Retrieve the S3 bucket configuration for an SVM
GET /protocols/s3/buckets/{svm.uuid}/{uuid}
Introduced In: 9.8
Retrieves the S3 bucket configuration of an SVM. Note that in order to retrieve S3 bucket policy conditions, the 'fields' option should be set to '**'.
Related ONTAP commands
-
vserver object-store-server bucket show
-
vserver object-store-server bucket policy statement show
-
vserver object-store-server bucket policy-statement-condition show
-
vserver object-store-server bucket lifecycle-management-rule show
Learn more
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
uuid |
string |
path |
True |
The unique identifier of the bucket. |
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
fields |
array[string] |
query |
False |
Specify the fields to return. |
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
aggregates |
array[aggregates] |
A list of aggregates for FlexGroup volume constituents where the bucket is hosted. If this option is not specified, the bucket is auto-provisioned as a FlexGroup volume. |
allowed |
boolean |
If this is set to true, an SVM administrator can manage the S3 service. If it is false, only the cluster administrator can manage the service. |
audit_event_selector |
Audit event selector allows you to specify access and permission types to audit. |
|
comment |
string |
Can contain any additional information about the bucket being created or modified. |
constituents_per_aggregate |
integer |
Specifies the number of constituents or FlexVol volumes per aggregate. A FlexGroup volume consisting of all such constituents across all specified aggregates is created. This option is used along with the aggregates option and cannot be used independently. |
encryption |
||
lifecycle_management |
Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects. |
|
logical_used_size |
integer |
Specifies the bucket logical used size up to this point. |
name |
string |
Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-". |
nas_path |
string |
Specifies the NAS path to which the nas bucket corresponds to. |
policy |
A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied. |
|
protection_status |
Specifies attributes of bucket protection. |
|
qos_policy |
Specifes "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached. |
|
role |
string |
Specifies the role of the bucket. |
size |
integer |
Specifies the bucket size in bytes; ranges from 80MB to 64TB. |
storage_service_level |
string |
Specifies the storage service level of the FlexGroup volume on which the bucket should be created. Valid values are "value", "performance" or "extreme". |
svm |
||
type |
string |
Specifies the bucket type. Valid values are "s3"and "nas". |
uuid |
string |
Specifies the unique identifier of the bucket. |
versioning_state |
string |
Specifies the versioning state of the bucket. Valid values are "disabled", "enabled" or "suspended". Note that the versioning state cannot be modified to 'disabled' from any other state. |
volume |
Specifies the FlexGroup volume name and UUID where the bucket is hosted. |
Example response
{
"aggregates": [
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "aggr1",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
}
],
"audit_event_selector": {
"access": "string",
"permission": "string"
},
"comment": "S3 bucket.",
"constituents_per_aggregate": 4,
"lifecycle_management": {
"rules": [
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"abort_incomplete_multipart_upload": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
}
},
"expiration": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"object_expiry_date": "string"
},
"name": "string",
"non_current_version_expiration": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
}
},
"object_filter": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"prefix": "/logs",
"size_greater_than": 10485760,
"size_less_than": 10240,
"tags": [
"project1=projA",
"project2=projB"
]
}
}
]
},
"logical_used_size": 0,
"name": "bucket1",
"nas_path": "/",
"policy": {
"statements": [
{
"actions": [
"GetObject",
"PutObject",
"DeleteObject",
"ListBucket"
],
"conditions": [
{
"delimiters": [
"/"
],
"max_keys": [
1000
],
"operator": "ip_address",
"prefixes": [
"pref"
],
"source_ips": [
"1.1.1.1",
"1.2.2.0/24"
],
"usernames": [
"user1"
]
}
],
"effect": "allow",
"principals": [
"user1",
"group/grp1"
],
"resources": [
"bucket1",
"bucket1/*"
],
"sid": "FullAccessToUser1"
}
]
},
"qos_policy": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"max_throughput_iops": 10000,
"max_throughput_mbps": 500,
"min_throughput_iops": 2000,
"min_throughput_mbps": 500,
"name": "performance",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
},
"role": "string",
"size": 1677721600,
"storage_service_level": "value",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"type": "s3",
"uuid": "414b29a1-3b26-11e9-bd58-0050568ea055",
"versioning_state": "enabled",
"volume": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "volume1",
"uuid": "028baa66-41bd-11e9-81d5-00a0986138f7"
}
}
Error
Status: Default, Error
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
aggregates
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
|
uuid |
string |
audit_event_selector
Audit event selector allows you to specify access and permission types to audit.
Name | Type | Description |
---|---|---|
access |
string |
Specifies read and write access types. |
permission |
string |
Specifies allow and deny permission types. |
encryption
Name | Type | Description |
---|---|---|
enabled |
boolean |
Specifies whether encryption is enabled on the bucket. By default, encryption is disabled on a bucket. |
abort_incomplete_multipart_upload
Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket.
Name | Type | Description |
---|---|---|
_links |
||
after_initiation_days |
integer |
Number of days of initiation after which uploads can be aborted. |
expiration
Specifies a way to perform expiration action on filtered objects within a bucket.
Name | Type | Description |
---|---|---|
_links |
||
expired_object_delete_marker |
boolean |
Cleanup object delete markers. |
object_age_days |
integer |
Number of days since creation after which objects can be deleted. |
object_expiry_date |
string |
Specific date from when objects can expire. |
non_current_version_expiration
Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket.
Name | Type | Description |
---|---|---|
_links |
||
new_non_current_versions |
integer |
Number of latest non-current versions to be retained. |
non_current_days |
integer |
Number of days after which non-current versions can be deleted. |
object_filter
Specifies a way to filter objects within a bucket.
Name | Type | Description |
---|---|---|
_links |
||
prefix |
string |
A prefix that is matched against object-names within a bucket. |
size_greater_than |
integer |
Size of the object greater than specified for which the corresponding lifecycle rule is to be applied. |
size_less_than |
integer |
Size of the object smaller than specified for which the corresponding lifecycle rule is to be applied. |
tags |
array[string] |
An array of key-value paired tags of the form |
rules
Information about the lifecycle management rule of a bucket.
Name | Type | Description |
---|---|---|
_links |
||
abort_incomplete_multipart_upload |
Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket. |
|
enabled |
boolean |
Specifies whether or not the associated rule is enabled. |
expiration |
Specifies a way to perform expiration action on filtered objects within a bucket. |
|
name |
string |
Bucket lifecycle management rule identifier. |
non_current_version_expiration |
Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket. |
|
object_filter |
Specifies a way to filter objects within a bucket. |
lifecycle_management
Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects.
Name | Type | Description |
---|---|---|
rules |
array[rules] |
Specifies an object store lifecycle management policy. |
s3_bucket_policy_condition
Information about policy conditions based on various condition operators and condition keys.
Name | Type | Description |
---|---|---|
delimiters |
array[string] |
An array of delimiters that are compared with the delimiter value specified at the time of execution of an S3-based command, using the condition operator specified. |
max_keys |
array[integer] |
An array of maximum keys that are allowed or denied to be retrieved using an S3 list operation, based on the condition operator specified. |
operator |
string |
Condition operator that is applied to the specified condition key. |
prefixes |
array[string] |
An array of prefixes that are compared with the input prefix value specified at the time of execution of an S3-based command, using the condition operator specified. |
source_ips |
array[string] |
An array of IP address ranges that are compared with the IP address of a source command at the time of execution of an S3-based command, using the condition operator specified. |
usernames |
array[string] |
An array of usernames that a current user in the context is evaluated against using the condition operators. |
s3_bucket_policy_statement
Specifies information about a single access permission.
Name | Type | Description |
---|---|---|
actions |
array[string] |
|
conditions |
array[s3_bucket_policy_condition] |
Specifies bucket policy conditions. |
effect |
string |
Specifies whether access is allowed or denied when a user requests the specific action. If access (to allow) is not granted explicitly to a resource, access is implicitly denied. Access can also be denied explicitly to a resource, in order to make sure that a user cannot access it, even if a different policy grants access. |
principals |
array[string] |
|
resources |
array[string] |
|
sid |
string |
Specifies the statement identifier used to differentiate between statements. |
policy
A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied.
Name | Type | Description |
---|---|---|
statements |
array[s3_bucket_policy_statement] |
Specifies bucket access policy statement. |
destination
Name | Type | Description |
---|---|---|
is_cloud |
boolean |
Specifies whether a bucket is protected within the Cloud. |
is_external_cloud |
boolean |
Specifies whether a bucket is protected on external Cloud providers. |
is_ontap |
boolean |
Specifies whether a bucket is protected within ONTAP.
|
protection_status
Specifies attributes of bucket protection.
Name | Type | Description |
---|---|---|
destination |
||
is_protected |
boolean |
Specifies whether a bucket is a source and if it is protected within ONTAP and/or an external cloud.
|
qos_policy
Specifes "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached.
Name | Type | Description |
---|---|---|
_links |
||
max_throughput_iops |
integer |
Specifies the maximum throughput in IOPS, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH. |
max_throughput_mbps |
integer |
Specifies the maximum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH. |
min_throughput_iops |
integer |
Specifies the minimum throughput in IOPS, 0 means none. Setting "min_throughput" is supported on AFF platforms only, unless FabricPool tiering policies are set. This is mutually exclusive with name and UUID during POST and PATCH. |
min_throughput_mbps |
integer |
Specifies the minimum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH. |
name |
string |
The QoS policy group name. This is mutually exclusive with UUID and other QoS attributes during POST and PATCH. |
uuid |
string |
The QoS policy group UUID. This is mutually exclusive with name and other QoS attributes during POST and PATCH. |
svm
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
volume
Specifies the FlexGroup volume name and UUID where the bucket is hosted.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the volume. |
uuid |
string |
Unique identifier for the volume. This corresponds to the instance-uuid that is exposed in the CLI and ONTAPI. It does not change due to a volume move.
|
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |