumes the AWS Identity and Access Management (IAM) role that's specified in the configuration to replicate objects on behalf of the Outposts bucket owner. The bucket owner is the AWS account that created the Outposts bucket.

Filtering by using the `Filter` element is supported in the latest XML configuration. The earlier version of the XML configuration isn't supported.

For more examples of S3 replication on Outposts configuration, see [Creating replication rules on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-between-outposts.html) in the *Amazon S3 User Guide*.

```
PUT /v20180820/bucket/example-outpost-bucket/replication HTTP/1.1
Host:s3-outposts..amazonaws.com
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
Authorization: authorization string



  arn:aws:iam::35667example:role/ReplicationRoleForS3Outposts
  
   
      arn:aws:s3-outposts:us-east-1:example-account-id:outpost/SOURCE-OUTPOST-ID/accesspoint/SOURCE-OUTPOSTS-BUCKET-ACCESS-POINT
      rule1
      Enabled
      1
      
         Disabled
      
      
         
            TaxDocs
            
               key1
               value1
            
            
               key2
               value2
            
         
      
      
         arn:aws:s3-outposts:us-east-1:example-account-id:outpost/DESTINATION-OUTPOST-ID/accesspoint/DESTINATION-OUTPOSTS-BUCKET-ACCESS-POINT
      
   
   

```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutBucketReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketReplication) 

# PutBucketTagging


**Note**  
This action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) in the *Amazon S3 API Reference*. 

Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

Use tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tagging](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html).

**Note**  
Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [ Using cost allocation in Amazon S3 bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html).

To use this action, you must have permissions to perform the `s3-outposts:PutBucketTagging` action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [ Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html).

 `PutBucketTagging` has the following special errors:
+ Error code: `InvalidTagError` 
  + Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For information about tag restrictions, see [ User-Defined Tag Restrictions](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) and [AWS-Generated Cost Allocation Tag Restrictions](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/aws-tag-restrictions.html).
+ Error code: `MalformedXMLError` 
  + Description: The XML provided does not match the schema.
+ Error code: `OperationAbortedError ` 
  + Description: A conflicting conditional action is currently in progress against this resource. Try again.
+ Error code: `InternalError` 
  + Description: The service was unable to apply the provided tag to the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketTagging.html#API_control_PutBucketTagging_Examples) section.

The following actions are related to `PutBucketTagging`:
+  [GetBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketTagging.html) 
+  [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketTagging.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/tagging HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketTagging_RequestSyntax) **   
The Amazon Resource Name (ARN) of the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:::outpost//bucket/`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketTagging_RequestSyntax) **   
The AWS account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [Tagging](#API_control_PutBucketTagging_RequestSyntax) **   
Root level tag for the Tagging parameters.  
Required: Yes

 ** [TagSet](#API_control_PutBucketTagging_RequestSyntax) **   
A collection for a set of tags.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request: Add tag set to an Amazon S3 on Outposts bucket


The following request adds a tag set to the existing `example-outpost-bucket` bucket.

```
PUT v20180820/bucket/example-outpost-bucket/tagging HTTP/1.1
Host: s3-outposts..amazonaws.com
Content-Length: 1660
x-amz-date: Thu, 12 Nov 2020 20:04:21 GMT
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
Authorization: authorization string


  
    
      Project
      Project One
    
    
      User
      jsmith
    
  

```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutBucketTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketTagging) 

# PutBucketVersioning


**Note**  
This operation sets the versioning state for S3 on Outposts buckets only. To set the versioning state for an S3 bucket, see [PutBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html) in the *Amazon S3 API Reference*. 

Sets the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures.

You can set the versioning state to one of the following:
+  **Enabled** - Enables versioning for the objects in the bucket. All objects added to the bucket receive a unique version ID.
+  **Suspended** - Suspends versioning for the objects in the bucket. All objects added to the bucket receive the version ID `null`.

If you've never set versioning on your bucket, it has no versioning state. In that case, a [ GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketVersioning.html) request does not return a versioning state value.

When you enable S3 Versioning, for each object in your bucket, you have a current version and zero or more noncurrent versions. You can configure your bucket S3 Lifecycle rules to expire noncurrent versions after a specified time period. For more information, see [ Creating and managing a lifecycle configuration for your S3 on Outposts bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3OutpostsLifecycleManaging.html) in the *Amazon S3 User Guide*.

If you have an object expiration lifecycle configuration in your non-versioned bucket and you want to maintain the same permanent delete behavior when you enable versioning, you must add a noncurrent expiration policy. The noncurrent expiration lifecycle configuration will manage the deletes of the noncurrent object versions in the version-enabled bucket. For more information, see [Versioning](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Versioning.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketVersioning.html#API_control_PutBucketVersioning_Examples) section.

The following operations are related to `PutBucketVersioning` for S3 on Outposts.
+  [GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketVersioning.html) 
+  [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/versioning HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
x-amz-mfa: MFA


   string
   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketVersioning_RequestSyntax) **   
The S3 on Outposts bucket to set the versioning state for.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketVersioning_RequestSyntax) **   
The AWS account ID of the S3 on Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

 ** [x-amz-mfa](#API_control_PutBucketVersioning_RequestSyntax) **   
The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.

## Request Body


The request accepts the following data in XML format.

 ** [VersioningConfiguration](#API_control_PutBucketVersioning_RequestSyntax) **   
Root level tag for the VersioningConfiguration parameters.  
Required: Yes

 ** [MFADelete](#API_control_PutBucketVersioning_RequestSyntax) **   
Specifies whether MFA delete is enabled or disabled in the bucket versioning configuration for the S3 on Outposts bucket.  
Type: String  
Valid Values: `Enabled | Disabled`   
Required: No

 ** [Status](#API_control_PutBucketVersioning_RequestSyntax) **   
Sets the versioning state of the S3 on Outposts bucket.  
Type: String  
Valid Values: `Enabled | Suspended`   
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample PutBucketVersioning request on an Amazon S3 on Outposts bucket


This request sets the versioning state on an S3 on Outposts bucket that's named `example-outpost-bucket`.

```
            PUT /v20180820/bucket/example-outpost-bucket/?versioning HTTP/1.1
            Host:s3-outposts.region-code.amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Content-Length: 0
            Date: Wed, 25 May  2022 12:00:00 GMT
            Content-MD5: q6yJDlIkcBaGGfb3QLY69A==
            Authorization: authorization string
            Content-Length: 214
            
            
            Enabled 
           
```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutBucketVersioning) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketVersioning) 

# PutJobTagging


Sets the supplied tag-set on an S3 Batch Operations job.

A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using [GetJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetJobTagging.html), modify that tag set, and use this operation to replace the tag set with the one you modified. For more information, see [Controlling access and labeling jobs using tags](https://docs.aws.amazon.com/AmazonS3/latest/dev/batch-ops-managing-jobs.html#batch-ops-job-tags) in the *Amazon S3 User Guide*. 

**Note**  
If you send this request with an empty tag set, Amazon S3 deletes the existing tag set on the Batch Operations job. If you use this method, you are charged for a Tier 1 Request (PUT). For more information, see [Amazon S3 pricing](http://aws.amazon.com/s3/pricing/).
For deleting existing tags for your Batch Operations job, a [DeleteJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteJobTagging.html) request is preferred because it achieves the same result without incurring charges.
A few things to consider about using tags:  
Amazon S3 limits the maximum number of tags to 50 tags per job.
You can associate up to 50 tags with a job as long as they have unique tag keys.
A tag key can be up to 128 Unicode characters in length, and tag values can be up to 256 Unicode characters in length.
The key and values are case sensitive.
For tagging-related restrictions related to characters and encodings, see [User-Defined Tag Restrictions](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) in the * AWS Billing and Cost Management User Guide*.

Permissions  
To use the `PutJobTagging` operation, you must have permission to perform the `s3:PutJobTagging` action.

Related actions include:
+  [CreateJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [GetJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetJobTagging.html) 
+  [DeleteJobTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteJobTagging.html) 

## Request Syntax


```
PUT /v20180820/jobs/id/tagging HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_PutJobTagging_RequestSyntax) **   
The ID for the S3 Batch Operations job whose tags you want to replace.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutJobTagging_RequestSyntax) **   
The AWS account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutJobTaggingRequest](#API_control_PutJobTagging_RequestSyntax) **   
Root level tag for the PutJobTaggingRequest parameters.  
Required: Yes

 ** [Tags](#API_control_PutJobTagging_RequestSyntax) **   
The set of tags to associate with the S3 Batch Operations job.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

 ** TooManyTagsException **   
Amazon S3 throws this exception if you have too many tags in your tag set.  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutJobTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutJobTagging) 

# PutMultiRegionAccessPointPolicy


**Note**  
This operation is not supported by directory buckets.

Associates an access control policy with the specified Multi-Region Access Point. Each Multi-Region Access Point can have only one policy, so a request made to this action replaces any existing policy that is associated with the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `PutMultiRegionAccessPointPolicy`:
+  [GetMultiRegionAccessPointPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicy.html) 
+  [GetMultiRegionAccessPointPolicyStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicyStatus.html) 

## Request Syntax


```
POST /v20180820/async-requests/mrap/put-policy HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string
   
      string
      string
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutMultiRegionAccessPointPolicyRequest](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   
Root level tag for the PutMultiRegionAccessPointPolicyRequest parameters.  
Required: Yes

 ** [ClientToken](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   
An idempotency token used to identify the request and guarantee that requests are unique.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `\S+`   
Required: Yes

 ** [Details](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   
A container element containing the details of the policy for the Multi-Region Access Point.  
Type: [PutMultiRegionAccessPointPolicyInput](API_control_PutMultiRegionAccessPointPolicyInput.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200


   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [PutMultiRegionAccessPointPolicyResult](#API_control_PutMultiRegionAccessPointPolicy_ResponseSyntax) **   
Root level tag for the PutMultiRegionAccessPointPolicyResult parameters.  
Required: Yes

 ** [RequestTokenARN](#API_control_PutMultiRegionAccessPointPolicy_ResponseSyntax) **   
The request token associated with the request. You can use this token with [DescribeMultiRegionAccessPointOperation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) to determine the status of asynchronous requests.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 

# PutPublicAccessBlock


**Note**  
This operation is not supported by directory buckets.

Creates or modifies the `PublicAccessBlock` configuration for an AWS account. This operation may be restricted when the account is managed by organization-level Block Public Access policies. You might get an Access Denied (403) error when the account is managed by organization-level Block Public Access policies. Organization-level policies override account-level settings, preventing direct account-level modifications. For this operation, users must have the `s3:PutAccountPublicAccessBlock` permission. For more information, see [ Using Amazon S3 block public access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html).

Related actions include:
+  [GetPublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetPublicAccessBlock.html) 
+  [DeletePublicAccessBlock](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeletePublicAccessBlock.html) 

## Request Syntax


```
PUT /v20180820/configuration/publicAccessBlock HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   boolean
   boolean
   boolean
   boolean

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_PutPublicAccessBlock_RequestSyntax) **   
The account ID for the AWS account whose `PublicAccessBlock` configuration you want to set.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PublicAccessBlockConfiguration](#API_control_PutPublicAccessBlock_RequestSyntax) **   
Root level tag for the PublicAccessBlockConfiguration parameters.  
Required: Yes

 ** [BlockPublicAcls](#API_control_PutPublicAccessBlock_RequestSyntax) **   
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:  
+  `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.
+ PUT Object calls fail if the request includes a public ACL.
+ PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

 ** [BlockPublicPolicy](#API_control_PutPublicAccessBlock_RequestSyntax) **   
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.   
Enabling this setting doesn't affect existing bucket policies.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

 ** [IgnorePublicAcls](#API_control_PutPublicAccessBlock_RequestSyntax) **   
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.   
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

 ** [RestrictPublicBuckets](#API_control_PutPublicAccessBlock_RequestSyntax) **   
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.  
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutPublicAccessBlock) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutPublicAccessBlock) 

# PutStorageLensConfiguration


**Note**  
This operation is not supported by directory buckets.

Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Working with Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*. For a complete list of S3 Storage Lens metrics, see [S3 Storage Lens metrics glossary](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_metrics_glossary.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:PutStorageLensConfiguration` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
PUT /v20180820/storagelens/storagelensid HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         
            boolean
         
         
            boolean
         
         
            boolean
         
         
            boolean
         
         
            
               boolean
            
            
               boolean
            
            
               boolean
            
            
               boolean
            
            
               boolean
            
            
               
                  boolean
                  
                     string
                     integer
                     double
                  
               
            
         
         
            boolean
         
         
            
               
                  string
               
               
                  string
               
            
         
      
      
         string
      
      
         
            boolean
         
         
            string
            string
            
               
                  string
               
               
               
            
            string
            string
            string
         
         
            
               
                  string
               
               
               
            
            boolean
         
      
      
         
            string
         
         
            string
         
      
      
         
            string
            string
            
               
                  string
               
               
               
            
            string
            string
            string
         
         
            
               
                  string
               
               
               
            
            boolean
         
      
      string
      
         
            string
         
         
            string
         
      
      boolean
      string
      string
   
   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_PutStorageLensConfiguration_RequestSyntax) **   
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutStorageLensConfiguration_RequestSyntax) **   
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutStorageLensConfigurationRequest](#API_control_PutStorageLensConfiguration_RequestSyntax) **   
Root level tag for the PutStorageLensConfigurationRequest parameters.  
Required: Yes

 ** [StorageLensConfiguration](#API_control_PutStorageLensConfiguration_RequestSyntax) **   
The S3 Storage Lens configuration.  
Type: [StorageLensConfiguration](API_control_StorageLensConfiguration.md) data type  
Required: Yes

 ** [Tags](#API_control_PutStorageLensConfiguration_RequestSyntax) **   
The tag set of the S3 Storage Lens configuration.  
You can set up to a maximum of 50 tags.
Type: Array of [StorageLensTag](API_control_StorageLensTag.md) data types  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutStorageLensConfiguration) 

# PutStorageLensConfigurationTagging


**Note**  
This operation is not supported by directory buckets.

Put or replace tags on an existing Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:PutStorageLensConfigurationTagging` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
PUT /v20180820/storagelens/storagelensid/tagging HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutStorageLensConfigurationTaggingRequest](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   
Root level tag for the PutStorageLensConfigurationTaggingRequest parameters.  
Required: Yes

 ** [Tags](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   
The tag set of the S3 Storage Lens configuration.  
You can set up to a maximum of 50 tags.
Type: Array of [StorageLensTag](API_control_StorageLensTag.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 

# SubmitMultiRegionAccessPointRoutes


**Note**  
This operation is not supported by directory buckets.

Submits an updated route configuration for a Multi-Region Access Point. This API operation updates the routing status for the specified Regions from active to passive, or from passive to active. A value of `0` indicates a passive status, which means that traffic won't be routed to the specified Region. A value of `100` indicates an active status, which means that traffic will be routed to the specified Region. At least one Region must be active at all times.

When the routing configuration is changed, any in-progress operations (uploads, copies, deletes, and so on) to formerly active Regions will continue to run to their final completion state (success or failure). The routing configurations of any Regions that aren’t specified remain unchanged.

**Note**  
Updated routing configurations might not be immediately applied. It can take up to 2 minutes for your changes to take effect.

To submit routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five AWS Regions:
+  `us-east-1` 
+  `us-west-2` 
+  `ap-southeast-2` 
+  `ap-northeast-1` 
+  `eu-west-1` 

## Request Syntax


```
PATCH /v20180820/mrap/instances/mrap+/routes HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
         string
         integer
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [mrap](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   
The Multi-Region Access Point ARN.  
Length Constraints: Maximum length of 200.  
Pattern: `^[a-zA-Z0-9\:.-]{3,200}$`   
Required: Yes

 ** [x-amz-account-id](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   
The AWS account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [SubmitMultiRegionAccessPointRoutesRequest](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   
Root level tag for the SubmitMultiRegionAccessPointRoutesRequest parameters.  
Required: Yes

 ** [RouteUpdates](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   
The different routes that make up the new route configuration. Active routes return a value of `100`, and passive routes return a value of `0`.  
Type: Array of [MultiRegionAccessPointRoute](API_control_MultiRegionAccessPointRoute.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request for initiating failover


In the following example, the request to submit these routing changes to initiate a failover is sent to the failover control infrastructure in the `us-east-1` Region. In this example, the `eu-north-1` Region is set to active, and the `ap-northeast-3` Region is set to passive. In other words, the `ap-northeast-3` Region is failed over to the `eu-north-1` Region.

```
PATCH /v20180820/mrap/instances//routes HTTP/1.1
Host: example-account-id.s3-control.us-east-1.amazonaws.com
            

  
     
      eu-north-1
      example-bucket-eu-north-1
      100
     
     
      ap-northeast-3
      example-bucket-ap-northeast-3
      0
     
  

```

### Sample request for setting a Region to active status


The following request updates the route configuration of the `eu-north-1` Region to active. The request is sent to the failover control infrastructure in the `eu-west-1` Region.

```
PATCH /v20180820/mrap/instances//routes HTTP/1.1
Host: example-account-id.s3-control.eu-west-1.amazonaws.com


   
    
      eu-north-1
      example-bucket-eu-north-1
      100
    
   

```

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 

# TagResource


 Creates a new user-defined tag or updates an existing tag. Each tag is a label consisting of a key and value that is applied to your resource. Tags can help you organize, track costs for, and control access to your resources. You can add up to 50 AWS resource tags for each S3 resource. 

**Note**  
This operation is only supported for the following Amazon S3 resource:  
 [General purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging.html) 
 [Access Points for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-db-tagging.html) 
 [Access Points for general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-tagging.html) 
 [Directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) 
 [S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-lens-groups.html) 
 [S3 Access Grants instances, registered locations, or grants](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-tagging.html).

Permissions  
For general purpose buckets, access points for general purpose buckets, Storage Lens groups, and S3 Access Grants, you must have the `s3:TagResource` permission to use this operation. 

Directory bucket permissions  
For directory buckets, you must have the `s3express:TagResource` permission to use this operation. For more information about directory buckets policies and permissions, see [Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-permissions.html) in the *Amazon S3 User Guide*.

HTTP Host header syntax  
 **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`.

For information about S3 Tagging errors, see [List of Amazon S3 Tagging error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3TaggingErrorCodeList).

## Request Syntax


```
POST /v20180820/tags/resourceArn+ HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         string
         string
      
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_control_TagResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the S3 resource that you're applying tags to. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.  
Length Constraints: Maximum length of 1011.  
Pattern: `arn:[^:]+:s3(express)?:[^:].*`   
Required: Yes

 ** [x-amz-account-id](#API_control_TagResource_RequestSyntax) **   
 The AWS account ID that created the S3 resource that you're trying to add tags to or the requester's account ID.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [TagResourceRequest](#API_control_TagResource_RequestSyntax) **   
Root level tag for the TagResourceRequest parameters.  
Required: Yes

 ** [Tags](#API_control_TagResource_RequestSyntax) **   
 The AWS resource tags that you want to add to the specified S3 resource.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: Yes

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/TagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/TagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/TagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/TagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/TagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/TagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/TagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/TagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/TagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/TagResource) 

# UntagResource


This operation removes the specified user-defined tags from an S3 resource. You can pass one or more tag keys. 

**Note**  
This operation is only supported for the following Amazon S3 resources:  
 [General purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging.html) 
 [Access Points for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-db-tagging.html) 
 [Access Points for general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-tagging.html) 
 [Directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) 
 [S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-lens-groups.html) 
 [S3 Access Grants instances, registered locations, and grants](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-tagging.html).

Permissions  
For general purpose buckets, access points for general purpose buckets, Storage Lens groups, and S3 Access Grants, you must have the `s3:UntagResource` permission to use this operation. 

Directory bucket permissions  
For directory buckets, you must have the `s3express:UntagResource` permission to use this operation. For more information about directory buckets policies and permissions, see [Identity and Access Management (IAM) for S3 Express One Zone](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-permissions.html) in the *Amazon S3 User Guide*.

HTTP Host header syntax  
 **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`.

For information about S3 Tagging errors, see [List of Amazon S3 Tagging error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3TaggingErrorCodeList).

## Request Syntax


```
DELETE /v20180820/tags/resourceArn+?tagKeys=TagKeys HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_control_UntagResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the S3 resource that you're removing tags from. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.  
Length Constraints: Maximum length of 1011.  
Pattern: `arn:[^:]+:s3(express)?:[^:].*`   
Required: Yes

 ** [tagKeys](#API_control_UntagResource_RequestSyntax) **   
 The array of tag key-value pairs that you're trying to remove from of the S3 resource.   
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Length Constraints: Minimum length of 1. Maximum length of 128.  
Pattern: `^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`   
Required: Yes

 ** [x-amz-account-id](#API_control_UntagResource_RequestSyntax) **   
 The AWS account ID that owns the resource that you're trying to remove the tags from.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/UntagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/UntagResource) 

# UpdateAccessGrantsLocation


Updates the IAM role of a registered location in your S3 Access Grants instance.

Permissions  
You must have the `s3:UpdateAccessGrantsLocation` permission to use this operation. 

Additional Permissions  
You must also have the following permission: `iam:PassRole` 

## Request Syntax


```
PUT /v20180820/accessgrantsinstance/location/id HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   string

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   
The ID of the registered location that you are updating. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
The ID of the registered location to which you are granting access. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
If you are passing the `default` location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the `Subprefix` field.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   
The AWS account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [UpdateAccessGrantsLocationRequest](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   
Root level tag for the UpdateAccessGrantsLocationRequest parameters.  
Required: Yes

 ** [IAMRoleArn](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200


   timestamp
   string
   string
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [UpdateAccessGrantsLocationResult](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   
Root level tag for the UpdateAccessGrantsLocationResult parameters.  
Required: Yes

 ** [AccessGrantsLocationArn](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the registered location that you are updating.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/location/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationId](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   
The ID of the registered location to which you are granting access. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   
The date and time when you registered the location.   
Type: Timestamp

 ** [IAMRoleArn](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the IAM role of the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*` 

 ** [LocationScope](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   
The S3 URI path of the location that you are updating. You cannot update the scope of the registered location. The location scope can be the default S3 location `s3://`, the S3 path to a bucket `s3://`, or the S3 path to a bucket and prefix `s3:///`.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/UpdateAccessGrantsLocation) 

# UpdateJobPriority


Updates an existing S3 Batch Operations job's priority. For more information, see [S3 Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `UpdateJobPriority` operation, you must have permission to perform the `s3:UpdateJobPriority` action.

Related actions include:
+  [CreateJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [ListJobs](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [DescribeJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [UpdateJobStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
POST /v20180820/jobs/id/priority?priority=Priority HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_UpdateJobPriority_RequestSyntax) **   
The ID for the job whose priority you want to update.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [priority](#API_control_UpdateJobPriority_RequestSyntax) **   
The priority you want to assign to this job.  
Valid Range: Minimum value of 0. Maximum value of 2147483647.  
Required: Yes

 ** [x-amz-account-id](#API_control_UpdateJobPriority_RequestSyntax) **   
The AWS account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   integer

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [UpdateJobPriorityResult](#API_control_UpdateJobPriority_ResponseSyntax) **   
Root level tag for the UpdateJobPriorityResult parameters.  
Required: Yes

 ** [JobId](#API_control_UpdateJobPriority_ResponseSyntax) **   
The ID for the job whose priority Amazon S3 updated.  
Type: String  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+` 

 ** [Priority](#API_control_UpdateJobPriority_ResponseSyntax) **   
The new priority assigned to the specified job.  
Type: Integer  
Valid Range: Minimum value of 0. Maximum value of 2147483647.

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/UpdateJobPriority) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/UpdateJobPriority) 

# UpdateJobStatus


Updates the status for the specified job. Use this operation to confirm that you want to run a job or to cancel an existing job. For more information, see [S3 Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `UpdateJobStatus` operation, you must have permission to perform the `s3:UpdateJobStatus` action.

Related actions include:
+  [CreateJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [ListJobs](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [DescribeJob](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [UpdateJobStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
POST /v20180820/jobs/id/status?requestedJobStatus=RequestedJobStatus&statusUpdateReason=StatusUpdateReason HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_UpdateJobStatus_RequestSyntax) **   
The ID of the job whose status you want to update.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [requestedJobStatus](#API_control_UpdateJobStatus_RequestSyntax) **   
The status that you want to move the specified job to.  
Valid Values: `Cancelled | Ready`   
Required: Yes

 ** [statusUpdateReason](#API_control_UpdateJobStatus_RequestSyntax) **   
A description of the reason why you want to change the specified job's status. This field can be any string up to the maximum length.  
Length Constraints: Minimum length of 1. Maximum length of 256.

 ** [x-amz-account-id](#API_control_UpdateJobStatus_RequestSyntax) **   
The AWS account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200


   string
   string
   string

```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [UpdateJobStatusResult](#API_control_UpdateJobStatus_ResponseSyntax) **   
Root level tag for the UpdateJobStatusResult parameters.  
Required: Yes

 ** [JobId](#API_control_UpdateJobStatus_ResponseSyntax) **   
The ID for the job whose status was updated.  
Type: String  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+` 

 ** [Status](#API_control_UpdateJobStatus_ResponseSyntax) **   
The current status for the specified job.  
Type: String  
Valid Values: `Active | Cancelled | Cancelling | Complete | Completing | Failed | Failing | New | Paused | Pausing | Preparing | Ready | Suspended` 

 ** [StatusUpdateReason](#API_control_UpdateJobStatus_ResponseSyntax) **   
The reason that the specified job's status was updated.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 256.

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** JobStatusException **   
  
HTTP Status Code: 400

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/UpdateJobStatus) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/UpdateJobStatus) 

# UpdateStorageLensGroup


 Updates the existing Storage Lens group.

To use this operation, you must have the permission to perform the `s3:UpdateStorageLensGroup` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
PUT /v20180820/storagelensgroup/name HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId


   
      
         
            
               string
            
            
               string
            
            
               
                  string
                  string
               
            
            
               integer
               integer
            
            
               long
               long
            
         
         
            string
         
         
            string
         
         
            
               string
               string
            
         
         
            integer
            integer
         
         
            long
            long
         
         
            
               string
            
            
               string
            
            
               
                  string
                  string
               
            
            
               integer
               integer
            
            
               long
               long
            
         
      
      string
      string
   

```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_UpdateStorageLensGroup_RequestSyntax) **   
 The name of the Storage Lens group that you want to update.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_UpdateStorageLensGroup_RequestSyntax) **   
 The AWS account ID of the Storage Lens group owner.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [UpdateStorageLensGroupRequest](#API_control_UpdateStorageLensGroup_RequestSyntax) **   
Root level tag for the UpdateStorageLensGroupRequest parameters.  
Required: Yes

 ** [StorageLensGroup](#API_control_UpdateStorageLensGroup_RequestSyntax) **   
 The JSON file that contains the Storage Lens group configuration.   
Type: [StorageLensGroup](API_control_StorageLensGroup.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3control-2018-08-20/UpdateStorageLensGroup) 

# Amazon S3 Files


The following actions are supported by Amazon S3 Files:
+  [CreateAccessPoint](API_S3Files_CreateAccessPoint.md) 
+  [CreateFileSystem](API_S3Files_CreateFileSystem.md) 
+  [CreateMountTarget](API_S3Files_CreateMountTarget.md) 
+  [DeleteAccessPoint](API_S3Files_DeleteAccessPoint.md) 
+  [DeleteFileSystem](API_S3Files_DeleteFileSystem.md) 
+  [DeleteFileSystemPolicy](API_S3Files_DeleteFileSystemPolicy.md) 
+  [DeleteMountTarget](API_S3Files_DeleteMountTarget.md) 
+  [GetAccessPoint](API_S3Files_GetAccessPoint.md) 
+  [GetFileSystem](API_S3Files_GetFileSystem.md) 
+  [GetFileSystemPolicy](API_S3Files_GetFileSystemPolicy.md) 
+  [GetMountTarget](API_S3Files_GetMountTarget.md) 
+  [GetSynchronizationConfiguration](API_S3Files_GetSynchronizationConfiguration.md) 
+  [ListAccessPoints](API_S3Files_ListAccessPoints.md) 
+  [ListFileSystems](API_S3Files_ListFileSystems.md) 
+  [ListMountTargets](API_S3Files_ListMountTargets.md) 
+  [ListTagsForResource](API_S3Files_ListTagsForResource.md) 
+  [PutFileSystemPolicy](API_S3Files_PutFileSystemPolicy.md) 
+  [PutSynchronizationConfiguration](API_S3Files_PutSynchronizationConfiguration.md) 
+  [TagResource](API_S3Files_TagResource.md) 
+  [UntagResource](API_S3Files_UntagResource.md) 
+  [UpdateMountTarget](API_S3Files_UpdateMountTarget.md) 

# CreateAccessPoint


Creates an S3 File System Access Point for application-specific access with POSIX user identity and root directory enforcement. Access points provide a way to manage access to shared datasets in multi-tenant scenarios.

## Request Syntax


```
PUT /access-points HTTP/1.1
Content-type: application/json

{
   "clientToken": "string",
   "fileSystemId": "string",
   "posixUser": { 
      "gid": number,
      "secondaryGids": [ number ],
      "uid": number
   },
   "rootDirectory": { 
      "creationPermissions": { 
         "ownerGid": number,
         "ownerUid": number,
         "permissions": "string"
      },
      "path": "string"
   },
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [clientToken](#API_S3Files_CreateAccessPoint_RequestSyntax) **   
A unique, case-sensitive identifier to ensure that the operation completes no more than one time. If this token matches a previous request, AWS ignores the request, but does not return an error.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `(.+)`   
Required: No

 ** [fileSystemId](#API_S3Files_CreateAccessPoint_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

 ** [posixUser](#API_S3Files_CreateAccessPoint_RequestSyntax) **   
The POSIX identity with uid, gid, and secondary group IDs for user enforcement when accessing the file system through this access point.  
Type: [PosixUser](API_S3Files_PosixUser.md) object  
Required: No

 ** [rootDirectory](#API_S3Files_CreateAccessPoint_RequestSyntax) **   
The root directory path for the access point, with optional creation permissions for newly created directories.  
Type: [RootDirectory](API_S3Files_RootDirectory.md) object  
Required: No

 ** [tags](#API_S3Files_CreateAccessPoint_RequestSyntax) **   
An array of key-value pairs to apply to the access point for resource tagging.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "accessPointArn": "string",
   "accessPointId": "string",
   "clientToken": "string",
   "fileSystemId": "string",
   "name": "string",
   "ownerId": "string",
   "posixUser": { 
      "gid": number,
      "secondaryGids": [ number ],
      "uid": number
   },
   "rootDirectory": { 
      "creationPermissions": { 
         "ownerGid": number,
         "ownerUid": number,
         "permissions": "string"
      },
      "path": "string"
   },
   "status": "string",
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [accessPointArn](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the access point.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}/access-point/fsap-[0-9a-f]{17,40}` 

 ** [accessPointId](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The ID of the access point.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}/access-point/fsap-[0-9a-f]{17,40}|fsap-[0-9a-f]{17,40})` 

 ** [clientToken](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The client token that was provided in the request.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `(.+)` 

 ** [fileSystemId](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The ID of the S3 File System.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [name](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The name of the access point.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)` 

 ** [ownerId](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The AWS account ID of the access point owner.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 12.  
Pattern: `(\d{12})|(\d{4}-{4}-\d{4})` 

 ** [posixUser](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The POSIX identity configured for this access point.  
Type: [PosixUser](API_S3Files_PosixUser.md) object

 ** [rootDirectory](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The root directory configuration for this access point.  
Type: [RootDirectory](API_S3Files_RootDirectory.md) object

 ** [status](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The current status of the access point.  
Type: String  
Valid Values: `available | creating | deleting | deleted | error | updating` 

 ** [tags](#API_S3Files_CreateAccessPoint_ResponseSyntax) **   
The tags associated with the access point.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.

## Errors


 ** ConflictException **   
The request conflicts with the current state of the resource. This can occur when trying to create a resource that already exists or delete a resource that is in use.    
 ** errorCode **   
The error code associated with the exception.  
 ** resourceId **   
The identifier of the resource that caused the conflict.  
 ** resourceType **   
The type of the resource that caused the conflict.
HTTP Status Code: 409

 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ServiceQuotaExceededException **   
The request would exceed a service quota. Review your service quotas and either delete resources or request a quota increase.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 402

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/CreateAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/CreateAccessPoint) 

# CreateFileSystem


Creates an S3 File System resource scoped to a bucket or prefix within a bucket, enabling file system access to S3 data. To create a file system, you need an S3 bucket and an IAM role that grants the service permission to access the bucket.

## Request Syntax


```
PUT /file-systems HTTP/1.1
Content-type: application/json

{
   "acceptBucketWarning": boolean,
   "bucket": "string",
   "clientToken": "string",
   "kmsKeyId": "string",
   "prefix": "string",
   "roleArn": "string",
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [acceptBucketWarning](#API_S3Files_CreateFileSystem_RequestSyntax) **   
Set to true to acknowledge and accept any warnings about the bucket configuration. If not specified, the operation may fail if there are bucket configuration warnings.  
Type: Boolean  
Required: No

 ** [bucket](#API_S3Files_CreateFileSystem_RequestSyntax) **   
The Amazon Resource Name (ARN) of the S3 bucket that will be accessible through the file system. The bucket must exist and be in the same AWS Region as the file system.  
Type: String  
Pattern: `(arn:aws[a-zA-Z0-9-]*:s3:::.+)`   
Required: Yes

 ** [clientToken](#API_S3Files_CreateFileSystem_RequestSyntax) **   
A unique, case-sensitive identifier that you provide to ensure idempotent creation. Up to 64 ASCII characters are allowed. If you don't specify a client token, the AWS SDK automatically generates one.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `(.+)`   
Required: No

 ** [kmsKeyId](#API_S3Files_CreateFileSystem_RequestSyntax) **   
The ARN, key ID, or alias of the AWS KMS key to use for encryption. If not specified, the service uses a service-owned key for encryption. You can specify a KMS key using the following formats: key ID, ARN, key alias, or key alias ARN. If you use `KmsKeyId`, the file system will be encrypted.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 2048.  
Pattern: `([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|mrk-[0-9a-f]{32}|alias/[a-zA-Z0-9/_-]+|(arn:aws[-a-z]*:kms:[a-z0-9-]+:\d{12}:((key/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})|(key/mrk-[0-9a-f]{32})|(alias/[a-zA-Z0-9/_-]+))))`   
Required: No

 ** [prefix](#API_S3Files_CreateFileSystem_RequestSyntax) **   
An optional prefix within the S3 bucket to scope the file system access. If specified, the file system provides access only to objects with keys that begin with this prefix. If not specified, the file system provides access to the entire bucket.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 1024.  
Pattern: `(|.*/)`   
Required: No

 ** [roleArn](#API_S3Files_CreateFileSystem_RequestSyntax) **   
The ARN of the IAM role that grants the S3 Files service permission to read and write data between the file system and the S3 bucket. This role must have the necessary permissions to access the specified bucket and prefix.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 2048.  
Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+`   
Required: Yes

 ** [tags](#API_S3Files_CreateFileSystem_RequestSyntax) **   
An array of key-value pairs to apply as tags to the file system resource. Each tag is a user-defined key-value pair. You can use tags to categorize and manage your file systems. Each key must be unique for the resource.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 201
Content-type: application/json

{
   "bucket": "string",
   "clientToken": "string",
   "creationTime": number,
   "fileSystemArn": "string",
   "fileSystemId": "string",
   "kmsKeyId": "string",
   "name": "string",
   "ownerId": "string",
   "prefix": "string",
   "roleArn": "string",
   "status": "string",
   "statusMessage": "string",
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 201 response.

The following data is returned in JSON format by the service.

 ** [bucket](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the S3 bucket associated with the file system.  
Type: String  
Pattern: `(arn:aws[a-zA-Z0-9-]*:s3:::.+)` 

 ** [clientToken](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The client token used for idempotency.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `(.+)` 

 ** [creationTime](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The time when the file system was created, in seconds since 1970-01-01T00:00:00Z (Unix epoch time).  
Type: Timestamp

 ** [fileSystemArn](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The ARN for the S3 file system, in the format `arn:aws:s3files:region:account-id:file-system/file-system-id`.  
Type: String  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40})` 

 ** [fileSystemId](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The ID of the file system, assigned by S3 Files. This ID is used to reference the file system in subsequent API calls.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [kmsKeyId](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The ARN or alias of the AWS KMS key used for encryption.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 2048.  
Pattern: `([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|mrk-[0-9a-f]{32}|alias/[a-zA-Z0-9/_-]+|(arn:aws[-a-z]*:kms:[a-z0-9-]+:\d{12}:((key/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})|(key/mrk-[0-9a-f]{32})|(alias/[a-zA-Z0-9/_-]+))))` 

 ** [name](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The name of the file system, derived from the `Name` tag if present.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)` 

 ** [ownerId](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The AWS account ID of the file system owner.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 12.  
Pattern: `(\d{12})|(\d{4}-{4}-\d{4})` 

 ** [prefix](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The prefix within the S3 bucket that scopes the file system access.  
Type: String

 ** [roleArn](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The ARN of the IAM role used for S3 access.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 2048.  
Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+` 

 ** [status](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The lifecycle state of the file system. Valid values are: `AVAILABLE` (the file system is available for use), `CREATING` (the file system is being created), `DELETING` (the file system is being deleted), `DELETED` (the file system has been deleted), `ERROR` (the file system is in an error state), or `UPDATING` (the file system is being updated).  
Type: String  
Valid Values: `available | creating | deleting | deleted | error | updating` 

 ** [statusMessage](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
Additional information about the file system status. This field provides more details when the status is `ERROR`, or during state transitions.  
Type: String

 ** [tags](#API_S3Files_CreateFileSystem_ResponseSyntax) **   
The tags associated with the file system.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.

## Errors


 ** ConflictException **   
The request conflicts with the current state of the resource. This can occur when trying to create a resource that already exists or delete a resource that is in use.    
 ** errorCode **   
The error code associated with the exception.  
 ** resourceId **   
The identifier of the resource that caused the conflict.  
 ** resourceType **   
The type of the resource that caused the conflict.
HTTP Status Code: 409

 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ServiceQuotaExceededException **   
The request would exceed a service quota. Review your service quotas and either delete resources or request a quota increase.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 402

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/CreateFileSystem) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/CreateFileSystem) 

# CreateMountTarget


Creates a mount target resource as an endpoint for mounting the S3 File System from compute resources in a specific Availability Zone and VPC. Mount targets provide network access to the file system.

## Request Syntax


```
PUT /mount-targets HTTP/1.1
Content-type: application/json

{
   "fileSystemId": "string",
   "ipAddressType": "string",
   "ipv4Address": "string",
   "ipv6Address": "string",
   "securityGroups": [ "string" ],
   "subnetId": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [fileSystemId](#API_S3Files_CreateMountTarget_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System to create the mount target for.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

 ** [ipAddressType](#API_S3Files_CreateMountTarget_RequestSyntax) **   
The IP address type for the mount target. If not specified, `IPV4_ONLY` is used. The IP address type must match the IP configuration of the specified subnet.  
Type: String  
Valid Values: `IPV4_ONLY | IPV6_ONLY | DUAL_STACK`   
Required: No

 ** [ipv4Address](#API_S3Files_CreateMountTarget_RequestSyntax) **   
A specific IPv4 address to assign to the mount target. If not specified and the IP address type supports IPv4, an address is automatically assigned from the subnet's available IPv4 address range. The address must be within the subnet's CIDR block and not already in use.  
Type: String  
Length Constraints: Minimum length of 7. Maximum length of 15.  
Pattern: `[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}`   
Required: No

 ** [ipv6Address](#API_S3Files_CreateMountTarget_RequestSyntax) **   
A specific IPv6 address to assign to the mount target. If not specified and the IP address type supports IPv6, an address is automatically assigned from the subnet's available IPv6 address range. The address must be within the subnet's IPv6 CIDR block and not already in use.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 39.  
Required: No

 ** [securityGroups](#API_S3Files_CreateMountTarget_RequestSyntax) **   
An array of VPC security group IDs to associate with the mount target's network interface. These security groups control network access to the mount target. If not specified, the default security group for the subnet's VPC is used. All security groups must belong to the same VPC as the subnet.  
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 11. Maximum length of 43.  
Pattern: `(sg-[0-9a-f]{8,40})`   
Required: No

 ** [subnetId](#API_S3Files_CreateMountTarget_RequestSyntax) **   
The ID of the subnet where the mount target will be created. The subnet must be in the same AWS Region as the file system. For file systems with regional availability, you can create mount targets in any subnet within the Region. The subnet determines the Availability Zone where the mount target will be located.  
Type: String  
Length Constraints: Minimum length of 15. Maximum length of 47.  
Pattern: `subnet-[0-9a-f]{8,40}`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "availabilityZoneId": "string",
   "fileSystemId": "string",
   "ipv4Address": "string",
   "ipv6Address": "string",
   "mountTargetId": "string",
   "networkInterfaceId": "string",
   "ownerId": "string",
   "securityGroups": [ "string" ],
   "status": "string",
   "statusMessage": "string",
   "subnetId": "string",
   "vpcId": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [availabilityZoneId](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The unique and consistent identifier of the Availability Zone where the mount target is located. For example, `use1-az1` is an Availability Zone ID for the `us-east-1` AWS Region, and it has the same location in every AWS account.  
Type: String

 ** [fileSystemId](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The ID of the S3 File System associated with the mount target.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [ipv4Address](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The IPv4 address assigned to the mount target.  
Type: String  
Length Constraints: Minimum length of 7. Maximum length of 15.  
Pattern: `[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}` 

 ** [ipv6Address](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The IPv6 address assigned to the mount target.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 39.

 ** [mountTargetId](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The ID of the mount target, assigned by S3 Files. This ID is used to reference the mount target in subsequent API calls.  
Type: String  
Length Constraints: Minimum length of 22. Maximum length of 45.  
Pattern: `fsmt-[0-9a-f]{17,40}` 

 ** [networkInterfaceId](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The ID of the network interface that S3 Files created when it created the mount target. This network interface is managed by the service.  
Type: String

 ** [ownerId](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The AWS account ID of the mount target owner.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 12.  
Pattern: `(\d{12})|(\d{4}-{4}-\d{4})` 

 ** [securityGroups](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The security groups associated with the mount target's network interface.  
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 11. Maximum length of 43.  
Pattern: `(sg-[0-9a-f]{8,40})` 

 ** [status](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The lifecycle state of the mount target. Valid values are: `AVAILABLE` (the mount target is available for use), `CREATING` (the mount target is being created), `DELETING` (the mount target is being deleted), `DELETED` (the mount target has been deleted), or `ERROR` (the mount target is in an error state), or `UPDATING` (the mount target is being updated).  
Type: String  
Valid Values: `available | creating | deleting | deleted | error | updating` 

 ** [statusMessage](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
Additional information about the mount target status. This field provides more details when the status is `ERROR`, or during state transitions.  
Type: String

 ** [subnetId](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The ID of the subnet where the mount target is located.  
Type: String  
Length Constraints: Minimum length of 15. Maximum length of 47.  
Pattern: `subnet-[0-9a-f]{8,40}` 

 ** [vpcId](#API_S3Files_CreateMountTarget_ResponseSyntax) **   
The ID of the VPC where the mount target is located.  
Type: String

## Errors


 ** ConflictException **   
The request conflicts with the current state of the resource. This can occur when trying to create a resource that already exists or delete a resource that is in use.    
 ** errorCode **   
The error code associated with the exception.  
 ** resourceId **   
The identifier of the resource that caused the conflict.  
 ** resourceType **   
The type of the resource that caused the conflict.
HTTP Status Code: 409

 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ServiceQuotaExceededException **   
The request would exceed a service quota. Review your service quotas and either delete resources or request a quota increase.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 402

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/CreateMountTarget) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/CreateMountTarget) 

# DeleteAccessPoint


Deletes an S3 File System Access Point. This operation is irreversible.

## Request Syntax


```
DELETE /access-points/accessPointId HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [accessPointId](#API_S3Files_DeleteAccessPoint_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the access point to delete.  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}/access-point/fsap-[0-9a-f]{17,40}|fsap-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** ConflictException **   
The request conflicts with the current state of the resource. This can occur when trying to create a resource that already exists or delete a resource that is in use.    
 ** errorCode **   
The error code associated with the exception.  
 ** resourceId **   
The identifier of the resource that caused the conflict.  
 ** resourceType **   
The type of the resource that caused the conflict.
HTTP Status Code: 409

 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/DeleteAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/DeleteAccessPoint) 

# DeleteFileSystem


Deletes an S3 File System. You can optionally force deletion of a file system that has pending export data.

## Request Syntax


```
DELETE /file-systems/fileSystemId?forceDelete=forceDelete HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_DeleteFileSystem_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System to delete.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

 ** [forceDelete](#API_S3Files_DeleteFileSystem_RequestSyntax) **   
If true, allows deletion of a file system that contains data pending export to S3. If false (the default), the deletion will fail if there is data that has not yet been exported to the S3 bucket. Use this parameter with caution as it may result in data loss.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** ConflictException **   
The request conflicts with the current state of the resource. This can occur when trying to create a resource that already exists or delete a resource that is in use.    
 ** errorCode **   
The error code associated with the exception.  
 ** resourceId **   
The identifier of the resource that caused the conflict.  
 ** resourceType **   
The type of the resource that caused the conflict.
HTTP Status Code: 409

 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/DeleteFileSystem) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/DeleteFileSystem) 

# DeleteFileSystemPolicy


Deletes the IAM resource policy of an S3 File System.

## Request Syntax


```
DELETE /file-systems/fileSystemId/policy HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_DeleteFileSystemPolicy_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System whose resource policy to delete.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/DeleteFileSystemPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/DeleteFileSystemPolicy) 

# DeleteMountTarget


Deletes the specified mount target. This operation is irreversible.

## Request Syntax


```
DELETE /mount-targets/mountTargetId HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [mountTargetId](#API_S3Files_DeleteMountTarget_RequestSyntax) **   
The ID of the mount target to delete.  
Length Constraints: Minimum length of 22. Maximum length of 45.  
Pattern: `fsmt-[0-9a-f]{17,40}`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** ConflictException **   
The request conflicts with the current state of the resource. This can occur when trying to create a resource that already exists or delete a resource that is in use.    
 ** errorCode **   
The error code associated with the exception.  
 ** resourceId **   
The identifier of the resource that caused the conflict.  
 ** resourceType **   
The type of the resource that caused the conflict.
HTTP Status Code: 409

 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/DeleteMountTarget) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/DeleteMountTarget) 

# GetAccessPoint


Returns resource information for an S3 File System Access Point.

## Request Syntax


```
GET /access-points/accessPointId HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [accessPointId](#API_S3Files_GetAccessPoint_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the access point to retrieve information for.  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}/access-point/fsap-[0-9a-f]{17,40}|fsap-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "accessPointArn": "string",
   "accessPointId": "string",
   "clientToken": "string",
   "fileSystemId": "string",
   "name": "string",
   "ownerId": "string",
   "posixUser": { 
      "gid": number,
      "secondaryGids": [ number ],
      "uid": number
   },
   "rootDirectory": { 
      "creationPermissions": { 
         "ownerGid": number,
         "ownerUid": number,
         "permissions": "string"
      },
      "path": "string"
   },
   "status": "string",
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [accessPointArn](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The ARN of the access point.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}/access-point/fsap-[0-9a-f]{17,40}` 

 ** [accessPointId](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The ID of the access point.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}/access-point/fsap-[0-9a-f]{17,40}|fsap-[0-9a-f]{17,40})` 

 ** [clientToken](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The client token used for idempotency when the access point was created.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `(.+)` 

 ** [fileSystemId](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The ID of the S3 File System.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [name](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The name of the access point.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)` 

 ** [ownerId](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The AWS account ID of the access point owner.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 12.  
Pattern: `(\d{12})|(\d{4}-{4}-\d{4})` 

 ** [posixUser](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The POSIX identity configured for this access point.  
Type: [PosixUser](API_S3Files_PosixUser.md) object

 ** [rootDirectory](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The root directory configuration for this access point.  
Type: [RootDirectory](API_S3Files_RootDirectory.md) object

 ** [status](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The current status of the access point.  
Type: String  
Valid Values: `available | creating | deleting | deleted | error | updating` 

 ** [tags](#API_S3Files_GetAccessPoint_ResponseSyntax) **   
The tags associated with the access point.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/GetAccessPoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/GetAccessPoint) 

# GetFileSystem


Returns resource information for the specified S3 File System including status, configuration, and metadata.

## Request Syntax


```
GET /file-systems/fileSystemId HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_GetFileSystem_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System to retrieve information for.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "bucket": "string",
   "clientToken": "string",
   "creationTime": number,
   "fileSystemArn": "string",
   "fileSystemId": "string",
   "kmsKeyId": "string",
   "name": "string",
   "ownerId": "string",
   "prefix": "string",
   "roleArn": "string",
   "status": "string",
   "statusMessage": "string",
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [bucket](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the S3 bucket.  
Type: String  
Pattern: `(arn:aws[a-zA-Z0-9-]*:s3:::.+)` 

 ** [clientToken](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The client token used for idempotency when the file system was created.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `(.+)` 

 ** [creationTime](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The time when the file system was created.  
Type: Timestamp

 ** [fileSystemArn](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the file system.  
Type: String  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40})` 

 ** [fileSystemId](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The ID of the file system.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [kmsKeyId](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the AWS KMS key used for encryption.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 2048.  
Pattern: `([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|mrk-[0-9a-f]{32}|alias/[a-zA-Z0-9/_-]+|(arn:aws[-a-z]*:kms:[a-z0-9-]+:\d{12}:((key/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})|(key/mrk-[0-9a-f]{32})|(alias/[a-zA-Z0-9/_-]+))))` 

 ** [name](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The name of the file system.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)` 

 ** [ownerId](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The AWS account ID of the file system owner.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 12.  
Pattern: `(\d{12})|(\d{4}-{4}-\d{4})` 

 ** [prefix](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The prefix in the S3 bucket that the file system provides access to.  
Type: String

 ** [roleArn](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the IAM role used for S3 access.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 2048.  
Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+` 

 ** [status](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The current status of the file system.  
Type: String  
Valid Values: `available | creating | deleting | deleted | error | updating` 

 ** [statusMessage](#API_S3Files_GetFileSystem_ResponseSyntax) **   
Additional information about the file system status.  
Type: String

 ** [tags](#API_S3Files_GetFileSystem_ResponseSyntax) **   
The tags associated with the file system.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/GetFileSystem) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/GetFileSystem) 

# GetFileSystemPolicy


Returns the IAM resource policy of an S3 File System.

## Request Syntax


```
GET /file-systems/fileSystemId/policy HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_GetFileSystemPolicy_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System whose resource policy to retrieve.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "fileSystemId": "string",
   "policy": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [fileSystemId](#API_S3Files_GetFileSystemPolicy_ResponseSyntax) **   
The ID of the file system.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [policy](#API_S3Files_GetFileSystemPolicy_ResponseSyntax) **   
The JSON-formatted resource policy for the file system.  
Type: String

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/GetFileSystemPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/GetFileSystemPolicy) 

# GetMountTarget


Returns detailed resource information for the specified mount target including network configuration.

## Request Syntax


```
GET /mount-targets/mountTargetId HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [mountTargetId](#API_S3Files_GetMountTarget_RequestSyntax) **   
The ID of the mount target to retrieve information for.  
Length Constraints: Minimum length of 22. Maximum length of 45.  
Pattern: `fsmt-[0-9a-f]{17,40}`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "availabilityZoneId": "string",
   "fileSystemId": "string",
   "ipv4Address": "string",
   "ipv6Address": "string",
   "mountTargetId": "string",
   "networkInterfaceId": "string",
   "ownerId": "string",
   "securityGroups": [ "string" ],
   "status": "string",
   "statusMessage": "string",
   "subnetId": "string",
   "vpcId": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [availabilityZoneId](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The Availability Zone ID where the mount target is located.  
Type: String

 ** [fileSystemId](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The ID of the file system.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [ipv4Address](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The IPv4 address of the mount target.  
Type: String  
Length Constraints: Minimum length of 7. Maximum length of 15.  
Pattern: `[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}` 

 ** [ipv6Address](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The IPv6 address of the mount target.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 39.

 ** [mountTargetId](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The ID of the mount target.  
Type: String  
Length Constraints: Minimum length of 22. Maximum length of 45.  
Pattern: `fsmt-[0-9a-f]{17,40}` 

 ** [networkInterfaceId](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The ID of the network interface associated with the mount target.  
Type: String

 ** [ownerId](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The AWS account ID of the mount target owner.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 12.  
Pattern: `(\d{12})|(\d{4}-{4}-\d{4})` 

 ** [securityGroups](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The security groups associated with the mount target.  
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 11. Maximum length of 43.  
Pattern: `(sg-[0-9a-f]{8,40})` 

 ** [status](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The current status of the mount target.  
Type: String  
Valid Values: `available | creating | deleting | deleted | error | updating` 

 ** [statusMessage](#API_S3Files_GetMountTarget_ResponseSyntax) **   
Additional information about the mount target status.  
Type: String

 ** [subnetId](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The ID of the subnet where the mount target is located.  
Type: String  
Length Constraints: Minimum length of 15. Maximum length of 47.  
Pattern: `subnet-[0-9a-f]{8,40}` 

 ** [vpcId](#API_S3Files_GetMountTarget_ResponseSyntax) **   
The ID of the VPC where the mount target is located.  
Type: String

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/GetMountTarget) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/GetMountTarget) 

# GetSynchronizationConfiguration


Returns the synchronization configuration for the specified S3 File System, including import data rules and expiration data rules.

## Request Syntax


```
GET /file-systems/fileSystemId/synchronization-configuration HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_GetSynchronizationConfiguration_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System to retrieve the synchronization configuration for.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "expirationDataRules": [ 
      { 
         "daysAfterLastAccess": number
      }
   ],
   "importDataRules": [ 
      { 
         "prefix": "string",
         "sizeLessThan": number,
         "trigger": "string"
      }
   ],
   "latestVersionNumber": number
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [expirationDataRules](#API_S3Files_GetSynchronizationConfiguration_ResponseSyntax) **   
An array of expiration data rules that control when cached data expires from the file system.  
Type: Array of [ExpirationDataRule](API_S3Files_ExpirationDataRule.md) objects  
Array Members: Fixed number of 1 item.

 ** [importDataRules](#API_S3Files_GetSynchronizationConfiguration_ResponseSyntax) **   
An array of import data rules that control how data is imported from S3 into the file system.  
Type: Array of [ImportDataRule](API_S3Files_ImportDataRule.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 10 items.

 ** [latestVersionNumber](#API_S3Files_GetSynchronizationConfiguration_ResponseSyntax) **   
The version number of the synchronization configuration. Use this value with `PutSynchronizationConfiguration` to ensure optimistic concurrency control.  
Type: Integer

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/GetSynchronizationConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/GetSynchronizationConfiguration) 

# ListAccessPoints


Returns resource information for all S3 File System Access Points associated with the specified S3 File System.

## Request Syntax


```
GET /access-points?fileSystemId=fileSystemId&maxResults=maxResults&nextToken=nextToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_ListAccessPoints_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System to list access points for.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

 ** [maxResults](#API_S3Files_ListAccessPoints_RequestSyntax) **   
The maximum number of access points to return in a single response.  
Valid Range: Minimum value of 1. Maximum value of 1000.

 ** [nextToken](#API_S3Files_ListAccessPoints_RequestSyntax) **   
A pagination token returned from a previous call to continue listing access points.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "accessPoints": [ 
      { 
         "accessPointArn": "string",
         "accessPointId": "string",
         "fileSystemId": "string",
         "name": "string",
         "ownerId": "string",
         "posixUser": { 
            "gid": number,
            "secondaryGids": [ number ],
            "uid": number
         },
         "rootDirectory": { 
            "creationPermissions": { 
               "ownerGid": number,
               "ownerUid": number,
               "permissions": "string"
            },
            "path": "string"
         },
         "status": "string"
      }
   ],
   "nextToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [accessPoints](#API_S3Files_ListAccessPoints_ResponseSyntax) **   
An array of access point descriptions.  
Type: Array of [ListAccessPointsDescription](API_S3Files_ListAccessPointsDescription.md) objects

 ** [nextToken](#API_S3Files_ListAccessPoints_ResponseSyntax) **   
A pagination token to use in a subsequent request if more results are available.  
Type: String

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/ListAccessPoints) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/ListAccessPoints) 

# ListFileSystems


Returns a list of all S3 File Systems owned by the account with optional filtering by bucket.

## Request Syntax


```
GET /file-systems?bucket=bucket&maxResults=maxResults&nextToken=nextToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [bucket](#API_S3Files_ListFileSystems_RequestSyntax) **   
Optional filter to list only file systems associated with the specified S3 bucket Amazon Resource Name (ARN). If provided, only file systems that provide access to this bucket will be returned in the response.  
Pattern: `(arn:aws[a-zA-Z0-9-]*:s3:::.+)` 

 ** [maxResults](#API_S3Files_ListFileSystems_RequestSyntax) **   
The maximum number of file systems to return in a single response. If not specified, up to 100 file systems are returned.  
Valid Range: Minimum value of 1. Maximum value of 100.

 ** [nextToken](#API_S3Files_ListFileSystems_RequestSyntax) **   
A pagination token returned from a previous call to continue listing file systems.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "fileSystems": [ 
      { 
         "bucket": "string",
         "creationTime": number,
         "fileSystemArn": "string",
         "fileSystemId": "string",
         "name": "string",
         "ownerId": "string",
         "roleArn": "string",
         "status": "string",
         "statusMessage": "string"
      }
   ],
   "nextToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [fileSystems](#API_S3Files_ListFileSystems_ResponseSyntax) **   
An array of file system descriptions.  
Type: Array of [ListFileSystemsDescription](API_S3Files_ListFileSystemsDescription.md) objects

 ** [nextToken](#API_S3Files_ListFileSystems_ResponseSyntax) **   
A pagination token to use in a subsequent request if more results are available.  
Type: String

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/ListFileSystems) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/ListFileSystems) 

# ListMountTargets


Returns resource information for all mount targets with optional filtering by file system, access point, and VPC.

## Request Syntax


```
GET /mount-targets?accessPointId=accessPointId&fileSystemId=fileSystemId&maxResults=maxResults&nextToken=nextToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [accessPointId](#API_S3Files_ListMountTargets_RequestSyntax) **   
Optional filter to list only mount targets associated with the specified access point ID or Amazon Resource Name (ARN).  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}/access-point/fsap-[0-9a-f]{17,40}|fsap-[0-9a-f]{17,40})` 

 ** [fileSystemId](#API_S3Files_ListMountTargets_RequestSyntax) **   
Optional filter to list only mount targets associated with the specified S3 File System ID or Amazon Resource Name (ARN). If provided, only mount targets for this file system will be returned in the response.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [maxResults](#API_S3Files_ListMountTargets_RequestSyntax) **   
The maximum number of mount targets to return in a single response.  
Valid Range: Minimum value of 1. Maximum value of 100.

 ** [nextToken](#API_S3Files_ListMountTargets_RequestSyntax) **   
A pagination token returned from a previous call to continue listing mount targets.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "mountTargets": [ 
      { 
         "availabilityZoneId": "string",
         "fileSystemId": "string",
         "ipv4Address": "string",
         "ipv6Address": "string",
         "mountTargetId": "string",
         "networkInterfaceId": "string",
         "ownerId": "string",
         "status": "string",
         "statusMessage": "string",
         "subnetId": "string",
         "vpcId": "string"
      }
   ],
   "nextToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [mountTargets](#API_S3Files_ListMountTargets_ResponseSyntax) **   
An array of mount target descriptions.  
Type: Array of [ListMountTargetsDescription](API_S3Files_ListMountTargetsDescription.md) objects

 ** [nextToken](#API_S3Files_ListMountTargets_ResponseSyntax) **   
A pagination token to use in a subsequent request if more results are available.  
Type: String

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/ListMountTargets) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/ListMountTargets) 

# ListTagsForResource


Lists all tags for S3 Files resources.

## Request Syntax


```
GET /resource-tags/resourceId?MaxResults=maxResults&NextToken=nextToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_S3Files_ListTagsForResource_RequestSyntax) **   
The maximum number of tags to return in a single response.  
Valid Range: Minimum value of 1. Maximum value of 50.

 ** [nextToken](#API_S3Files_ListTagsForResource_RequestSyntax) **   
A pagination token returned from a previous call to continue listing tags.

 ** [resourceId](#API_S3Files_ListTagsForResource_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the resource to list tags for.  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}(/access-point/fsap-[0-9a-f]{17,40})?|fs(ap)?-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "nextToken": "string",
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [nextToken](#API_S3Files_ListTagsForResource_ResponseSyntax) **   
A pagination token to use in a subsequent request if more results are available.  
Type: String

 ** [tags](#API_S3Files_ListTagsForResource_ResponseSyntax) **   
An array of tags associated with the resource.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/ListTagsForResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/ListTagsForResource) 

# PutFileSystemPolicy


Creates or replaces the IAM resource policy for an S3 File System to control access permissions.

## Request Syntax


```
PUT /file-systems/fileSystemId/policy HTTP/1.1
Content-type: application/json

{
   "policy": "string"
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_PutFileSystemPolicy_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System to apply the resource policy to.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [policy](#API_S3Files_PutFileSystemPolicy_RequestSyntax) **   
The JSON-formatted resource policy to apply to the file system. The policy defines the permissions for accessing the file system. The policy must be a valid JSON document that follows IAM policy syntax.  
Type: String  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/PutFileSystemPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/PutFileSystemPolicy) 

# PutSynchronizationConfiguration


Creates or updates the synchronization configuration for the specified S3 File System, including import data rules and expiration data rules.

## Request Syntax


```
PUT /file-systems/fileSystemId/synchronization-configuration HTTP/1.1
Content-type: application/json

{
   "expirationDataRules": [ 
      { 
         "daysAfterLastAccess": number
      }
   ],
   "importDataRules": [ 
      { 
         "prefix": "string",
         "sizeLessThan": number,
         "trigger": "string"
      }
   ],
   "latestVersionNumber": number
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [fileSystemId](#API_S3Files_PutSynchronizationConfiguration_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the S3 File System to configure synchronization for.  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [expirationDataRules](#API_S3Files_PutSynchronizationConfiguration_RequestSyntax) **   
An array of expiration data rules that control when cached data expires from the file system.  
Type: Array of [ExpirationDataRule](API_S3Files_ExpirationDataRule.md) objects  
Array Members: Fixed number of 1 item.  
Required: Yes

 ** [importDataRules](#API_S3Files_PutSynchronizationConfiguration_RequestSyntax) **   
An array of import data rules that control how data is imported from S3 into the file system.  
Type: Array of [ImportDataRule](API_S3Files_ImportDataRule.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 10 items.  
Required: Yes

 ** [latestVersionNumber](#API_S3Files_PutSynchronizationConfiguration_RequestSyntax) **   
The version number of the current synchronization configuration. Omit this value when creating a synchronization configuration for the first time. For subsequent updates, provide this value for optimistic concurrency control. If the version number does not match the current configuration, the request fails with a `ConflictException`.  
Type: Integer  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** ConflictException **   
The request conflicts with the current state of the resource. This can occur when trying to create a resource that already exists or delete a resource that is in use.    
 ** errorCode **   
The error code associated with the exception.  
 ** resourceId **   
The identifier of the resource that caused the conflict.  
 ** resourceType **   
The type of the resource that caused the conflict.
HTTP Status Code: 409

 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/PutSynchronizationConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/PutSynchronizationConfiguration) 

# TagResource


Creates tags for S3 Files resources using standard AWS tagging APIs.

## Request Syntax


```
POST /resource-tags/resourceId HTTP/1.1
Content-type: application/json

{
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ]
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceId](#API_S3Files_TagResource_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the resource to add tags to.  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}(/access-point/fsap-[0-9a-f]{17,40})?|fs(ap)?-[0-9a-f]{17,40})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [tags](#API_S3Files_TagResource_RequestSyntax) **   
An array of key-value pairs to add as tags to the resource.  
Type: Array of [Tag](API_S3Files_Tag.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 50 items.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/TagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/TagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/TagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/TagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/TagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/TagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/TagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/TagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/TagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/TagResource) 

# UntagResource


Removes tags from S3 Files resources.

## Request Syntax


```
DELETE /resource-tags/resourceId?tagKeys=tagKeys HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceId](#API_S3Files_UntagResource_RequestSyntax) **   
The ID or Amazon Resource Name (ARN) of the resource to remove tags from.  
Length Constraints: Minimum length of 0. Maximum length of 256.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}(/access-point/fsap-[0-9a-f]{17,40})?|fs(ap)?-[0-9a-f]{17,40})`   
Required: Yes

 ** [tagKeys](#API_S3Files_UntagResource_RequestSyntax) **   
An array of tag keys to remove from the resource.  
Array Members: Minimum number of 1 item. Maximum number of 50 items.  
Length Constraints: Minimum length of 1. Maximum length of 128.  
Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]+)`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/UntagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/UntagResource) 

# UpdateMountTarget


Updates the mount target resource, specifically security group configurations.

## Request Syntax


```
PUT /mount-targets/mountTargetId HTTP/1.1
Content-type: application/json

{
   "securityGroups": [ "string" ]
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [mountTargetId](#API_S3Files_UpdateMountTarget_RequestSyntax) **   
The ID of the mount target to update.  
Length Constraints: Minimum length of 22. Maximum length of 45.  
Pattern: `fsmt-[0-9a-f]{17,40}`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [securityGroups](#API_S3Files_UpdateMountTarget_RequestSyntax) **   
An array of VPC security group IDs to associate with the mount target's network interface. This replaces the existing security groups. All security groups must belong to the same VPC as the mount target's subnet.  
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 11. Maximum length of 43.  
Pattern: `(sg-[0-9a-f]{8,40})`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "availabilityZoneId": "string",
   "fileSystemId": "string",
   "ipv4Address": "string",
   "ipv6Address": "string",
   "mountTargetId": "string",
   "networkInterfaceId": "string",
   "ownerId": "string",
   "securityGroups": [ "string" ],
   "status": "string",
   "statusMessage": "string",
   "subnetId": "string",
   "vpcId": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [availabilityZoneId](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The Availability Zone ID where the mount target is located.  
Type: String

 ** [fileSystemId](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The ID of the S3 File System.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 128.  
Pattern: `(arn:aws[-a-z]*:s3files:[0-9a-z-:]+:file-system/fs-[0-9a-f]{17,40}|fs-[0-9a-f]{17,40})` 

 ** [ipv4Address](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The IPv4 address of the mount target.  
Type: String  
Length Constraints: Minimum length of 7. Maximum length of 15.  
Pattern: `[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}` 

 ** [ipv6Address](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The IPv6 address of the mount target.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 39.

 ** [mountTargetId](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The ID of the mount target.  
Type: String  
Length Constraints: Minimum length of 22. Maximum length of 45.  
Pattern: `fsmt-[0-9a-f]{17,40}` 

 ** [networkInterfaceId](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The ID of the network interface associated with the mount target.  
Type: String

 ** [ownerId](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The AWS account ID of the mount target owner.  
Type: String  
Length Constraints: Minimum length of 0. Maximum length of 12.  
Pattern: `(\d{12})|(\d{4}-{4}-\d{4})` 

 ** [securityGroups](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The security groups associated with the mount target.  
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 11. Maximum length of 43.  
Pattern: `(sg-[0-9a-f]{8,40})` 

 ** [status](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The current status of the mount target.  
Type: String  
Valid Values: `available | creating | deleting | deleted | error | updating` 

 ** [statusMessage](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
Additional information about the mount target status.  
Type: String

 ** [subnetId](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The ID of the subnet where the mount target is located.  
Type: String  
Length Constraints: Minimum length of 15. Maximum length of 47.  
Pattern: `subnet-[0-9a-f]{8,40}` 

 ** [vpcId](#API_S3Files_UpdateMountTarget_ResponseSyntax) **   
The ID of the VPC where the mount target is located.  
Type: String

## Errors


 ** InternalServerException **   
An internal server error occurred. Retry your request.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The specified resource was not found. Verify that the resource exists and that you have permission to access it.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 404

 ** ThrottlingException **   
The request was throttled. Retry your request using exponential backoff.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 429

 ** ValidationException **   
The input parameters are not valid. Check the parameter values and try again.    
 ** errorCode **   
The error code associated with the exception.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3files-2025-05-05/UpdateMountTarget) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3files-2025-05-05/UpdateMountTarget) 

# Amazon S3 on Outposts


The following actions are supported by Amazon S3 on Outposts:
+  [CreateEndpoint](API_s3outposts_CreateEndpoint.md) 
+  [DeleteEndpoint](API_s3outposts_DeleteEndpoint.md) 
+  [ListEndpoints](API_s3outposts_ListEndpoints.md) 
+  [ListOutpostsWithS3](API_s3outposts_ListOutpostsWithS3.md) 
+  [ListSharedEndpoints](API_s3outposts_ListSharedEndpoints.md) 

# CreateEndpoint


Creates an endpoint and associates it with the specified Outpost.

**Note**  
It can take up to 5 minutes for this action to finish.



Related actions include:
+  [DeleteEndpoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_DeleteEndpoint.html) 
+  [ListEndpoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListEndpoints.html) 

## Request Syntax


```
POST /S3Outposts/CreateEndpoint HTTP/1.1
Content-type: application/json

{
   "AccessType": "string",
   "CustomerOwnedIpv4Pool": "string",
   "OutpostId": "string",
   "SecurityGroupId": "string",
   "SubnetId": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [AccessType](#API_s3outposts_CreateEndpoint_RequestSyntax) **   
The type of access for the network connectivity for the Amazon S3 on Outposts endpoint. To use the AWS VPC, choose `Private`. To use the endpoint with an on-premises network, choose `CustomerOwnedIp`. If you choose `CustomerOwnedIp`, you must also provide the customer-owned IP address pool (CoIP pool).  
 `Private` is the default access type value.
Type: String  
Valid Values: `Private | CustomerOwnedIp`   
Required: No

 ** [CustomerOwnedIpv4Pool](#API_s3outposts_CreateEndpoint_RequestSyntax) **   
The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.  
Type: String  
Pattern: `^ipv4pool-coip-([0-9a-f]{17})$`   
Required: No

 ** [OutpostId](#API_s3outposts_CreateEndpoint_RequestSyntax) **   
The ID of the AWS Outposts.   
Type: String  
Pattern: `^(op-[a-f0-9]{17}|\d{12}|ec2)$`   
Required: Yes

 ** [SecurityGroupId](#API_s3outposts_CreateEndpoint_RequestSyntax) **   
The ID of the security group to use with the endpoint.  
Type: String  
Pattern: `^sg-([0-9a-f]{8}|[0-9a-f]{17})$`   
Required: Yes

 ** [SubnetId](#API_s3outposts_CreateEndpoint_RequestSyntax) **   
The ID of the subnet in the selected VPC. The endpoint subnet must belong to the Outpost that has Amazon S3 on Outposts provisioned.  
Type: String  
Pattern: `^subnet-([0-9a-f]{8}|[0-9a-f]{17})$`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "EndpointArn": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [EndpointArn](#API_s3outposts_CreateEndpoint_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the endpoint.  
Type: String  
Pattern: `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):s3-outposts:[a-z\-0-9]*:[0-9]{12}:outpost/(op-[a-f0-9]{17}|ec2)/endpoint/[a-zA-Z0-9]{19}$` 

## Errors


 ** AccessDeniedException **   
Access was denied for this action.  
HTTP Status Code: 403

 ** ConflictException **   
There was a conflict with this action, and it could not be completed.  
HTTP Status Code: 409

 ** InternalServerException **   
There was an exception with the internal server.  
HTTP Status Code: 500

 ** OutpostOfflineException **   
The service link connection to your Outposts home Region is down. Check your connection and try again.  
HTTP Status Code: 400

 ** ResourceNotFoundException **   
The requested resource was not found.  
HTTP Status Code: 404

 ** ThrottlingException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
There was an exception validating this data.  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3outposts-2017-07-25/CreateEndpoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3outposts-2017-07-25/CreateEndpoint) 

# DeleteEndpoint


Deletes an endpoint.

**Note**  
It can take up to 5 minutes for this action to finish.



Related actions include:
+  [CreateEndpoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_CreateEndpoint.html) 
+  [ListEndpoints](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListEndpoints.html) 

## Request Syntax


```
DELETE /S3Outposts/DeleteEndpoint?endpointId=EndpointId&outpostId=OutpostId HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [EndpointId](#API_s3outposts_DeleteEndpoint_RequestSyntax) **   
The ID of the endpoint.  
Pattern: `^[a-zA-Z0-9]{19}$`   
Required: Yes

 ** [OutpostId](#API_s3outposts_DeleteEndpoint_RequestSyntax) **   
The ID of the AWS Outposts.   
Pattern: `^(op-[a-f0-9]{17}|\d{12}|ec2)$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access was denied for this action.  
HTTP Status Code: 403

 ** InternalServerException **   
There was an exception with the internal server.  
HTTP Status Code: 500

 ** OutpostOfflineException **   
The service link connection to your Outposts home Region is down. Check your connection and try again.  
HTTP Status Code: 400

 ** ResourceNotFoundException **   
The requested resource was not found.  
HTTP Status Code: 404

 ** ThrottlingException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
There was an exception validating this data.  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3outposts-2017-07-25/DeleteEndpoint) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3outposts-2017-07-25/DeleteEndpoint) 

# ListEndpoints


Lists endpoints associated with the specified Outpost. 

Related actions include:
+  [CreateEndpoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_CreateEndpoint.html) 
+  [DeleteEndpoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_DeleteEndpoint.html) 

## Request Syntax


```
GET /S3Outposts/ListEndpoints?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [MaxResults](#API_s3outposts_ListEndpoints_RequestSyntax) **   
The maximum number of endpoints that will be returned in the response.  
Valid Range: Minimum value of 0. Maximum value of 100.

 ** [NextToken](#API_s3outposts_ListEndpoints_RequestSyntax) **   
If a previous response from this operation included a `NextToken` value, provide that value here to retrieve the next page of results.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "Endpoints": [ 
      { 
         "AccessType": "string",
         "CidrBlock": "string",
         "CreationTime": number,
         "CustomerOwnedIpv4Pool": "string",
         "EndpointArn": "string",
         "FailedReason": { 
            "ErrorCode": "string",
            "Message": "string"
         },
         "NetworkInterfaces": [ 
            { 
               "NetworkInterfaceId": "string"
            }
         ],
         "OutpostsId": "string",
         "SecurityGroupId": "string",
         "Status": "string",
         "SubnetId": "string",
         "VpcId": "string"
      }
   ],
   "NextToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [Endpoints](#API_s3outposts_ListEndpoints_ResponseSyntax) **   
The list of endpoints associated with the specified Outpost.  
Type: Array of [Endpoint](API_s3outposts_Endpoint.md) objects

 ** [NextToken](#API_s3outposts_ListEndpoints_ResponseSyntax) **   
If the number of endpoints associated with the specified Outpost exceeds `MaxResults`, you can include this value in subsequent calls to this operation to retrieve more results.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

## Errors


 ** AccessDeniedException **   
Access was denied for this action.  
HTTP Status Code: 403

 ** InternalServerException **   
There was an exception with the internal server.  
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The requested resource was not found.  
HTTP Status Code: 404

 ** ThrottlingException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
There was an exception validating this data.  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3outposts-2017-07-25/ListEndpoints) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3outposts-2017-07-25/ListEndpoints) 

# ListOutpostsWithS3


Lists the Outposts with S3 on Outposts capacity for your AWS account. Includes S3 on Outposts that you have access to as the Outposts owner, or as a shared user from Resource Access Manager (RAM). 

## Request Syntax


```
GET /S3Outposts/ListOutpostsWithS3?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [MaxResults](#API_s3outposts_ListOutpostsWithS3_RequestSyntax) **   
The maximum number of Outposts to return. The limit is 100.  
Valid Range: Minimum value of 0. Maximum value of 100.

 ** [NextToken](#API_s3outposts_ListOutpostsWithS3_RequestSyntax) **   
When you can get additional results from the `ListOutpostsWithS3` call, a `NextToken` parameter is returned in the output. You can then pass in a subsequent command to the `NextToken` parameter to continue listing additional Outposts.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "NextToken": "string",
   "Outposts": [ 
      { 
         "CapacityInBytes": number,
         "OutpostArn": "string",
         "OutpostId": "string",
         "OwnerId": "string",
         "S3OutpostArn": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [NextToken](#API_s3outposts_ListOutpostsWithS3_ResponseSyntax) **   
Returns a token that you can use to call `ListOutpostsWithS3` again and receive additional results, if there are any.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

 ** [Outposts](#API_s3outposts_ListOutpostsWithS3_ResponseSyntax) **   
Returns the list of Outposts that have the following characteristics:  
+ outposts that have S3 provisioned
+ outposts that are `Active` (not pending any provisioning nor decommissioned)
+ outposts to which the the calling AWS account has access
Type: Array of [Outpost](API_s3outposts_Outpost.md) objects

## Errors


 ** AccessDeniedException **   
Access was denied for this action.  
HTTP Status Code: 403

 ** InternalServerException **   
There was an exception with the internal server.  
HTTP Status Code: 500

 ** ThrottlingException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
There was an exception validating this data.  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3outposts-2017-07-25/ListOutpostsWithS3) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3outposts-2017-07-25/ListOutpostsWithS3) 

# ListSharedEndpoints


Lists all endpoints associated with an Outpost that has been shared by AWS Resource Access Manager (RAM).

Related actions include:
+  [CreateEndpoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_CreateEndpoint.html) 
+  [DeleteEndpoint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_DeleteEndpoint.html) 

## Request Syntax


```
GET /S3Outposts/ListSharedEndpoints?maxResults=MaxResults&nextToken=NextToken&outpostId=OutpostId HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [MaxResults](#API_s3outposts_ListSharedEndpoints_RequestSyntax) **   
The maximum number of endpoints that will be returned in the response.  
Valid Range: Minimum value of 0. Maximum value of 100.

 ** [NextToken](#API_s3outposts_ListSharedEndpoints_RequestSyntax) **   
If a previous response from this operation included a `NextToken` value, you can provide that value here to retrieve the next page of results.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

 ** [OutpostId](#API_s3outposts_ListSharedEndpoints_RequestSyntax) **   
The ID of the AWS Outpost.  
Pattern: `^(op-[a-f0-9]{17}|\d{12}|ec2)$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "Endpoints": [ 
      { 
         "AccessType": "string",
         "CidrBlock": "string",
         "CreationTime": number,
         "CustomerOwnedIpv4Pool": "string",
         "EndpointArn": "string",
         "FailedReason": { 
            "ErrorCode": "string",
            "Message": "string"
         },
         "NetworkInterfaces": [ 
            { 
               "NetworkInterfaceId": "string"
            }
         ],
         "OutpostsId": "string",
         "SecurityGroupId": "string",
         "Status": "string",
         "SubnetId": "string",
         "VpcId": "string"
      }
   ],
   "NextToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [Endpoints](#API_s3outposts_ListSharedEndpoints_ResponseSyntax) **   
The list of endpoints associated with the specified Outpost that have been shared by AWS Resource Access Manager (RAM).  
Type: Array of [Endpoint](API_s3outposts_Endpoint.md) objects

 ** [NextToken](#API_s3outposts_ListSharedEndpoints_ResponseSyntax) **   
If the number of endpoints associated with the specified Outpost exceeds `MaxResults`, you can include this value in subsequent calls to this operation to retrieve more results.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

## Errors


 ** AccessDeniedException **   
Access was denied for this action.  
HTTP Status Code: 403

 ** InternalServerException **   
There was an exception with the internal server.  
HTTP Status Code: 500

 ** ResourceNotFoundException **   
The requested resource was not found.  
HTTP Status Code: 404

 ** ThrottlingException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
There was an exception validating this data.  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3outposts-2017-07-25/ListSharedEndpoints) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3outposts-2017-07-25/ListSharedEndpoints) 

# Amazon S3 Tables


The following actions are supported by Amazon S3 Tables:
+  [CreateNamespace](API_s3Buckets_CreateNamespace.md) 
+  [CreateTable](API_s3Buckets_CreateTable.md) 
+  [CreateTableBucket](API_s3Buckets_CreateTableBucket.md) 
+  [DeleteNamespace](API_s3Buckets_DeleteNamespace.md) 
+  [DeleteTable](API_s3Buckets_DeleteTable.md) 
+  [DeleteTableBucket](API_s3Buckets_DeleteTableBucket.md) 
+  [DeleteTableBucketEncryption](API_s3Buckets_DeleteTableBucketEncryption.md) 
+  [DeleteTableBucketMetricsConfiguration](API_s3Buckets_DeleteTableBucketMetricsConfiguration.md) 
+  [DeleteTableBucketPolicy](API_s3Buckets_DeleteTableBucketPolicy.md) 
+  [DeleteTableBucketReplication](API_s3Buckets_DeleteTableBucketReplication.md) 
+  [DeleteTablePolicy](API_s3Buckets_DeleteTablePolicy.md) 
+  [DeleteTableReplication](API_s3Buckets_DeleteTableReplication.md) 
+  [GetNamespace](API_s3Buckets_GetNamespace.md) 
+  [GetTable](API_s3Buckets_GetTable.md) 
+  [GetTableBucket](API_s3Buckets_GetTableBucket.md) 
+  [GetTableBucketEncryption](API_s3Buckets_GetTableBucketEncryption.md) 
+  [GetTableBucketMaintenanceConfiguration](API_s3Buckets_GetTableBucketMaintenanceConfiguration.md) 
+  [GetTableBucketMetricsConfiguration](API_s3Buckets_GetTableBucketMetricsConfiguration.md) 
+  [GetTableBucketPolicy](API_s3Buckets_GetTableBucketPolicy.md) 
+  [GetTableBucketReplication](API_s3Buckets_GetTableBucketReplication.md) 
+  [GetTableBucketStorageClass](API_s3Buckets_GetTableBucketStorageClass.md) 
+  [GetTableEncryption](API_s3Buckets_GetTableEncryption.md) 
+  [GetTableMaintenanceConfiguration](API_s3Buckets_GetTableMaintenanceConfiguration.md) 
+  [GetTableMaintenanceJobStatus](API_s3Buckets_GetTableMaintenanceJobStatus.md) 
+  [GetTableMetadataLocation](API_s3Buckets_GetTableMetadataLocation.md) 
+  [GetTablePolicy](API_s3Buckets_GetTablePolicy.md) 
+  [GetTableRecordExpirationConfiguration](API_s3Buckets_GetTableRecordExpirationConfiguration.md) 
+  [GetTableRecordExpirationJobStatus](API_s3Buckets_GetTableRecordExpirationJobStatus.md) 
+  [GetTableReplication](API_s3Buckets_GetTableReplication.md) 
+  [GetTableReplicationStatus](API_s3Buckets_GetTableReplicationStatus.md) 
+  [GetTableStorageClass](API_s3Buckets_GetTableStorageClass.md) 
+  [ListNamespaces](API_s3Buckets_ListNamespaces.md) 
+  [ListTableBuckets](API_s3Buckets_ListTableBuckets.md) 
+  [ListTables](API_s3Buckets_ListTables.md) 
+  [ListTagsForResource](API_s3Buckets_ListTagsForResource.md) 
+  [PutTableBucketEncryption](API_s3Buckets_PutTableBucketEncryption.md) 
+  [PutTableBucketMaintenanceConfiguration](API_s3Buckets_PutTableBucketMaintenanceConfiguration.md) 
+  [PutTableBucketMetricsConfiguration](API_s3Buckets_PutTableBucketMetricsConfiguration.md) 
+  [PutTableBucketPolicy](API_s3Buckets_PutTableBucketPolicy.md) 
+  [PutTableBucketReplication](API_s3Buckets_PutTableBucketReplication.md) 
+  [PutTableBucketStorageClass](API_s3Buckets_PutTableBucketStorageClass.md) 
+  [PutTableMaintenanceConfiguration](API_s3Buckets_PutTableMaintenanceConfiguration.md) 
+  [PutTablePolicy](API_s3Buckets_PutTablePolicy.md) 
+  [PutTableRecordExpirationConfiguration](API_s3Buckets_PutTableRecordExpirationConfiguration.md) 
+  [PutTableReplication](API_s3Buckets_PutTableReplication.md) 
+  [RenameTable](API_s3Buckets_RenameTable.md) 
+  [TagResource](API_s3Buckets_TagResource.md) 
+  [UntagResource](API_s3Buckets_UntagResource.md) 
+  [UpdateTableMetadataLocation](API_s3Buckets_UpdateTableMetadataLocation.md) 

# CreateNamespace


Creates a namespace. A namespace is a logical grouping of tables within your table bucket, which you can use to organize tables. For more information, see [Create a namespace](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-namespace-create.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:CreateNamespace` permission to use this operation. 

## Request Syntax


```
PUT /namespaces/tableBucketARN HTTP/1.1
Content-type: application/json

{
   "namespace": [ "string" ]
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_CreateNamespace_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket to create the namespace in.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [namespace](#API_s3Buckets_CreateNamespace_RequestSyntax) **   
A name for the namespace.  
Type: Array of strings  
Array Members: Fixed number of 1 item.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "namespace": [ "string" ],
   "tableBucketARN": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [namespace](#API_s3Buckets_CreateNamespace_ResponseSyntax) **   
The name of the namespace.  
Type: Array of strings  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [tableBucketARN](#API_s3Buckets_CreateNamespace_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table bucket the namespace was created in.  
Type: String  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/CreateNamespace) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/CreateNamespace) 

# CreateTable


Creates a new table associated with the given namespace in a table bucket. For more information, see [Creating an Amazon S3 table](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-create.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
+ You must have the `s3tables:CreateTable` permission to use this operation. 
+ If you use this operation with the optional `metadata` request parameter you must have the `s3tables:PutTableData` permission. 
+ If you use this operation with the optional `encryptionConfiguration` request parameter you must have the `s3tables:PutTableEncryption` permission. 
+ If you use this operation with the `storageClassConfiguration` request parameter, you must have the `s3tables:PutTableStorageClass` permission.
+ To create a table with tags, you must have the `s3tables:TagResource` permission in addition to `s3tables:CreateTable` permission.
Additionally, If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see [Permissions requirements for S3 Tables SSE-KMS encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-kms-permissions.html). 

## Request Syntax


```
PUT /tables/tableBucketARN/namespace HTTP/1.1
Content-type: application/json

{
   "encryptionConfiguration": { 
      "kmsKeyArn": "string",
      "sseAlgorithm": "string"
   },
   "format": "string",
   "metadata": { ... },
   "name": "string",
   "storageClassConfiguration": { 
      "storageClass": "string"
   },
   "tags": { 
      "string" : "string" 
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [namespace](#API_s3Buckets_CreateTable_RequestSyntax) **   
The namespace to associated with the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_CreateTable_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket to create the table in.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [encryptionConfiguration](#API_s3Buckets_CreateTable_RequestSyntax) **   
The encryption configuration to use for the table. This configuration specifies the encryption algorithm and, if using SSE-KMS, the KMS key to use for encrypting the table.   
If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see [Permissions requirements for S3 Tables SSE-KMS encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-kms-permissions.html).
Type: [EncryptionConfiguration](API_s3Buckets_EncryptionConfiguration.md) object  
Required: No

 ** [format](#API_s3Buckets_CreateTable_RequestSyntax) **   
The format for the table.  
Type: String  
Valid Values: `ICEBERG`   
Required: Yes

 ** [metadata](#API_s3Buckets_CreateTable_RequestSyntax) **   
The metadata for the table.  
Type: [TableMetadata](API_s3Buckets_TableMetadata.md) object  
 **Note: **This object is a Union. Only one member of this object can be specified or returned.  
Required: No

 ** [name](#API_s3Buckets_CreateTable_RequestSyntax) **   
The name for the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [storageClassConfiguration](#API_s3Buckets_CreateTable_RequestSyntax) **   
The storage class configuration for the table. If not specified, the table inherits the storage class configuration from its table bucket. Specify this parameter to override the bucket's default storage class for this table.  
Type: [StorageClassConfiguration](API_s3Buckets_StorageClassConfiguration.md) object  
Required: No

 ** [tags](#API_s3Buckets_CreateTable_RequestSyntax) **   
A map of user-defined tags that you would like to apply to the table that you are creating. A tag is a key-value pair that you apply to your resources. Tags can help you organize, track costs for, and control access to resources. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
You must have the `s3tables:TagResource` permission in addition to `s3tables:CreateTable` permission to create a table with tags.
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Value Length Constraints: Minimum length of 0. Maximum length of 256.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "tableARN": "string",
   "versionToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [tableARN](#API_s3Buckets_CreateTable_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})` 

 ** [versionToken](#API_s3Buckets_CreateTable_ResponseSyntax) **   
The version token of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/CreateTable) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/CreateTable) 

# CreateTableBucket


Creates a table bucket. For more information, see [Creating a table bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-buckets-create.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
+ You must have the `s3tables:CreateTableBucket` permission to use this operation. 
+ If you use this operation with the optional `encryptionConfiguration` parameter you must have the `s3tables:PutTableBucketEncryption` permission.
+ If you use this operation with the `storageClassConfiguration` request parameter, you must have the `s3tables:PutTableBucketStorageClass` permission.
+ To create a table bucket with tags, you must have the `s3tables:TagResource` permission in addition to `s3tables:CreateTableBucket` permission.

## Request Syntax


```
PUT /buckets HTTP/1.1
Content-type: application/json

{
   "encryptionConfiguration": { 
      "kmsKeyArn": "string",
      "sseAlgorithm": "string"
   },
   "name": "string",
   "storageClassConfiguration": { 
      "storageClass": "string"
   },
   "tags": { 
      "string" : "string" 
   }
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [encryptionConfiguration](#API_s3Buckets_CreateTableBucket_RequestSyntax) **   
The encryption configuration to use for the table bucket. This configuration specifies the default encryption settings that will be applied to all tables created in this bucket unless overridden at the table level. The configuration includes the encryption algorithm and, if using SSE-KMS, the KMS key to use.  
Type: [EncryptionConfiguration](API_s3Buckets_EncryptionConfiguration.md) object  
Required: No

 ** [name](#API_s3Buckets_CreateTableBucket_RequestSyntax) **   
The name for the table bucket.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Pattern: `[0-9a-z-]*`   
Required: Yes

 ** [storageClassConfiguration](#API_s3Buckets_CreateTableBucket_RequestSyntax) **   
The default storage class configuration for the table bucket. This configuration will be applied to all new tables created in this bucket unless overridden at the table level. If not specified, the service default storage class will be used.  
Type: [StorageClassConfiguration](API_s3Buckets_StorageClassConfiguration.md) object  
Required: No

 ** [tags](#API_s3Buckets_CreateTableBucket_RequestSyntax) **   
A map of user-defined tags that you would like to apply to the table bucket that you are creating. A tag is a key-value pair that you apply to your resources. Tags can help you organize and control access to resources. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
You must have the `s3tables:TagResource` permission in addition to `s3tables:CreateTableBucket` permisson to create a table bucket with tags.
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Value Length Constraints: Minimum length of 0. Maximum length of 256.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "arn": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [arn](#API_s3Buckets_CreateTableBucket_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Type: String  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/CreateTableBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/CreateTableBucket) 

# DeleteNamespace


Deletes a namespace. For more information, see [Delete a namespace](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-namespace-delete.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:DeleteNamespace` permission to use this operation. 

## Request Syntax


```
DELETE /namespaces/tableBucketARN/namespace HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [namespace](#API_s3Buckets_DeleteNamespace_RequestSyntax) **   
The name of the namespace.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_DeleteNamespace_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket associated with the namespace.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteNamespace) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteNamespace) 

# DeleteTable


Deletes a table. For more information, see [Deleting an Amazon S3 table](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-delete.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:DeleteTable` permission to use this operation. 

## Request Syntax


```
DELETE /tables/tableBucketARN/namespace/name?versionToken=versionToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_DeleteTable_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_DeleteTable_RequestSyntax) **   
The namespace associated with the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_DeleteTable_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket that contains the table.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

 ** [versionToken](#API_s3Buckets_DeleteTable_RequestSyntax) **   
The version token of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTable) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTable) 

# DeleteTableBucket


Deletes a table bucket. For more information, see [Deleting a table bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-buckets-delete.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:DeleteTableBucket` permission to use this operation. 

## Request Syntax


```
DELETE /buckets/tableBucketARN HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_DeleteTableBucket_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTableBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTableBucket) 

# DeleteTableBucketEncryption


Deletes the encryption configuration for a table bucket.

Permissions  
You must have the `s3tables:DeleteTableBucketEncryption` permission to use this operation.

## Request Syntax


```
DELETE /buckets/tableBucketARN/encryption HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_DeleteTableBucketEncryption_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTableBucketEncryption) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTableBucketEncryption) 

# DeleteTableBucketMetricsConfiguration


Deletes the metrics configuration for a table bucket.

Permissions  
You must have the `s3tables:DeleteTableBucketMetricsConfiguration` permission to use this operation.

## Request Syntax


```
DELETE /buckets/tableBucketARN/metrics HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_DeleteTableBucketMetricsConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTableBucketMetricsConfiguration) 

# DeleteTableBucketPolicy


Deletes a table bucket policy. For more information, see [Deleting a table bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-bucket-policy.html#table-bucket-policy-delete) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:DeleteTableBucketPolicy` permission to use this operation. 

## Request Syntax


```
DELETE /buckets/tableBucketARN/policy HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_DeleteTableBucketPolicy_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTableBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTableBucketPolicy) 

# DeleteTableBucketReplication


Deletes the replication configuration for a table bucket. After deletion, new table updates will no longer be replicated to destination buckets, though existing replicated tables will remain in destination buckets.

Permissions  
You must have the `s3tables:DeleteTableBucketReplication` permission to use this operation.

## Request Syntax


```
DELETE /table-bucket-replication?tableBucketARN=tableBucketARN&versionToken=versionToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_DeleteTableBucketReplication_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

 ** [versionToken](#API_s3Buckets_DeleteTableBucketReplication_RequestSyntax) **   
A version token from a previous GetTableBucketReplication call. Use this token to ensure you're deleting the expected version of the configuration.  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTableBucketReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTableBucketReplication) 

# DeleteTablePolicy


Deletes a table policy. For more information, see [Deleting a table policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-table-policy.html#table-policy-delete) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:DeleteTablePolicy` permission to use this operation. 

## Request Syntax


```
DELETE /tables/tableBucketARN/namespace/name/policy HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_DeleteTablePolicy_RequestSyntax) **   
The table name.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_DeleteTablePolicy_RequestSyntax) **   
The namespace associated with the table.   
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_DeleteTablePolicy_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket that contains the table.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTablePolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTablePolicy) 

# DeleteTableReplication


Deletes the replication configuration for a specific table. After deletion, new updates to this table will no longer be replicated to destination tables, though existing replicated copies will remain in destination buckets.

Permissions  
You must have the `s3tables:DeleteTableReplication` permission to use this operation.

## Request Syntax


```
DELETE /table-replication?tableArn=tableArn&versionToken=versionToken HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableArn](#API_s3Buckets_DeleteTableReplication_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})`   
Required: Yes

 ** [versionToken](#API_s3Buckets_DeleteTableReplication_RequestSyntax) **   
A version token from a previous GetTableReplication call. Use this token to ensure you're deleting the expected version of the configuration.  
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/DeleteTableReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/DeleteTableReplication) 

# GetNamespace


Gets details about a namespace. For more information, see [Table namespaces](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-namespace.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:GetNamespace` permission to use this operation. 

## Request Syntax


```
GET /namespaces/tableBucketARN/namespace HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [namespace](#API_s3Buckets_GetNamespace_RequestSyntax) **   
The name of the namespace.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_GetNamespace_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "createdAt": "string",
   "createdBy": "string",
   "namespace": [ "string" ],
   "namespaceId": "string",
   "ownerAccountId": "string",
   "tableBucketId": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [createdAt](#API_s3Buckets_GetNamespace_ResponseSyntax) **   
The date and time the namespace was created at.  
Type: Timestamp

 ** [createdBy](#API_s3Buckets_GetNamespace_ResponseSyntax) **   
The ID of the account that created the namespace.  
Type: String  
Length Constraints: Fixed length of 12.  
Pattern: `[0-9].*` 

 ** [namespace](#API_s3Buckets_GetNamespace_ResponseSyntax) **   
The name of the namespace.  
Type: Array of strings  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [namespaceId](#API_s3Buckets_GetNamespace_ResponseSyntax) **   
The unique identifier of the namespace.  
Type: String

 ** [ownerAccountId](#API_s3Buckets_GetNamespace_ResponseSyntax) **   
The ID of the account that owns the namespcace.  
Type: String  
Length Constraints: Fixed length of 12.  
Pattern: `[0-9].*` 

 ** [tableBucketId](#API_s3Buckets_GetNamespace_ResponseSyntax) **   
The unique identifier of the table bucket containing this namespace.  
Type: String

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetNamespace) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetNamespace) 

# GetTable


Gets details about a table. For more information, see [S3 Tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-tables.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:GetTable` permission to use this operation. 

## Request Syntax


```
GET /get-table?name=name&namespace=namespace&tableArn=tableArn&tableBucketARN=tableBucketARN HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_GetTable_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [namespace](#API_s3Buckets_GetTable_RequestSyntax) **   
The name of the namespace the table is associated with.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [tableArn](#API_s3Buckets_GetTable_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})` 

 ** [tableBucketARN](#API_s3Buckets_GetTable_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket associated with the table.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})` 

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "createdAt": "string",
   "createdBy": "string",
   "format": "string",
   "managedByService": "string",
   "managedTableInformation": { 
      "replicationInformation": { 
         "sourceTableARN": "string"
      }
   },
   "metadataLocation": "string",
   "modifiedAt": "string",
   "modifiedBy": "string",
   "name": "string",
   "namespace": [ "string" ],
   "namespaceId": "string",
   "ownerAccountId": "string",
   "tableARN": "string",
   "tableBucketId": "string",
   "type": "string",
   "versionToken": "string",
   "warehouseLocation": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [createdAt](#API_s3Buckets_GetTable_ResponseSyntax) **   
The date and time the table bucket was created at.  
Type: Timestamp

 ** [createdBy](#API_s3Buckets_GetTable_ResponseSyntax) **   
The ID of the account that created the table.  
Type: String  
Length Constraints: Fixed length of 12.  
Pattern: `[0-9].*` 

 ** [format](#API_s3Buckets_GetTable_ResponseSyntax) **   
The format of the table.  
Type: String  
Valid Values: `ICEBERG` 

 ** [managedByService](#API_s3Buckets_GetTable_ResponseSyntax) **   
The service that manages the table.  
Type: String

 ** [managedTableInformation](#API_s3Buckets_GetTable_ResponseSyntax) **   
If this table is managed by S3 Tables, contains additional information such as replication details.  
Type: [ManagedTableInformation](API_s3Buckets_ManagedTableInformation.md) object

 ** [metadataLocation](#API_s3Buckets_GetTable_ResponseSyntax) **   
The metadata location of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [modifiedAt](#API_s3Buckets_GetTable_ResponseSyntax) **   
The date and time the table was last modified on.  
Type: Timestamp

 ** [modifiedBy](#API_s3Buckets_GetTable_ResponseSyntax) **   
The ID of the account that last modified the table.  
Type: String  
Length Constraints: Fixed length of 12.  
Pattern: `[0-9].*` 

 ** [name](#API_s3Buckets_GetTable_ResponseSyntax) **   
The name of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [namespace](#API_s3Buckets_GetTable_ResponseSyntax) **   
The namespace associated with the table.  
Type: Array of strings  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [namespaceId](#API_s3Buckets_GetTable_ResponseSyntax) **   
The unique identifier of the namespace containing this table.  
Type: String

 ** [ownerAccountId](#API_s3Buckets_GetTable_ResponseSyntax) **   
The ID of the account that owns the table.  
Type: String  
Length Constraints: Fixed length of 12.  
Pattern: `[0-9].*` 

 ** [tableARN](#API_s3Buckets_GetTable_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})` 

 ** [tableBucketId](#API_s3Buckets_GetTable_ResponseSyntax) **   
The unique identifier of the table bucket containing this table.  
Type: String

 ** [type](#API_s3Buckets_GetTable_ResponseSyntax) **   
The type of the table.  
Type: String  
Valid Values: `customer | aws` 

 ** [versionToken](#API_s3Buckets_GetTable_ResponseSyntax) **   
The version token of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [warehouseLocation](#API_s3Buckets_GetTable_ResponseSyntax) **   
The warehouse location of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTable) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTable) 

# GetTableBucket


Gets details on a table bucket. For more information, see [Viewing details about an Amazon S3 table bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-buckets-details.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:GetTableBucket` permission to use this operation. 

## Request Syntax


```
GET /buckets/tableBucketARN HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_GetTableBucket_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "arn": "string",
   "createdAt": "string",
   "name": "string",
   "ownerAccountId": "string",
   "tableBucketId": "string",
   "type": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [arn](#API_s3Buckets_GetTableBucket_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Type: String  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})` 

 ** [createdAt](#API_s3Buckets_GetTableBucket_ResponseSyntax) **   
The date and time the table bucket was created.  
Type: Timestamp

 ** [name](#API_s3Buckets_GetTableBucket_ResponseSyntax) **   
The name of the table bucket  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Pattern: `[0-9a-z-]*` 

 ** [ownerAccountId](#API_s3Buckets_GetTableBucket_ResponseSyntax) **   
The ID of the account that owns the table bucket.  
Type: String  
Length Constraints: Fixed length of 12.  
Pattern: `[0-9].*` 

 ** [tableBucketId](#API_s3Buckets_GetTableBucket_ResponseSyntax) **   
The unique identifier of the table bucket.  
Type: String

 ** [type](#API_s3Buckets_GetTableBucket_ResponseSyntax) **   
The type of the table bucket.  
Type: String  
Valid Values: `customer | aws` 

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableBucket) 

# GetTableBucketEncryption


Gets the encryption configuration for a table bucket.

Permissions  
You must have the `s3tables:GetTableBucketEncryption` permission to use this operation.

## Request Syntax


```
GET /buckets/tableBucketARN/encryption HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketEncryption_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "encryptionConfiguration": { 
      "kmsKeyArn": "string",
      "sseAlgorithm": "string"
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [encryptionConfiguration](#API_s3Buckets_GetTableBucketEncryption_ResponseSyntax) **   
The encryption configuration for the table bucket.  
Type: [EncryptionConfiguration](API_s3Buckets_EncryptionConfiguration.md) object

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableBucketEncryption) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableBucketEncryption) 

# GetTableBucketMaintenanceConfiguration


Gets details about a maintenance configuration for a given table bucket. For more information, see [Amazon S3 table bucket maintenance](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-table-buckets-maintenance.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:GetTableBucketMaintenanceConfiguration` permission to use this operation. 

## Request Syntax


```
GET /buckets/tableBucketARN/maintenance HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketMaintenanceConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket associated with the maintenance configuration.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "configuration": { 
      "string" : { 
         "settings": { ... },
         "status": "string"
      }
   },
   "tableBucketARN": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [configuration](#API_s3Buckets_GetTableBucketMaintenanceConfiguration_ResponseSyntax) **   
Details about the maintenance configuration for the table bucket.  
Type: String to [TableBucketMaintenanceConfigurationValue](API_s3Buckets_TableBucketMaintenanceConfigurationValue.md) object map  
Valid Keys: `icebergUnreferencedFileRemoval` 

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketMaintenanceConfiguration_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table bucket associated with the maintenance configuration.  
Type: String  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableBucketMaintenanceConfiguration) 

# GetTableBucketMetricsConfiguration


Gets the metrics configuration for a table bucket.

Permissions  
You must have the `s3tables:GetTableBucketMetricsConfiguration` permission to use this operation.

## Request Syntax


```
GET /buckets/tableBucketARN/metrics HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketMetricsConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "id": "string",
   "tableBucketARN": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [id](#API_s3Buckets_GetTableBucketMetricsConfiguration_ResponseSyntax) **   
The unique identifier of the metrics configuration.  
Type: String

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketMetricsConfiguration_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Type: String  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableBucketMetricsConfiguration) 

# GetTableBucketPolicy


Gets details about a table bucket policy. For more information, see [Viewing a table bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-bucket-policy.html#table-bucket-policy-get) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:GetTableBucketPolicy` permission to use this operation. 

## Request Syntax


```
GET /buckets/tableBucketARN/policy HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketPolicy_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "resourcePolicy": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [resourcePolicy](#API_s3Buckets_GetTableBucketPolicy_ResponseSyntax) **   
The `JSON` that defines the policy.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 20480.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableBucketPolicy) 

# GetTableBucketReplication


Retrieves the replication configuration for a table bucket.This operation returns the IAM role, `versionToken`, and replication rules that define how tables in this bucket are replicated to other buckets.

Permissions  
You must have the `s3tables:GetTableBucketReplication` permission to use this operation.

## Request Syntax


```
GET /table-bucket-replication?tableBucketARN=tableBucketARN HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketReplication_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "configuration": { 
      "role": "string",
      "rules": [ 
         { 
            "destinations": [ 
               { 
                  "destinationTableBucketARN": "string"
               }
            ]
         }
      ]
   },
   "versionToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [configuration](#API_s3Buckets_GetTableBucketReplication_ResponseSyntax) **   
The replication configuration for the table bucket, including the IAM role and replication rules.  
Type: [TableBucketReplicationConfiguration](API_s3Buckets_TableBucketReplicationConfiguration.md) object

 ** [versionToken](#API_s3Buckets_GetTableBucketReplication_ResponseSyntax) **   
A version token that represents the current state of the replication configuration. Use this token when updating the configuration to ensure consistency.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableBucketReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableBucketReplication) 

# GetTableBucketStorageClass


Retrieves the storage class configuration for a specific table. This allows you to view the storage class settings that apply to an individual table, which may differ from the table bucket's default configuration.

Permissions  
You must have the `s3tables:GetTableBucketStorageClass` permission to use this operation.

## Request Syntax


```
GET /buckets/tableBucketARN/storage-class HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_GetTableBucketStorageClass_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "storageClassConfiguration": { 
      "storageClass": "string"
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [storageClassConfiguration](#API_s3Buckets_GetTableBucketStorageClass_ResponseSyntax) **   
The storage class configuration for the table bucket.  
Type: [StorageClassConfiguration](API_s3Buckets_StorageClassConfiguration.md) object

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableBucketStorageClass) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableBucketStorageClass) 

# GetTableEncryption


Gets the encryption configuration for a table.

Permissions  
You must have the `s3tables:GetTableEncryption` permission to use this operation.

## Request Syntax


```
GET /tables/tableBucketARN/namespace/name/encryption HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_GetTableEncryption_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_GetTableEncryption_RequestSyntax) **   
The namespace associated with the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_GetTableEncryption_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket containing the table.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "encryptionConfiguration": { 
      "kmsKeyArn": "string",
      "sseAlgorithm": "string"
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [encryptionConfiguration](#API_s3Buckets_GetTableEncryption_ResponseSyntax) **   
The encryption configuration for the table.  
Type: [EncryptionConfiguration](API_s3Buckets_EncryptionConfiguration.md) object

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableEncryption) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableEncryption) 

# GetTableMaintenanceConfiguration


Gets details about the maintenance configuration of a table. For more information, see [S3 Tables maintenance](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-maintenance.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
+ You must have the `s3tables:GetTableMaintenanceConfiguration` permission to use this operation. 
+ You must have the `s3tables:GetTableData` permission to use set the compaction strategy to `sort` or `zorder`.

## Request Syntax


```
GET /tables/tableBucketARN/namespace/name/maintenance HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_GetTableMaintenanceConfiguration_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_GetTableMaintenanceConfiguration_RequestSyntax) **   
The namespace associated with the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_GetTableMaintenanceConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "configuration": { 
      "string" : { 
         "settings": { ... },
         "status": "string"
      }
   },
   "tableARN": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [configuration](#API_s3Buckets_GetTableMaintenanceConfiguration_ResponseSyntax) **   
Details about the maintenance configuration for the table bucket.  
Type: String to [TableMaintenanceConfigurationValue](API_s3Buckets_TableMaintenanceConfigurationValue.md) object map  
Valid Keys: `icebergCompaction | icebergSnapshotManagement` 

 ** [tableARN](#API_s3Buckets_GetTableMaintenanceConfiguration_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableMaintenanceConfiguration) 

# GetTableMaintenanceJobStatus


Gets the status of a maintenance job for a table. For more information, see [S3 Tables maintenance](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-maintenance.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:GetTableMaintenanceJobStatus` permission to use this operation. 

## Request Syntax


```
GET /tables/tableBucketARN/namespace/name/maintenance-job-status HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_GetTableMaintenanceJobStatus_RequestSyntax) **   
The name of the table containing the maintenance job status you want to check.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_GetTableMaintenanceJobStatus_RequestSyntax) **   
The name of the namespace the table is associated with.   
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_GetTableMaintenanceJobStatus_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "status": { 
      "string" : { 
         "failureMessage": "string",
         "lastRunTimestamp": "string",
         "status": "string"
      }
   },
   "tableARN": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [status](#API_s3Buckets_GetTableMaintenanceJobStatus_ResponseSyntax) **   
The status of the maintenance job.  
Type: String to [TableMaintenanceJobStatusValue](API_s3Buckets_TableMaintenanceJobStatusValue.md) object map  
Valid Keys: `icebergCompaction | icebergSnapshotManagement | icebergUnreferencedFileRemoval` 

 ** [tableARN](#API_s3Buckets_GetTableMaintenanceJobStatus_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableMaintenanceJobStatus) 

# GetTableMetadataLocation


Gets the location of the table metadata.

Permissions  
You must have the `s3tables:GetTableMetadataLocation` permission to use this operation. 

## Request Syntax


```
GET /tables/tableBucketARN/namespace/name/metadata-location HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_GetTableMetadataLocation_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_GetTableMetadataLocation_RequestSyntax) **   
The namespace of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_GetTableMetadataLocation_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "metadataLocation": "string",
   "versionToken": "string",
   "warehouseLocation": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [metadataLocation](#API_s3Buckets_GetTableMetadataLocation_ResponseSyntax) **   
The metadata location.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [versionToken](#API_s3Buckets_GetTableMetadataLocation_ResponseSyntax) **   
The version token.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [warehouseLocation](#API_s3Buckets_GetTableMetadataLocation_ResponseSyntax) **   
The warehouse location.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableMetadataLocation) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableMetadataLocation) 

# GetTablePolicy


Gets details about a table policy. For more information, see [Viewing a table policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-table-policy.html#table-policy-get) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:GetTablePolicy` permission to use this operation. 

## Request Syntax


```
GET /tables/tableBucketARN/namespace/name/policy HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_GetTablePolicy_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_GetTablePolicy_RequestSyntax) **   
The namespace associated with the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_GetTablePolicy_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket that contains the table.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "resourcePolicy": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [resourcePolicy](#API_s3Buckets_GetTablePolicy_ResponseSyntax) **   
The `JSON` that defines the policy.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 20480.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTablePolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTablePolicy) 

# GetTableRecordExpirationConfiguration


Retrieves the expiration configuration settings for records in a table, and the status of the configuration. If the status of the configuration is `enabled`, records expire and are automatically removed from the table after the specified number of days.

Permissions  
You must have the `s3tables:GetTableRecordExpirationConfiguration` permission to use this operation.

## Request Syntax


```
GET /table-record-expiration?tableArn=tableArn HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableArn](#API_s3Buckets_GetTableRecordExpirationConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "configuration": { 
      "settings": { 
         "days": number
      },
      "status": "string"
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [configuration](#API_s3Buckets_GetTableRecordExpirationConfiguration_ResponseSyntax) **   
The record expiration configuration for the table, including the status and retention settings.  
Type: [TableRecordExpirationConfigurationValue](API_s3Buckets_TableRecordExpirationConfigurationValue.md) object

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** MethodNotAllowedException **   
The requested operation is not allowed on this resource. This may occur when attempting to modify a resource that is managed by a service or has restrictions that prevent the operation.  
HTTP Status Code: 405

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableRecordExpirationConfiguration) 

# GetTableRecordExpirationJobStatus


Retrieves the status, metrics, and details of the latest record expiration job for a table. This includes when the job ran, and whether it succeeded or failed. If the job ran successfully, this also includes statistics about the records that were removed.

Permissions  
You must have the `s3tables:GetTableRecordExpirationJobStatus` permission to use this operation.

## Request Syntax


```
GET /table-record-expiration-job-status?tableArn=tableArn HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableArn](#API_s3Buckets_GetTableRecordExpirationJobStatus_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "failureMessage": "string",
   "lastRunTimestamp": "string",
   "metrics": { 
      "deletedDataFiles": number,
      "deletedRecords": number,
      "removedFilesSize": number
   },
   "status": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [failureMessage](#API_s3Buckets_GetTableRecordExpirationJobStatus_ResponseSyntax) **   
If the job failed, this field contains an error message describing the failure reason.  
Type: String

 ** [lastRunTimestamp](#API_s3Buckets_GetTableRecordExpirationJobStatus_ResponseSyntax) **   
The timestamp when the expiration job was last executed.  
Type: Timestamp

 ** [metrics](#API_s3Buckets_GetTableRecordExpirationJobStatus_ResponseSyntax) **   
Metrics about the most recent expiration job execution, including the number of records and files deleted.  
Type: [TableRecordExpirationJobMetrics](API_s3Buckets_TableRecordExpirationJobMetrics.md) object

 ** [status](#API_s3Buckets_GetTableRecordExpirationJobStatus_ResponseSyntax) **   
The current status of the most recent expiration job.  
Type: String  
Valid Values: `NotYetRun | Successful | Failed | Disabled` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** MethodNotAllowedException **   
The requested operation is not allowed on this resource. This may occur when attempting to modify a resource that is managed by a service or has restrictions that prevent the operation.  
HTTP Status Code: 405

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableRecordExpirationJobStatus) 

# GetTableReplication


Retrieves the replication configuration for a specific table.

Permissions  
You must have the `s3tables:GetTableReplication` permission to use this operation.

## Request Syntax


```
GET /table-replication?tableArn=tableArn HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableArn](#API_s3Buckets_GetTableReplication_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "configuration": { 
      "role": "string",
      "rules": [ 
         { 
            "destinations": [ 
               { 
                  "destinationTableBucketARN": "string"
               }
            ]
         }
      ]
   },
   "versionToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [configuration](#API_s3Buckets_GetTableReplication_ResponseSyntax) **   
The replication configuration for the table, including the IAM role and replication rules.  
Type: [TableReplicationConfiguration](API_s3Buckets_TableReplicationConfiguration.md) object

 ** [versionToken](#API_s3Buckets_GetTableReplication_ResponseSyntax) **   
A version token that represents the current state of the table's replication configuration. Use this token when updating the configuration to ensure consistency.  
Type: String

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableReplication) 

# GetTableReplicationStatus


Retrieves the replication status for a table, including the status of replication to each destination. This operation provides visibility into replication health and progress.

Permissions  
You must have the `s3tables:GetTableReplicationStatus` permission to use this operation.

## Request Syntax


```
GET /replication-status?tableArn=tableArn HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableArn](#API_s3Buckets_GetTableReplicationStatus_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "destinations": [ 
      { 
         "destinationTableArn": "string",
         "destinationTableBucketArn": "string",
         "failureMessage": "string",
         "lastSuccessfulReplicatedUpdate": { 
            "metadataLocation": "string",
            "timestamp": "string"
         },
         "replicationStatus": "string"
      }
   ],
   "sourceTableArn": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [destinations](#API_s3Buckets_GetTableReplicationStatus_ResponseSyntax) **   
An array of status information for each replication destination, including the current state, last successful update, and any error messages.  
Type: Array of [ReplicationDestinationStatusModel](API_s3Buckets_ReplicationDestinationStatusModel.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 5 items.

 ** [sourceTableArn](#API_s3Buckets_GetTableReplicationStatus_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the source table being replicated.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})` 

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableReplicationStatus) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableReplicationStatus) 

# GetTableStorageClass


Retrieves the storage class configuration for a specific table. This allows you to view the storage class settings that apply to an individual table, which may differ from the table bucket's default configuration.

Permissions  
You must have the `s3tables:GetTableStorageClass` permission to use this operation.

## Request Syntax


```
GET /tables/tableBucketARN/namespace/name/storage-class HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_GetTableStorageClass_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_GetTableStorageClass_RequestSyntax) **   
The namespace associated with the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_GetTableStorageClass_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket that contains the table.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "storageClassConfiguration": { 
      "storageClass": "string"
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [storageClassConfiguration](#API_s3Buckets_GetTableStorageClass_ResponseSyntax) **   
The storage class configuration for the table.  
Type: [StorageClassConfiguration](API_s3Buckets_StorageClassConfiguration.md) object

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/GetTableStorageClass) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/GetTableStorageClass) 

# ListNamespaces


Lists the namespaces within a table bucket. For more information, see [Table namespaces](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-namespace.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:ListNamespaces` permission to use this operation. 

## Request Syntax


```
GET /namespaces/tableBucketARN?continuationToken=continuationToken&maxNamespaces=maxNamespaces&prefix=prefix HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [continuationToken](#API_s3Buckets_ListNamespaces_RequestSyntax) **   
 `ContinuationToken` indicates to Amazon S3 that the list is being continued on this bucket with a token. `ContinuationToken` is obfuscated and is not a real key. You can use this `ContinuationToken` for pagination of the list results.  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [maxNamespaces](#API_s3Buckets_ListNamespaces_RequestSyntax) **   
The maximum number of namespaces to return in the list.  
Valid Range: Minimum value of 1. Maximum value of 1000.

 ** [prefix](#API_s3Buckets_ListNamespaces_RequestSyntax) **   
The prefix of the namespaces.  
Length Constraints: Minimum length of 1. Maximum length of 255.

 ** [tableBucketARN](#API_s3Buckets_ListNamespaces_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "continuationToken": "string",
   "namespaces": [ 
      { 
         "createdAt": "string",
         "createdBy": "string",
         "namespace": [ "string" ],
         "namespaceId": "string",
         "ownerAccountId": "string",
         "tableBucketId": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [continuationToken](#API_s3Buckets_ListNamespaces_ResponseSyntax) **   
The `ContinuationToken` for pagination of the list results.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [namespaces](#API_s3Buckets_ListNamespaces_ResponseSyntax) **   
A list of namespaces.  
Type: Array of [NamespaceSummary](API_s3Buckets_NamespaceSummary.md) objects

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/ListNamespaces) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/ListNamespaces) 

# ListTableBuckets


Lists table buckets for your account. For more information, see [S3 Table buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-buckets.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:ListTableBuckets` permission to use this operation. 

## Request Syntax


```
GET /buckets?continuationToken=continuationToken&maxBuckets=maxBuckets&prefix=prefix&type=type HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [continuationToken](#API_s3Buckets_ListTableBuckets_RequestSyntax) **   
 `ContinuationToken` indicates to Amazon S3 that the list is being continued on this bucket with a token. `ContinuationToken` is obfuscated and is not a real key. You can use this `ContinuationToken` for pagination of the list results.  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [maxBuckets](#API_s3Buckets_ListTableBuckets_RequestSyntax) **   
The maximum number of table buckets to return in the list.  
Valid Range: Minimum value of 1. Maximum value of 1000.

 ** [prefix](#API_s3Buckets_ListTableBuckets_RequestSyntax) **   
The prefix of the table buckets.  
Length Constraints: Minimum length of 1. Maximum length of 63.

 ** [type](#API_s3Buckets_ListTableBuckets_RequestSyntax) **   
The type of table buckets to filter by in the list.  
Valid Values: `customer | aws` 

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "continuationToken": "string",
   "tableBuckets": [ 
      { 
         "arn": "string",
         "createdAt": "string",
         "name": "string",
         "ownerAccountId": "string",
         "tableBucketId": "string",
         "type": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [continuationToken](#API_s3Buckets_ListTableBuckets_ResponseSyntax) **   
You can use this `ContinuationToken` for pagination of the list results.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [tableBuckets](#API_s3Buckets_ListTableBuckets_ResponseSyntax) **   
A list of table buckets.  
Type: Array of [TableBucketSummary](API_s3Buckets_TableBucketSummary.md) objects

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/ListTableBuckets) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/ListTableBuckets) 

# ListTables


List tables in the given table bucket. For more information, see [S3 Tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-tables.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:ListTables` permission to use this operation. 

## Request Syntax


```
GET /tables/tableBucketARN?continuationToken=continuationToken&maxTables=maxTables&namespace=namespace&prefix=prefix HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [continuationToken](#API_s3Buckets_ListTables_RequestSyntax) **   
 `ContinuationToken` indicates to Amazon S3 that the list is being continued on this bucket with a token. `ContinuationToken` is obfuscated and is not a real key. You can use this `ContinuationToken` for pagination of the list results.  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [maxTables](#API_s3Buckets_ListTables_RequestSyntax) **   
The maximum number of tables to return.  
Valid Range: Minimum value of 1. Maximum value of 1000.

 ** [namespace](#API_s3Buckets_ListTables_RequestSyntax) **   
The namespace of the tables.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [prefix](#API_s3Buckets_ListTables_RequestSyntax) **   
The prefix of the tables.  
Length Constraints: Minimum length of 1. Maximum length of 255.

 ** [tableBucketARN](#API_s3Buckets_ListTables_RequestSyntax) **   
The Amazon resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "continuationToken": "string",
   "tables": [ 
      { 
         "createdAt": "string",
         "managedByService": "string",
         "modifiedAt": "string",
         "name": "string",
         "namespace": [ "string" ],
         "namespaceId": "string",
         "tableARN": "string",
         "tableBucketId": "string",
         "type": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [continuationToken](#API_s3Buckets_ListTables_ResponseSyntax) **   
You can use this `ContinuationToken` for pagination of the list results.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [tables](#API_s3Buckets_ListTables_ResponseSyntax) **   
A list of tables.  
Type: Array of [TableSummary](API_s3Buckets_TableSummary.md) objects

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/ListTables) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/ListTables) 

# ListTagsForResource


Lists all of the tags applied to a specified Amazon S3 Tables resource. Each tag is a label consisting of a key and value pair. Tags can help you organize, track costs for, and control access to resources. 

**Note**  
For a list of S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).

Permissions  
For tables and table buckets, you must have the `s3tables:ListTagsForResource` permission to use this operation.

## Request Syntax


```
GET /tag/resourceArn HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_s3Buckets_ListTagsForResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the Amazon S3 Tables resource that you want to list tags for. The tagged resource can be a table bucket or a table. For a list of all S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/.+`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "tags": { 
      "string" : "string" 
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [tags](#API_s3Buckets_ListTagsForResource_ResponseSyntax) **   
The user-defined tags that are applied to the resource. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Value Length Constraints: Minimum length of 0. Maximum length of 256.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/ListTagsForResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/ListTagsForResource) 

# PutTableBucketEncryption


Sets the encryption configuration for a table bucket.

Permissions  
You must have the `s3tables:PutTableBucketEncryption` permission to use this operation.  
If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see [Permissions requirements for S3 Tables SSE-KMS encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-kms-permissions.html) in the *Amazon Simple Storage Service User Guide*.

## Request Syntax


```
PUT /buckets/tableBucketARN/encryption HTTP/1.1
Content-type: application/json

{
   "encryptionConfiguration": { 
      "kmsKeyArn": "string",
      "sseAlgorithm": "string"
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_PutTableBucketEncryption_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [encryptionConfiguration](#API_s3Buckets_PutTableBucketEncryption_RequestSyntax) **   
The encryption configuration to apply to the table bucket.  
Type: [EncryptionConfiguration](API_s3Buckets_EncryptionConfiguration.md) object  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableBucketEncryption) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableBucketEncryption) 

# PutTableBucketMaintenanceConfiguration


Creates a new maintenance configuration or replaces an existing maintenance configuration for a table bucket. For more information, see [Amazon S3 table bucket maintenance](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-table-buckets-maintenance.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:PutTableBucketMaintenanceConfiguration` permission to use this operation. 

## Request Syntax


```
PUT /buckets/tableBucketARN/maintenance/type HTTP/1.1
Content-type: application/json

{
   "value": { 
      "settings": { ... },
      "status": "string"
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_PutTableBucketMaintenanceConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket associated with the maintenance configuration.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

 ** [type](#API_s3Buckets_PutTableBucketMaintenanceConfiguration_RequestSyntax) **   
The type of the maintenance configuration.  
Valid Values: `icebergUnreferencedFileRemoval`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [value](#API_s3Buckets_PutTableBucketMaintenanceConfiguration_RequestSyntax) **   
Defines the values of the maintenance configuration for the table bucket.  
Type: [TableBucketMaintenanceConfigurationValue](API_s3Buckets_TableBucketMaintenanceConfigurationValue.md) object  
Required: Yes

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableBucketMaintenanceConfiguration) 

# PutTableBucketMetricsConfiguration


Sets the metrics configuration for a table bucket.

Permissions  
You must have the `s3tables:PutTableBucketMetricsConfiguration` permission to use this operation.

## Request Syntax


```
PUT /buckets/tableBucketARN/metrics HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_PutTableBucketMetricsConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableBucketMetricsConfiguration) 

# PutTableBucketPolicy


Creates a new table bucket policy or replaces an existing table bucket policy for a table bucket. For more information, see [Adding a table bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-bucket-policy.html#table-bucket-policy-add) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:PutTableBucketPolicy` permission to use this operation. 

## Request Syntax


```
PUT /buckets/tableBucketARN/policy HTTP/1.1
Content-type: application/json

{
   "resourcePolicy": "string"
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_PutTableBucketPolicy_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [resourcePolicy](#API_s3Buckets_PutTableBucketPolicy_RequestSyntax) **   
The `JSON` that defines the policy.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 20480.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableBucketPolicy) 

# PutTableBucketReplication


Creates or updates the replication configuration for a table bucket. This operation defines how tables in the source bucket are replicated to destination buckets. Replication helps ensure data availability and disaster recovery across regions or accounts.

Permissions  
+ You must have the `s3tables:PutTableBucketReplication` permission to use this operation. The IAM role specified in the configuration must have permissions to read from the source bucket and write permissions to all destination buckets.
+ You must also have the following permissions:
  +  `s3tables:GetTable` permission on the source table.
  +  `s3tables:ListTables` permission on the bucket containing the table.
  +  `s3tables:CreateTable` permission for the destination.
  +  `s3tables:CreateNamespace` permission for the destination.
  +  `s3tables:GetTableMaintenanceConfig` permission for the source bucket.
  +  `s3tables:PutTableMaintenanceConfig` permission for the destination bucket.
+ You must have `iam:PassRole` permission with condition allowing roles to be passed to `replication.s3tables.amazonaws.com`.

## Request Syntax


```
PUT /table-bucket-replication?tableBucketARN=tableBucketARN&versionToken=versionToken HTTP/1.1
Content-type: application/json

{
   "configuration": { 
      "role": "string",
      "rules": [ 
         { 
            "destinations": [ 
               { 
                  "destinationTableBucketARN": "string"
               }
            ]
         }
      ]
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_PutTableBucketReplication_RequestSyntax) **   
The Amazon Resource Name (ARN) of the source table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

 ** [versionToken](#API_s3Buckets_PutTableBucketReplication_RequestSyntax) **   
A version token from a previous GetTableBucketReplication call. Use this token to ensure you're updating the expected version of the configuration.  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Request Body


The request accepts the following data in JSON format.

 ** [configuration](#API_s3Buckets_PutTableBucketReplication_RequestSyntax) **   
The replication configuration to apply, including the IAM role and replication rules.  
Type: [TableBucketReplicationConfiguration](API_s3Buckets_TableBucketReplicationConfiguration.md) object  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "status": "string",
   "versionToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [status](#API_s3Buckets_PutTableBucketReplication_ResponseSyntax) **   
The status of the replication configuration operation.  
Type: String

 ** [versionToken](#API_s3Buckets_PutTableBucketReplication_ResponseSyntax) **   
A new version token representing the updated replication configuration.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableBucketReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableBucketReplication) 

# PutTableBucketStorageClass


Sets or updates the storage class configuration for a table bucket. This configuration serves as the default storage class for all new tables created in the bucket, allowing you to optimize storage costs at the bucket level.

Permissions  
You must have the `s3tables:PutTableBucketStorageClass` permission to use this operation.

## Request Syntax


```
PUT /buckets/tableBucketARN/storage-class HTTP/1.1
Content-type: application/json

{
   "storageClassConfiguration": { 
      "storageClass": "string"
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableBucketARN](#API_s3Buckets_PutTableBucketStorageClass_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [storageClassConfiguration](#API_s3Buckets_PutTableBucketStorageClass_RequestSyntax) **   
The storage class configuration to apply to the table bucket. This configuration will serve as the default for new tables created in this bucket.  
Type: [StorageClassConfiguration](API_s3Buckets_StorageClassConfiguration.md) object  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableBucketStorageClass) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableBucketStorageClass) 

# PutTableMaintenanceConfiguration


Creates a new maintenance configuration or replaces an existing maintenance configuration for a table. For more information, see [S3 Tables maintenance](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-maintenance.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:PutTableMaintenanceConfiguration` permission to use this operation. 

## Request Syntax


```
PUT /tables/tableBucketARN/namespace/name/maintenance/type HTTP/1.1
Content-type: application/json

{
   "value": { 
      "settings": { ... },
      "status": "string"
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_PutTableMaintenanceConfiguration_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_PutTableMaintenanceConfiguration_RequestSyntax) **   
The namespace of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_PutTableMaintenanceConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table associated with the maintenance configuration.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

 ** [type](#API_s3Buckets_PutTableMaintenanceConfiguration_RequestSyntax) **   
The type of the maintenance configuration.  
Valid Values: `icebergCompaction | icebergSnapshotManagement`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [value](#API_s3Buckets_PutTableMaintenanceConfiguration_RequestSyntax) **   
Defines the values of the maintenance configuration for the table.  
Type: [TableMaintenanceConfigurationValue](API_s3Buckets_TableMaintenanceConfigurationValue.md) object  
Required: Yes

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableMaintenanceConfiguration) 

# PutTablePolicy


Creates a new table policy or replaces an existing table policy for a table. For more information, see [Adding a table policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-table-policy.html#table-policy-add) in the *Amazon Simple Storage Service User Guide*. 

Permissions  
You must have the `s3tables:PutTablePolicy` permission to use this operation. 

## Request Syntax


```
PUT /tables/tableBucketARN/namespace/name/policy HTTP/1.1
Content-type: application/json

{
   "resourcePolicy": "string"
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_PutTablePolicy_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_PutTablePolicy_RequestSyntax) **   
The namespace associated with the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_PutTablePolicy_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket that contains the table.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [resourcePolicy](#API_s3Buckets_PutTablePolicy_RequestSyntax) **   
The `JSON` that defines the policy.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 20480.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTablePolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTablePolicy) 

# PutTableRecordExpirationConfiguration


Creates or updates the expiration configuration settings for records in a table, including the status of the configuration. If you enable record expiration for a table, records expire and are automatically removed from the table after the number of days that you specify.

Permissions  
You must have the `s3tables:PutTableRecordExpirationConfiguration` permission to use this operation.

## Request Syntax


```
PUT /table-record-expiration?tableArn=tableArn HTTP/1.1
Content-type: application/json

{
   "value": { 
      "settings": { 
         "days": number
      },
      "status": "string"
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableArn](#API_s3Buckets_PutTableRecordExpirationConfiguration_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [value](#API_s3Buckets_PutTableRecordExpirationConfiguration_RequestSyntax) **   
The record expiration configuration to apply to the table, including the status (`enabled` or `disabled`) and retention period in days.  
Type: [TableRecordExpirationConfigurationValue](API_s3Buckets_TableRecordExpirationConfigurationValue.md) object  
Required: Yes

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** MethodNotAllowedException **   
The requested operation is not allowed on this resource. This may occur when attempting to modify a resource that is managed by a service or has restrictions that prevent the operation.  
HTTP Status Code: 405

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableRecordExpirationConfiguration) 

# PutTableReplication


Creates or updates the replication configuration for a specific table. This operation allows you to define table-level replication independently of bucket-level replication, providing granular control over which tables are replicated and where.

Permissions  
+ You must have the `s3tables:PutTableReplication` permission to use this operation. The IAM role specified in the configuration must have permissions to read from the source table and write to all destination tables.
+ You must also have the following permissions:
  +  `s3tables:GetTable` permission on the source table being replicated.
  +  `s3tables:CreateTable` permission for the destination.
  +  `s3tables:CreateNamespace` permission for the destination.
  +  `s3tables:GetTableMaintenanceConfig` permission for the source table.
  +  `s3tables:PutTableMaintenanceConfig` permission for the destination table.
+ You must have `iam:PassRole` permission with condition allowing roles to be passed to `replication.s3tables.amazonaws.com`.

## Request Syntax


```
PUT /table-replication?tableArn=tableArn&versionToken=versionToken HTTP/1.1
Content-type: application/json

{
   "configuration": { 
      "role": "string",
      "rules": [ 
         { 
            "destinations": [ 
               { 
                  "destinationTableBucketARN": "string"
               }
            ]
         }
      ]
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [tableArn](#API_s3Buckets_PutTableReplication_RequestSyntax) **   
The Amazon Resource Name (ARN) of the source table.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})`   
Required: Yes

 ** [versionToken](#API_s3Buckets_PutTableReplication_RequestSyntax) **   
A version token from a previous GetTableReplication call. Use this token to ensure you're updating the expected version of the configuration.

## Request Body


The request accepts the following data in JSON format.

 ** [configuration](#API_s3Buckets_PutTableReplication_RequestSyntax) **   
The replication configuration to apply to the table, including the IAM role and replication rules.  
Type: [TableReplicationConfiguration](API_s3Buckets_TableReplicationConfiguration.md) object  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "status": "string",
   "versionToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [status](#API_s3Buckets_PutTableReplication_ResponseSyntax) **   
The status of the replication configuration operation.  
Type: String

 ** [versionToken](#API_s3Buckets_PutTableReplication_ResponseSyntax) **   
A new version token representing the updated replication configuration.  
Type: String

## Errors


 ** AccessDeniedException **   
The action cannot be performed because you do not have the required permission.  
HTTP Status Code: 403

 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/PutTableReplication) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/PutTableReplication) 

# RenameTable


Renames a table or a namespace. For more information, see [S3 Tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-tables.html) in the *Amazon Simple Storage Service User Guide*.

Permissions  
You must have the `s3tables:RenameTable` permission to use this operation. 

## Request Syntax


```
PUT /tables/tableBucketARN/namespace/name/rename HTTP/1.1
Content-type: application/json

{
   "newName": "string",
   "newNamespaceName": "string",
   "versionToken": "string"
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_RenameTable_RequestSyntax) **   
The current name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_RenameTable_RequestSyntax) **   
The namespace associated with the table.   
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_RenameTable_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.   
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [newName](#API_s3Buckets_RenameTable_RequestSyntax) **   
The new name for the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: No

 ** [newNamespaceName](#API_s3Buckets_RenameTable_RequestSyntax) **   
The new name for the namespace.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: No

 ** [versionToken](#API_s3Buckets_RenameTable_RequestSyntax) **   
The version token of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Required: No

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/RenameTable) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/RenameTable) 

# TagResource


Applies one or more user-defined tags to an Amazon S3 Tables resource or updates existing tags. Each tag is a label consisting of a key and value pair. Tags can help you organize, track costs for, and control access to your resources. You can add up to 50 tags for each S3 resource. 

**Note**  
For a list of S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).

Permissions  
For tables and table buckets, you must have the `s3tables:TagResource` permission to use this operation.

## Request Syntax


```
POST /tag/resourceArn HTTP/1.1
Content-type: application/json

{
   "tags": { 
      "string" : "string" 
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_s3Buckets_TagResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the Amazon S3 Tables resource that you're applying tags to. The tagged resource can be a table bucket or a table. For a list of all S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/.+`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [tags](#API_s3Buckets_TagResource_RequestSyntax) **   
The user-defined tag that you want to add to the specified S3 Tables resource. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Value Length Constraints: Minimum length of 0. Maximum length of 256.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/TagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/TagResource) 

# UntagResource


Removes the specified user-defined tags from an Amazon S3 Tables resource. You can pass one or more tag keys. 

**Note**  
For a list of S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).

Permissions  
For tables and table buckets, you must have the `s3tables:UntagResource` permission to use this operation.

## Request Syntax


```
DELETE /tag/resourceArn?tagKeys=tagKeys HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_s3Buckets_UntagResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the Amazon S3 Tables resource that you're removing tags from. The tagged resource can be a table bucket or a table. For a list of all S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/.+`   
Required: Yes

 ** [tagKeys](#API_s3Buckets_UntagResource_RequestSyntax) **   
The array of tag keys that you're removing from the S3 Tables resource. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
Length Constraints: Minimum length of 1. Maximum length of 128.  
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/UntagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/UntagResource) 

# UpdateTableMetadataLocation


Updates the metadata location for a table. The metadata location of a table must be an S3 URI that begins with the table's warehouse location. The metadata location for an Apache Iceberg table must end with `.metadata.json`, or if the metadata file is Gzip-compressed, `.metadata.json.gz`.

Permissions  
You must have the `s3tables:UpdateTableMetadataLocation` permission to use this operation. 

## Request Syntax


```
PUT /tables/tableBucketARN/namespace/name/metadata-location HTTP/1.1
Content-type: application/json

{
   "metadataLocation": "string",
   "versionToken": "string"
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_s3Buckets_UpdateTableMetadataLocation_RequestSyntax) **   
The name of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [namespace](#API_s3Buckets_UpdateTableMetadataLocation_RequestSyntax) **   
The namespace of the table.  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*`   
Required: Yes

 ** [tableBucketARN](#API_s3Buckets_UpdateTableMetadataLocation_RequestSyntax) **   
The Amazon Resource Name (ARN) of the table bucket.   
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63})`   
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [metadataLocation](#API_s3Buckets_UpdateTableMetadataLocation_RequestSyntax) **   
The new metadata location for the table.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Required: Yes

 ** [versionToken](#API_s3Buckets_UpdateTableMetadataLocation_RequestSyntax) **   
The version token of the table.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "metadataLocation": "string",
   "name": "string",
   "namespace": [ "string" ],
   "tableARN": "string",
   "versionToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [metadataLocation](#API_s3Buckets_UpdateTableMetadataLocation_ResponseSyntax) **   
The metadata location of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [name](#API_s3Buckets_UpdateTableMetadataLocation_ResponseSyntax) **   
The name of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [namespace](#API_s3Buckets_UpdateTableMetadataLocation_ResponseSyntax) **   
The namespace the table is associated with.  
Type: Array of strings  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[0-9a-z_]*` 

 ** [tableARN](#API_s3Buckets_UpdateTableMetadataLocation_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-z0-9_-]{3,63}/table/[a-zA-Z0-9-_]{1,255})` 

 ** [versionToken](#API_s3Buckets_UpdateTableMetadataLocation_ResponseSyntax) **   
The version token of the table.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

## Errors


 ** BadRequestException **   
The request is invalid or malformed.  
HTTP Status Code: 400

 ** ConflictException **   
The request failed because there is a conflict with a previous write. You can retry the request.  
HTTP Status Code: 409

 ** ForbiddenException **   
The caller isn't authorized to make the request.  
HTTP Status Code: 403

 ** InternalServerErrorException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource could not be found.  
HTTP Status Code: 404

 ** TooManyRequestsException **   
The limit on the number of requests per second was exceeded.  
HTTP Status Code: 429

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3tables-2018-05-10/UpdateTableMetadataLocation) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3tables-2018-05-10/UpdateTableMetadataLocation) 

# Amazon S3 Vectors


The following actions are supported by Amazon S3 Vectors:
+  [CreateIndex](API_S3VectorBuckets_CreateIndex.md) 
+  [CreateVectorBucket](API_S3VectorBuckets_CreateVectorBucket.md) 
+  [DeleteIndex](API_S3VectorBuckets_DeleteIndex.md) 
+  [DeleteVectorBucket](API_S3VectorBuckets_DeleteVectorBucket.md) 
+  [DeleteVectorBucketPolicy](API_S3VectorBuckets_DeleteVectorBucketPolicy.md) 
+  [DeleteVectors](API_S3VectorBuckets_DeleteVectors.md) 
+  [GetIndex](API_S3VectorBuckets_GetIndex.md) 
+  [GetVectorBucket](API_S3VectorBuckets_GetVectorBucket.md) 
+  [GetVectorBucketPolicy](API_S3VectorBuckets_GetVectorBucketPolicy.md) 
+  [GetVectors](API_S3VectorBuckets_GetVectors.md) 
+  [ListIndexes](API_S3VectorBuckets_ListIndexes.md) 
+  [ListTagsForResource](API_S3VectorBuckets_ListTagsForResource.md) 
+  [ListVectorBuckets](API_S3VectorBuckets_ListVectorBuckets.md) 
+  [ListVectors](API_S3VectorBuckets_ListVectors.md) 
+  [PutVectorBucketPolicy](API_S3VectorBuckets_PutVectorBucketPolicy.md) 
+  [PutVectors](API_S3VectorBuckets_PutVectors.md) 
+  [QueryVectors](API_S3VectorBuckets_QueryVectors.md) 
+  [TagResource](API_S3VectorBuckets_TagResource.md) 
+  [UntagResource](API_S3VectorBuckets_UntagResource.md) 

# CreateIndex


Creates a vector index within a vector bucket. To specify the vector bucket, you must use either the vector bucket name or the vector bucket Amazon Resource Name (ARN).

Permissions  
You must have the `s3vectors:CreateIndex` permission to use this operation.  
You must have the `s3vectors:TagResource` permission in addition to `s3vectors:CreateIndex` permission to create a vector index with tags.

## Request Syntax


```
POST /CreateIndex HTTP/1.1
Content-type: application/json

{
   "dataType": "string",
   "dimension": number,
   "distanceMetric": "string",
   "encryptionConfiguration": { 
      "kmsKeyArn": "string",
      "sseType": "string"
   },
   "indexName": "string",
   "metadataConfiguration": { 
      "nonFilterableMetadataKeys": [ "string" ]
   },
   "tags": { 
      "string" : "string" 
   },
   "vectorBucketArn": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [dataType](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The data type of the vectors to be inserted into the vector index.   
Type: String  
Valid Values: `float32`   
Required: Yes

 ** [dimension](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The dimensions of the vectors to be inserted into the vector index.   
Type: Integer  
Valid Range: Minimum value of 1. Maximum value of 4096.  
Required: Yes

 ** [distanceMetric](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The distance metric to be used for similarity search.   
Type: String  
Valid Values: `euclidean | cosine`   
Required: Yes

 ** [encryptionConfiguration](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The encryption configuration for a vector index. By default, if you don't specify, all new vectors in the vector index will use the encryption configuration of the vector bucket.  
Type: [EncryptionConfiguration](API_S3VectorBuckets_EncryptionConfiguration.md) object  
Required: No

 ** [indexName](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The name of the vector index to create.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: Yes

 ** [metadataConfiguration](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The metadata configuration for the vector index.   
Type: [MetadataConfiguration](API_S3VectorBuckets_MetadataConfiguration.md) object  
Required: No

 ** [tags](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
An array of user-defined tags that you would like to apply to the vector index that you are creating. A tag is a key-value pair that you apply to your resources. Tags can help you organize, track costs, and control access to resources. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
You must have the `s3vectors:TagResource` permission in addition to `s3vectors:CreateIndex` permission to create a vector index with tags.
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Key Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Value Length Constraints: Minimum length of 0. Maximum length of 256.  
Value Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Required: No

 ** [vectorBucketArn](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The Amazon Resource Name (ARN) of the vector bucket to create the vector index in.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_CreateIndex_RequestSyntax) **   
The name of the vector bucket to create the vector index in.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "indexArn": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [indexArn](#API_S3VectorBuckets_CreateIndex_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the newly created vector index.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]` 

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** ConflictException **   
The request failed because a vector bucket name or a vector index name already exists. Vector bucket names must be unique within your AWS account for each AWS Region. Vector index names must be unique within your vector bucket. Choose a different vector bucket name or vector index name, and try again.  
HTTP Status Code: 409

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceQuotaExceededException **   
Your request exceeds a service quota.   
HTTP Status Code: 402

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/CreateIndex) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/CreateIndex) 

# CreateVectorBucket


Creates a vector bucket in the AWS Region that you want your bucket to be in. 

Permissions  
You must have the `s3vectors:CreateVectorBucket` permission to use this operation.   
You must have the `s3vectors:TagResource` permission in addition to `s3vectors:CreateVectorBucket` permission to create a vector bucket with tags.

## Request Syntax


```
POST /CreateVectorBucket HTTP/1.1
Content-type: application/json

{
   "encryptionConfiguration": { 
      "kmsKeyArn": "string",
      "sseType": "string"
   },
   "tags": { 
      "string" : "string" 
   },
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [encryptionConfiguration](#API_S3VectorBuckets_CreateVectorBucket_RequestSyntax) **   
The encryption configuration for the vector bucket. By default, if you don't specify, all new vectors in Amazon S3 vector buckets use server-side encryption with Amazon S3 managed keys (SSE-S3), specifically `AES256`.   
Type: [EncryptionConfiguration](API_S3VectorBuckets_EncryptionConfiguration.md) object  
Required: No

 ** [tags](#API_S3VectorBuckets_CreateVectorBucket_RequestSyntax) **   
An array of user-defined tags that you would like to apply to the vector bucket that you are creating. A tag is a key-value pair that you apply to your resources. Tags can help you organize and control access to resources. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
You must have the `s3vectors:TagResource` permission in addition to `s3vectors:CreateVectorBucket` permission to create a vector bucket with tags.
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Key Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Value Length Constraints: Minimum length of 0. Maximum length of 256.  
Value Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_CreateVectorBucket_RequestSyntax) **   
The name of the vector bucket to create.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "vectorBucketArn": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [vectorBucketArn](#API_S3VectorBuckets_CreateVectorBucket_ResponseSyntax) **   
The Amazon Resource Name (ARN) of the newly created vector bucket.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]` 

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** ConflictException **   
The request failed because a vector bucket name or a vector index name already exists. Vector bucket names must be unique within your AWS account for each AWS Region. Vector index names must be unique within your vector bucket. Choose a different vector bucket name or vector index name, and try again.  
HTTP Status Code: 409

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceQuotaExceededException **   
Your request exceeds a service quota.   
HTTP Status Code: 402

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/CreateVectorBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/CreateVectorBucket) 

# DeleteIndex


Deletes a vector index. To specify the vector index, you can either use both the vector bucket name and vector index name, or use the vector index Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:DeleteIndex` permission to use this operation. 

## Request Syntax


```
POST /DeleteIndex HTTP/1.1
Content-type: application/json

{
   "indexArn": "string",
   "indexName": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [indexArn](#API_S3VectorBuckets_DeleteIndex_RequestSyntax) **   
The ARN of the vector index to delete.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [indexName](#API_S3VectorBuckets_DeleteIndex_RequestSyntax) **   
The name of the vector index to delete.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_DeleteIndex_RequestSyntax) **   
The name of the vector bucket that contains the vector index.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/DeleteIndex) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/DeleteIndex) 

# DeleteVectorBucket


Deletes a vector bucket. All vector indexes in the vector bucket must be deleted before the vector bucket can be deleted. To perform this operation, you must use either the vector bucket name or the vector bucket Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:DeleteVectorBucket` permission to use this operation. 

## Request Syntax


```
POST /DeleteVectorBucket HTTP/1.1
Content-type: application/json

{
   "vectorBucketArn": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [vectorBucketArn](#API_S3VectorBuckets_DeleteVectorBucket_RequestSyntax) **   
The ARN of the vector bucket to delete.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_DeleteVectorBucket_RequestSyntax) **   
The name of the vector bucket to delete.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** ConflictException **   
The request failed because a vector bucket name or a vector index name already exists. Vector bucket names must be unique within your AWS account for each AWS Region. Vector index names must be unique within your vector bucket. Choose a different vector bucket name or vector index name, and try again.  
HTTP Status Code: 409

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/DeleteVectorBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/DeleteVectorBucket) 

# DeleteVectorBucketPolicy


Deletes a vector bucket policy. To specify the bucket, you must use either the vector bucket name or the vector bucket Amazon Resource Name (ARN).

Permissions  
You must have the `s3vectors:DeleteVectorBucketPolicy` permission to use this operation. 

## Request Syntax


```
POST /DeleteVectorBucketPolicy HTTP/1.1
Content-type: application/json

{
   "vectorBucketArn": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [vectorBucketArn](#API_S3VectorBuckets_DeleteVectorBucketPolicy_RequestSyntax) **   
The ARN of the vector bucket to delete the policy from.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_DeleteVectorBucketPolicy_RequestSyntax) **   
The name of the vector bucket to delete the policy from.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/DeleteVectorBucketPolicy) 

# DeleteVectors


Deletes one or more vectors in a vector index. To specify the vector index, you can either use both the vector bucket name and vector index name, or use the vector index Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:DeleteVectors` permission to use this operation. 

## Request Syntax


```
POST /DeleteVectors HTTP/1.1
Content-type: application/json

{
   "indexArn": "string",
   "indexName": "string",
   "keys": [ "string" ],
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [indexArn](#API_S3VectorBuckets_DeleteVectors_RequestSyntax) **   
The ARN of the vector index that contains a vector you want to delete.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [indexName](#API_S3VectorBuckets_DeleteVectors_RequestSyntax) **   
The name of the vector index that contains a vector you want to delete.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [keys](#API_S3VectorBuckets_DeleteVectors_RequestSyntax) **   
The keys of the vectors to delete.   
Type: Array of strings  
Array Members: Minimum number of 1 item. Maximum number of 500 items.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Required: Yes

 ** [vectorBucketName](#API_S3VectorBuckets_DeleteVectors_RequestSyntax) **   
The name of the vector bucket that contains the vector index.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** KmsDisabledException **   
The specified AWS KMS key isn't enabled.  
HTTP Status Code: 400

 ** KmsInvalidKeyUsageException **   
The request was rejected for one of the following reasons:   
+ The `KeyUsage` value of the KMS key is incompatible with the API operation.
+ The encryption algorithm or signing algorithm specified for the operation is incompatible with the type of key material in the KMS key (`KeySpec`).
For more information, see [InvalidKeyUsageException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsInvalidStateException **   
The key state of the KMS key isn't compatible with the operation.  
For more information, see [KMSInvalidStateException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsNotFoundException **   
The KMS key can't be found.  
HTTP Status Code: 400

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/DeleteVectors) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/DeleteVectors) 

# GetIndex


Returns vector index attributes. To specify the vector index, you can either use both the vector bucket name and the vector index name, or use the vector index Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:GetIndex` permission to use this operation. 

## Request Syntax


```
POST /GetIndex HTTP/1.1
Content-type: application/json

{
   "indexArn": "string",
   "indexName": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [indexArn](#API_S3VectorBuckets_GetIndex_RequestSyntax) **   
The ARN of the vector index.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [indexName](#API_S3VectorBuckets_GetIndex_RequestSyntax) **   
The name of the vector index.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_GetIndex_RequestSyntax) **   
The name of the vector bucket that contains the vector index.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "index": { 
      "creationTime": number,
      "dataType": "string",
      "dimension": number,
      "distanceMetric": "string",
      "encryptionConfiguration": { 
         "kmsKeyArn": "string",
         "sseType": "string"
      },
      "indexArn": "string",
      "indexName": "string",
      "metadataConfiguration": { 
         "nonFilterableMetadataKeys": [ "string" ]
      },
      "vectorBucketName": "string"
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [index](#API_S3VectorBuckets_GetIndex_ResponseSyntax) **   
The attributes of the vector index.  
Type: [Index](API_S3VectorBuckets_Index.md) object

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/GetIndex) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/GetIndex) 

# GetVectorBucket


Returns vector bucket attributes. To specify the bucket, you must use either the vector bucket name or the vector bucket Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:GetVectorBucket` permission to use this operation. 

## Request Syntax


```
POST /GetVectorBucket HTTP/1.1
Content-type: application/json

{
   "vectorBucketArn": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [vectorBucketArn](#API_S3VectorBuckets_GetVectorBucket_RequestSyntax) **   
The ARN of the vector bucket to retrieve information about.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_GetVectorBucket_RequestSyntax) **   
The name of the vector bucket to retrieve information about.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "vectorBucket": { 
      "creationTime": number,
      "encryptionConfiguration": { 
         "kmsKeyArn": "string",
         "sseType": "string"
      },
      "vectorBucketArn": "string",
      "vectorBucketName": "string"
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [vectorBucket](#API_S3VectorBuckets_GetVectorBucket_ResponseSyntax) **   
The attributes of the vector bucket.  
Type: [VectorBucket](API_S3VectorBuckets_VectorBucket.md) object

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/GetVectorBucket) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/GetVectorBucket) 

# GetVectorBucketPolicy


Gets details about a vector bucket policy. To specify the bucket, you must use either the vector bucket name or the vector bucket Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:GetVectorBucketPolicy` permission to use this operation. 

## Request Syntax


```
POST /GetVectorBucketPolicy HTTP/1.1
Content-type: application/json

{
   "vectorBucketArn": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [vectorBucketArn](#API_S3VectorBuckets_GetVectorBucketPolicy_RequestSyntax) **   
The ARN of the vector bucket.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_GetVectorBucketPolicy_RequestSyntax) **   
The name of the vector bucket.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "policy": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [policy](#API_S3VectorBuckets_GetVectorBucketPolicy_ResponseSyntax) **   
The `JSON` that defines the policy.  
Type: String

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/GetVectorBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/GetVectorBucketPolicy) 

# GetVectors


Returns vector attributes. To specify the vector index, you can either use both the vector bucket name and the vector index name, or use the vector index Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:GetVectors` permission to use this operation. 

## Request Syntax


```
POST /GetVectors HTTP/1.1
Content-type: application/json

{
   "indexArn": "string",
   "indexName": "string",
   "keys": [ "string" ],
   "returnData": boolean,
   "returnMetadata": boolean,
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [indexArn](#API_S3VectorBuckets_GetVectors_RequestSyntax) **   
The ARN of the vector index.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [indexName](#API_S3VectorBuckets_GetVectors_RequestSyntax) **   
The name of the vector index.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [keys](#API_S3VectorBuckets_GetVectors_RequestSyntax) **   
The names of the vectors you want to return attributes for.   
Type: Array of strings  
Array Members: Minimum number of 1 item. Maximum number of 100 items.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Required: Yes

 ** [returnData](#API_S3VectorBuckets_GetVectors_RequestSyntax) **   
Indicates whether to include the vector data in the response. The default value is `false`.  
Type: Boolean  
Required: No

 ** [returnMetadata](#API_S3VectorBuckets_GetVectors_RequestSyntax) **   
Indicates whether to include metadata in the response. The default value is `false`.  
Type: Boolean  
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_GetVectors_RequestSyntax) **   
The name of the vector bucket that contains the vector index.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "vectors": [ 
      { 
         "data": { ... },
         "key": "string",
         "metadata": JSON value
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [vectors](#API_S3VectorBuckets_GetVectors_ResponseSyntax) **   
The attributes of the vectors.  
Type: Array of [GetOutputVector](API_S3VectorBuckets_GetOutputVector.md) objects

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** KmsDisabledException **   
The specified AWS KMS key isn't enabled.  
HTTP Status Code: 400

 ** KmsInvalidKeyUsageException **   
The request was rejected for one of the following reasons:   
+ The `KeyUsage` value of the KMS key is incompatible with the API operation.
+ The encryption algorithm or signing algorithm specified for the operation is incompatible with the type of key material in the KMS key (`KeySpec`).
For more information, see [InvalidKeyUsageException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsInvalidStateException **   
The key state of the KMS key isn't compatible with the operation.  
For more information, see [KMSInvalidStateException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsNotFoundException **   
The KMS key can't be found.  
HTTP Status Code: 400

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/GetVectors) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/GetVectors) 

# ListIndexes


Returns a list of all the vector indexes within the specified vector bucket. To specify the bucket, you must use either the vector bucket name or the vector bucket Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:ListIndexes` permission to use this operation. 

## Request Syntax


```
POST /ListIndexes HTTP/1.1
Content-type: application/json

{
   "maxResults": number,
   "nextToken": "string",
   "prefix": "string",
   "vectorBucketArn": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [maxResults](#API_S3VectorBuckets_ListIndexes_RequestSyntax) **   
The maximum number of items to be returned in the response.   
Type: Integer  
Valid Range: Minimum value of 1. Maximum value of 500.  
Required: No

 ** [nextToken](#API_S3VectorBuckets_ListIndexes_RequestSyntax) **   
The previous pagination token.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 512.  
Required: No

 ** [prefix](#API_S3VectorBuckets_ListIndexes_RequestSyntax) **   
Limits the response to vector indexes that begin with the specified prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 63.  
Required: No

 ** [vectorBucketArn](#API_S3VectorBuckets_ListIndexes_RequestSyntax) **   
The ARN of the vector bucket that contains the vector indexes.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_ListIndexes_RequestSyntax) **   
The name of the vector bucket that contains the vector indexes.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "indexes": [ 
      { 
         "creationTime": number,
         "indexArn": "string",
         "indexName": "string",
         "vectorBucketName": "string"
      }
   ],
   "nextToken": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [indexes](#API_S3VectorBuckets_ListIndexes_ResponseSyntax) **   
The attributes of the vector indexes  
Type: Array of [IndexSummary](API_S3VectorBuckets_IndexSummary.md) objects

 ** [nextToken](#API_S3VectorBuckets_ListIndexes_ResponseSyntax) **   
The next pagination token.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 512.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/ListIndexes) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/ListIndexes) 

# ListTagsForResource


Lists all of the tags applied to a specified Amazon S3 Vectors resource. Each tag is a label consisting of a key and value pair. Tags can help you organize, track costs for, and control access to resources. 

**Note**  
For a list of S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).

Permissions  
For vector buckets and vector indexes, you must have the `s3vectors:ListTagsForResource` permission to use this operation.

## Request Syntax


```
GET /tags/resourceArn HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_S3VectorBuckets_ListTagsForResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the Amazon S3 Vectors resource that you want to list tags for. The tagged resource can be a vector bucket or a vector index.   
Length Constraints: Minimum length of 0. Maximum length of 1011.  
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "tags": { 
      "string" : "string" 
   }
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [tags](#API_S3VectorBuckets_ListTagsForResource_ResponseSyntax) **   
The user-defined tags that are applied to the S3 Vectors resource. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Key Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Value Length Constraints: Minimum length of 0. Maximum length of 256.  
Value Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)` 

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/ListTagsForResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/ListTagsForResource) 

# ListVectorBuckets


Returns a list of all the vector buckets that are owned by the authenticated sender of the request.

Permissions  
You must have the `s3vectors:ListVectorBuckets` permission to use this operation. 

## Request Syntax


```
POST /ListVectorBuckets HTTP/1.1
Content-type: application/json

{
   "maxResults": number,
   "nextToken": "string",
   "prefix": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [maxResults](#API_S3VectorBuckets_ListVectorBuckets_RequestSyntax) **   
The maximum number of vector buckets to be returned in the response.   
Type: Integer  
Valid Range: Minimum value of 1. Maximum value of 500.  
Required: No

 ** [nextToken](#API_S3VectorBuckets_ListVectorBuckets_RequestSyntax) **   
The previous pagination token.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 512.  
Required: No

 ** [prefix](#API_S3VectorBuckets_ListVectorBuckets_RequestSyntax) **   
Limits the response to vector buckets that begin with the specified prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "nextToken": "string",
   "vectorBuckets": [ 
      { 
         "creationTime": number,
         "vectorBucketArn": "string",
         "vectorBucketName": "string"
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [nextToken](#API_S3VectorBuckets_ListVectorBuckets_ResponseSyntax) **   
The element is included in the response when there are more buckets to be listed with pagination.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 512.

 ** [vectorBuckets](#API_S3VectorBuckets_ListVectorBuckets_ResponseSyntax) **   
The list of vector buckets owned by the requester.   
Type: Array of [VectorBucketSummary](API_S3VectorBuckets_VectorBucketSummary.md) objects

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/ListVectorBuckets) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/ListVectorBuckets) 

# ListVectors


List vectors in the specified vector index. To specify the vector index, you can either use both the vector bucket name and the vector index name, or use the vector index Amazon Resource Name (ARN). 

 `ListVectors` operations proceed sequentially; however, for faster performance on a large number of vectors in a vector index, applications can request a parallel `ListVectors` operation by providing the `segmentCount` and `segmentIndex` parameters.

Permissions  
You must have the `s3vectors:ListVectors` permission to use this operation. Additional permissions are required based on the request parameters you specify:  
+ With only `s3vectors:ListVectors` permission, you can list vector keys when `returnData` and `returnMetadata` are both set to false or not specified..
+ If you set `returnData` or `returnMetadata` to true, you must have both `s3vectors:ListVectors` and `s3vectors:GetVectors` permissions. The request fails with a `403 Forbidden` error if you request vector data or metadata without the `s3vectors:GetVectors` permission.

## Request Syntax


```
POST /ListVectors HTTP/1.1
Content-type: application/json

{
   "indexArn": "string",
   "indexName": "string",
   "maxResults": number,
   "nextToken": "string",
   "returnData": boolean,
   "returnMetadata": boolean,
   "segmentCount": number,
   "segmentIndex": number,
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [indexArn](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
The Amazon resource Name (ARN) of the vector index.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [indexName](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
The name of the vector index.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [maxResults](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
The maximum number of vectors to return on a page.  
If you don't specify `maxResults`, the `ListVectors` operation uses a default value of 500.  
If the processed dataset size exceeds 1 MB before reaching the `maxResults` value, the operation stops and returns the vectors that are retrieved up to that point, along with a `nextToken` that you can use in a subsequent request to retrieve the next set of results.  
Type: Integer  
Valid Range: Minimum value of 1. Maximum value of 1000.  
Required: No

 ** [nextToken](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
Pagination token from a previous request. The value of this field is empty for an initial request.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Required: No

 ** [returnData](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
If true, the vector data of each vector will be included in the response. The default value is `false`.  
Type: Boolean  
Required: No

 ** [returnMetadata](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
If true, the metadata associated with each vector will be included in the response. The default value is `false`.  
Type: Boolean  
Required: No

 ** [segmentCount](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
For a parallel `ListVectors` request, `segmentCount` represents the total number of vector segments into which the `ListVectors` operation will be divided. The value of `segmentCount` corresponds to the number of application workers that will perform the parallel `ListVectors` operation. For example, if you want to use four application threads to list vectors in a vector index, specify a `segmentCount` value of 4.   
If you specify a `segmentCount` value of 1, the `ListVectors` operation will be sequential rather than parallel.  
If you specify `segmentCount`, you must also specify `segmentIndex`.  
Type: Integer  
Valid Range: Minimum value of 1. Maximum value of 16.  
Required: No

 ** [segmentIndex](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
For a parallel `ListVectors` request, `segmentIndex` is the index of the segment from which to list vectors in the current request. It identifies an individual segment to be listed by an application worker.   
Segment IDs are zero-based, so the first segment is always 0. For example, if you want to use four application threads to list vectors in a vector index, then the first thread specifies a `segmentIndex` value of 0, the second thread specifies 1, and so on.   
The value of `segmentIndex` must be less than the value provided for `segmentCount`.   
If you provide `segmentIndex`, you must also provide `segmentCount`.  
Type: Integer  
Valid Range: Minimum value of 0. Maximum value of 15.  
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_ListVectors_RequestSyntax) **   
The name of the vector bucket.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "nextToken": "string",
   "vectors": [ 
      { 
         "data": { ... },
         "key": "string",
         "metadata": JSON value
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [nextToken](#API_S3VectorBuckets_ListVectors_ResponseSyntax) **   
Pagination token to be used in the subsequent request. The field is empty if no further pagination is required.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.

 ** [vectors](#API_S3VectorBuckets_ListVectors_ResponseSyntax) **   
Vectors in the current segment.  
Type: Array of [ListOutputVector](API_S3VectorBuckets_ListOutputVector.md) objects

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/ListVectors) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/ListVectors) 

# PutVectorBucketPolicy


Creates a bucket policy for a vector bucket. To specify the bucket, you must use either the vector bucket name or the vector bucket Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:PutVectorBucketPolicy` permission to use this operation. 

## Request Syntax


```
POST /PutVectorBucketPolicy HTTP/1.1
Content-type: application/json

{
   "policy": "string",
   "vectorBucketArn": "string",
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [policy](#API_S3VectorBuckets_PutVectorBucketPolicy_RequestSyntax) **   
The `JSON` that defines the policy. For more information about bucket policies for S3 Vectors, see [Managing vector bucket policies](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-vectors-bucket-policy.html) in the *Amazon S3 User Guide*.  
Type: String  
Required: Yes

 ** [vectorBucketArn](#API_S3VectorBuckets_PutVectorBucketPolicy_RequestSyntax) **   
The Amazon Resource Name (ARN) of the vector bucket.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_PutVectorBucketPolicy_RequestSyntax) **   
The name of the vector bucket.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/PutVectorBucketPolicy) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/PutVectorBucketPolicy) 

# PutVectors


Adds one or more vectors to a vector index. To specify the vector index, you can either use both the vector bucket name and the vector index name, or use the vector index Amazon Resource Name (ARN). 

For more information about limits, see [Limitations and restrictions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-vectors-limitations.html) in the *Amazon S3 User Guide*.

**Note**  
When inserting vector data into your vector index, you must provide the vector data as `float32` (32-bit floating point) values. If you pass higher-precision values to an AWS SDK, S3 Vectors converts the values to 32-bit floating point before storing them, and `GetVectors`, `ListVectors`, and `QueryVectors` operations return the float32 values. Different AWS SDKs may have different default numeric types, so ensure your vectors are properly formatted as `float32` values regardless of which SDK you're using. For example, in Python, use `numpy.float32` or explicitly cast your values.

Permissions  
You must have the `s3vectors:PutVectors` permission to use this operation. 

## Request Syntax


```
POST /PutVectors HTTP/1.1
Content-type: application/json

{
   "indexArn": "string",
   "indexName": "string",
   "vectorBucketName": "string",
   "vectors": [ 
      { 
         "data": { ... },
         "key": "string",
         "metadata": JSON value
      }
   ]
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [indexArn](#API_S3VectorBuckets_PutVectors_RequestSyntax) **   
The ARN of the vector index where you want to write vectors.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [indexName](#API_S3VectorBuckets_PutVectors_RequestSyntax) **   
The name of the vector index where you want to write vectors.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [vectorBucketName](#API_S3VectorBuckets_PutVectors_RequestSyntax) **   
The name of the vector bucket that contains the vector index.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [vectors](#API_S3VectorBuckets_PutVectors_RequestSyntax) **   
The vectors to add to a vector index. The number of vectors in a single request must not exceed the resource capacity, otherwise the request will be rejected with the error `ServiceUnavailableException` with the error message "Currently unable to handle the request".  
Type: Array of [PutInputVector](API_S3VectorBuckets_PutInputVector.md) objects  
Array Members: Minimum number of 1 item. Maximum number of 500 items.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** KmsDisabledException **   
The specified AWS KMS key isn't enabled.  
HTTP Status Code: 400

 ** KmsInvalidKeyUsageException **   
The request was rejected for one of the following reasons:   
+ The `KeyUsage` value of the KMS key is incompatible with the API operation.
+ The encryption algorithm or signing algorithm specified for the operation is incompatible with the type of key material in the KMS key (`KeySpec`).
For more information, see [InvalidKeyUsageException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsInvalidStateException **   
The key state of the KMS key isn't compatible with the operation.  
For more information, see [KMSInvalidStateException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsNotFoundException **   
The KMS key can't be found.  
HTTP Status Code: 400

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceQuotaExceededException **   
Your request exceeds a service quota.   
HTTP Status Code: 402

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/PutVectors) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/PutVectors) 

# QueryVectors


Performs an approximate nearest neighbor search query in a vector index using a query vector. By default, it returns the keys of approximate nearest neighbors. You can optionally include the computed distance (between the query vector and each vector in the response), the vector data, and metadata of each vector in the response. 

To specify the vector index, you can either use both the vector bucket name and the vector index name, or use the vector index Amazon Resource Name (ARN). 

Permissions  
You must have the `s3vectors:QueryVectors` permission to use this operation. Additional permissions are required based on the request parameters you specify:  
+ With only `s3vectors:QueryVectors` permission, you can retrieve vector keys of approximate nearest neighbors and computed distances between these vectors. This permission is sufficient only when you don't set any metadata filters and don't request vector data or metadata (by keeping the `returnMetadata` parameter set to `false` or not specified).
+ If you specify a metadata filter or set `returnMetadata` to true, you must have both `s3vectors:QueryVectors` and `s3vectors:GetVectors` permissions. The request fails with a `403 Forbidden error` if you request metadata filtering, vector data, or metadata without the `s3vectors:GetVectors` permission.

## Request Syntax


```
POST /QueryVectors HTTP/1.1
Content-type: application/json

{
   "filter": JSON value,
   "indexArn": "string",
   "indexName": "string",
   "queryVector": { ... },
   "returnDistance": boolean,
   "returnMetadata": boolean,
   "topK": number,
   "vectorBucketName": "string"
}
```

## URI Request Parameters


The request does not use any URI parameters.

## Request Body


The request accepts the following data in JSON format.

 ** [filter](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
Metadata filter to apply during the query. For more information about metadata keys, see [Metadata filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-vectors-metadata-filtering.html) in the *Amazon S3 User Guide*.   
Type: JSON value  
Required: No

 ** [indexArn](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
The ARN of the vector index that you want to query.  
Type: String  
Pattern: `arn:aws[-a-z0-9]*:s3vectors:[a-z0-9-]+:[0-9]{12}:bucket/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]/index/[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]`   
Required: No

 ** [indexName](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
The name of the vector index that you want to query.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

 ** [queryVector](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
The query vector. Ensure that the query vector has the same dimension as the dimension of the vector index that's being queried. For example, if your vector index contains vectors with 384 dimensions, your query vector must also have 384 dimensions.   
Type: [VectorData](API_S3VectorBuckets_VectorData.md) object  
 **Note: **This object is a Union. Only one member of this object can be specified or returned.  
Required: Yes

 ** [returnDistance](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
Indicates whether to include the computed distance in the response. The default value is `false`.  
Type: Boolean  
Required: No

 ** [returnMetadata](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
Indicates whether to include metadata in the response. The default value is `false`.  
Type: Boolean  
Required: No

 ** [topK](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
The number of results to return for each query.  
Type: Integer  
Valid Range: Minimum value of 1.  
Required: Yes

 ** [vectorBucketName](#API_S3VectorBuckets_QueryVectors_RequestSyntax) **   
The name of the vector bucket that contains the vector index.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 63.  
Required: No

## Response Syntax


```
HTTP/1.1 200
Content-type: application/json

{
   "distanceMetric": "string",
   "vectors": [ 
      { 
         "distance": number,
         "key": "string",
         "metadata": JSON value
      }
   ]
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [distanceMetric](#API_S3VectorBuckets_QueryVectors_ResponseSyntax) **   
The distance metric that was used for the similarity search calculation. This is the same distance metric that was configured for the vector index when it was created.  
Type: String  
Valid Values: `euclidean | cosine` 

 ** [vectors](#API_S3VectorBuckets_QueryVectors_ResponseSyntax) **   
The vectors in the approximate nearest neighbor search.  
Type: Array of [QueryOutputVector](API_S3VectorBuckets_QueryOutputVector.md) objects

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** KmsDisabledException **   
The specified AWS KMS key isn't enabled.  
HTTP Status Code: 400

 ** KmsInvalidKeyUsageException **   
The request was rejected for one of the following reasons:   
+ The `KeyUsage` value of the KMS key is incompatible with the API operation.
+ The encryption algorithm or signing algorithm specified for the operation is incompatible with the type of key material in the KMS key (`KeySpec`).
For more information, see [InvalidKeyUsageException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsInvalidStateException **   
The key state of the KMS key isn't compatible with the operation.  
For more information, see [KMSInvalidStateException](https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html#API_Encrypt_Errors) in the * AWS Key Management Service API Reference*.  
HTTP Status Code: 400

 ** KmsNotFoundException **   
The KMS key can't be found.  
HTTP Status Code: 400

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/QueryVectors) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/QueryVectors) 

# TagResource


Applies one or more user-defined tags to an Amazon S3 Vectors resource or updates existing tags. Each tag is a label consisting of a key and value pair. Tags can help you organize, track costs for, and control access to your resources. You can add up to 50 tags for each resource.

**Note**  
For a list of S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).

Permissions  
For vector buckets and vector indexes, you must have the `s3vectors:TagResource` permission to use this operation.

## Request Syntax


```
POST /tags/resourceArn HTTP/1.1
Content-type: application/json

{
   "tags": { 
      "string" : "string" 
   }
}
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_S3VectorBuckets_TagResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the Amazon S3 Vectors resource that you're applying tags to. The tagged resource can be a vector bucket or a vector index.   
Length Constraints: Minimum length of 0. Maximum length of 1011.  
Required: Yes

## Request Body


The request accepts the following data in JSON format.

 ** [tags](#API_S3VectorBuckets_TagResource_RequestSyntax) **   
The user-defined tag that you want to add to the specified S3 Vectors resource. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 128.  
Key Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Value Length Constraints: Minimum length of 0. Maximum length of 256.  
Value Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** ConflictException **   
The request failed because a vector bucket name or a vector index name already exists. Vector bucket names must be unique within your AWS account for each AWS Region. Vector index names must be unique within your vector bucket. Choose a different vector bucket name or vector index name, and try again.  
HTTP Status Code: 409

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/TagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/TagResource) 

# UntagResource


Removes the specified user-defined tags from an Amazon S3 Vectors resource. You can pass one or more tag keys. 

**Note**  
For a list of S3 resources that support tagging, see [Managing tags for Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#manage-tags).

Permissions  
For vector buckets and vector indexes, you must have the `s3vectors:UntagResource` permission to use this operation.

## Request Syntax


```
DELETE /tags/resourceArn?tagKeys=tagKeys HTTP/1.1
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_S3VectorBuckets_UntagResource_RequestSyntax) **   
The Amazon Resource Name (ARN) of the Amazon S3 Vectors resource that you're removing tags from. The tagged resource can be a vector bucket or a vector index.   
Length Constraints: Minimum length of 0. Maximum length of 1011.  
Required: Yes

 ** [tagKeys](#API_S3VectorBuckets_UntagResource_RequestSyntax) **   
The array of tag keys that you're removing from the S3 Vectors resource. For more information, see [Tagging for cost allocation or attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html).  
Length Constraints: Minimum length of 1. Maximum length of 128.  
Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** AccessDeniedException **   
Access denied.  
HTTP Status Code: 403

 ** ConflictException **   
The request failed because a vector bucket name or a vector index name already exists. Vector bucket names must be unique within your AWS account for each AWS Region. Vector index names must be unique within your vector bucket. Choose a different vector bucket name or vector index name, and try again.  
HTTP Status Code: 409

 ** InternalServerException **   
The request failed due to an internal server error.  
HTTP Status Code: 500

 ** NotFoundException **   
The request was rejected because the specified resource can't be found.  
HTTP Status Code: 404

 ** RequestTimeoutException **   
The request timed out. Retry your request.  
HTTP Status Code: 408

 ** ServiceUnavailableException **   
The service is unavailable. Wait briefly and retry your request. If it continues to fail, increase your waiting time between retries.  
HTTP Status Code: 503

 ** TooManyRequestsException **   
The request was denied due to request throttling.  
HTTP Status Code: 429

 ** ValidationException **   
The requested action isn't valid.    
 ** fieldList **   
A list of specific validation failures that are encountered during input processing. Each entry in the list contains a path to the field that failed validation and a detailed message that explains why the validation failed. To satisfy multiple constraints, a field can appear multiple times in this list if it failed. You can use the information to identify and fix the specific validation issues in your request.
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/s3vectors-2025-07-15/UntagResource) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3vectors-2025-07-15/UntagResource)