Retrieve the S3 bucket configurations for an SVM
GET /protocols/s3/services/{svm.uuid}/buckets
Introduced In: 9.7
Retrieves the S3 bucket's configuration of an SVM. Note that in order to retrieve S3 bucket policy conditions, the 'fields' option should be set to '**'.
Related ONTAP commands
-
vserver object-store-server bucket show
-
vserver object-store-server bucket policy statement show
-
vserver object-store-server bucket policy-statement-condition show
-
vserver object-store-server bucket lifecycle-management-rule show
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
nas_path |
string |
query |
False |
Filter by nas_path
|
logical_used_size |
integer |
query |
False |
Filter by logical_used_size |
retention.default_period |
string |
query |
False |
Filter by retention.default_period
|
retention.mode |
string |
query |
False |
Filter by retention.mode
|
encryption.enabled |
boolean |
query |
False |
Filter by encryption.enabled |
name |
string |
query |
False |
Filter by name
|
protection_status.is_protected |
boolean |
query |
False |
Filter by protection_status.is_protected
|
protection_status.destination.is_ontap |
boolean |
query |
False |
Filter by protection_status.destination.is_ontap
|
protection_status.destination.is_external_cloud |
boolean |
query |
False |
Filter by protection_status.destination.is_external_cloud
|
protection_status.destination.is_cloud |
boolean |
query |
False |
Filter by protection_status.destination.is_cloud
|
type |
string |
query |
False |
Filter by type
|
svm.name |
string |
query |
False |
Filter by svm.name |
volume.uuid |
string |
query |
False |
Filter by volume.uuid |
volume.name |
string |
query |
False |
Filter by volume.name |
size |
integer |
query |
False |
Filter by size
|
audit_event_selector.permission |
string |
query |
False |
Filter by audit_event_selector.permission
|
audit_event_selector.access |
string |
query |
False |
Filter by audit_event_selector.access
|
versioning_state |
string |
query |
False |
Filter by versioning_state
|
role |
string |
query |
False |
Filter by role
|
qos_policy.uuid |
string |
query |
False |
Filter by qos_policy.uuid
|
qos_policy.max_throughput_mbps |
integer |
query |
False |
Filter by qos_policy.max_throughput_mbps
|
qos_policy.name |
string |
query |
False |
Filter by qos_policy.name
|
qos_policy.min_throughput_iops |
integer |
query |
False |
Filter by qos_policy.min_throughput_iops
|
qos_policy.max_throughput_iops |
integer |
query |
False |
Filter by qos_policy.max_throughput_iops
|
qos_policy.min_throughput_mbps |
integer |
query |
False |
Filter by qos_policy.min_throughput_mbps
|
uuid |
string |
query |
False |
Filter by uuid |
comment |
string |
query |
False |
Filter by comment
|
lifecycle_management.rules.svm.uuid |
string |
query |
False |
Filter by lifecycle_management.rules.svm.uuid
|
lifecycle_management.rules.svm.name |
string |
query |
False |
Filter by lifecycle_management.rules.svm.name
|
lifecycle_management.rules.non_current_version_expiration.new_non_current_versions |
integer |
query |
False |
Filter by lifecycle_management.rules.non_current_version_expiration.new_non_current_versions
|
lifecycle_management.rules.non_current_version_expiration.non_current_days |
integer |
query |
False |
Filter by lifecycle_management.rules.non_current_version_expiration.non_current_days
|
lifecycle_management.rules.uuid |
string |
query |
False |
Filter by lifecycle_management.rules.uuid
|
lifecycle_management.rules.bucket_name |
string |
query |
False |
Filter by lifecycle_management.rules.bucket_name
|
lifecycle_management.rules.enabled |
boolean |
query |
False |
Filter by lifecycle_management.rules.enabled
|
lifecycle_management.rules.abort_incomplete_multipart_upload.after_initiation_days |
integer |
query |
False |
Filter by lifecycle_management.rules.abort_incomplete_multipart_upload.after_initiation_days
|
lifecycle_management.rules.name |
string |
query |
False |
Filter by lifecycle_management.rules.name
|
lifecycle_management.rules.expiration.object_age_days |
integer |
query |
False |
Filter by lifecycle_management.rules.expiration.object_age_days
|
lifecycle_management.rules.expiration.expired_object_delete_marker |
boolean |
query |
False |
Filter by lifecycle_management.rules.expiration.expired_object_delete_marker
|
lifecycle_management.rules.expiration.object_expiry_date |
string |
query |
False |
Filter by lifecycle_management.rules.expiration.object_expiry_date
|
lifecycle_management.rules.object_filter.size_greater_than |
integer |
query |
False |
Filter by lifecycle_management.rules.object_filter.size_greater_than
|
lifecycle_management.rules.object_filter.prefix |
string |
query |
False |
Filter by lifecycle_management.rules.object_filter.prefix
|
lifecycle_management.rules.object_filter.size_less_than |
integer |
query |
False |
Filter by lifecycle_management.rules.object_filter.size_less_than
|
lifecycle_management.rules.object_filter.tags |
string |
query |
False |
Filter by lifecycle_management.rules.object_filter.tags
|
policy.statements.resources |
string |
query |
False |
Filter by policy.statements.resources
|
policy.statements.conditions.operator |
string |
query |
False |
Filter by policy.statements.conditions.operator
|
policy.statements.conditions.source_ips |
string |
query |
False |
Filter by policy.statements.conditions.source_ips
|
policy.statements.conditions.delimiters |
string |
query |
False |
Filter by policy.statements.conditions.delimiters
|
policy.statements.conditions.max_keys |
integer |
query |
False |
Filter by policy.statements.conditions.max_keys
|
policy.statements.conditions.prefixes |
string |
query |
False |
Filter by policy.statements.conditions.prefixes
|
policy.statements.conditions.usernames |
string |
query |
False |
Filter by policy.statements.conditions.usernames
|
policy.statements.effect |
string |
query |
False |
Filter by policy.statements.effect
|
policy.statements.principals |
string |
query |
False |
Filter by policy.statements.principals
|
policy.statements.sid |
string |
query |
False |
Filter by policy.statements.sid
|
policy.statements.actions |
string |
query |
False |
Filter by policy.statements.actions
|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
fields |
array[string] |
query |
False |
Specify the fields to return. |
max_records |
integer |
query |
False |
Limit the number of records returned. |
return_records |
boolean |
query |
False |
The default is true for GET calls. When set to false, only the number of records is returned.
|
return_timeout |
integer |
query |
False |
The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.
|
order_by |
array[string] |
query |
False |
Order results by specified fields and optional [asc |
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
_links |
||
num_records |
integer |
Number of records |
records |
array[s3_bucket_svm] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"num_records": 1,
"records": [
{
"aggregates": [
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "aggr1",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
}
],
"audit_event_selector": {
"access": "string",
"permission": "string"
},
"comment": "S3 bucket.",
"constituents_per_aggregate": 4,
"lifecycle_management": {
"rules": [
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"abort_incomplete_multipart_upload": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
}
},
"bucket_name": "bucket1",
"expiration": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"object_age_days": 100,
"object_expiry_date": "2039-09-22 20:00:00 -0400"
},
"name": "string",
"non_current_version_expiration": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
}
},
"object_filter": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"prefix": "/logs",
"size_greater_than": 10240,
"size_less_than": 10485760,
"tags": [
"project1=projA",
"project2=projB"
]
},
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"uuid": "414b29a1-3b26-11e9-bd58-0050568ea055"
}
]
},
"logical_used_size": 0,
"name": "bucket1",
"nas_path": "/",
"policy": {
"statements": [
{
"actions": [
"GetObject",
"PutObject",
"DeleteObject",
"ListBucket"
],
"conditions": [
{
"delimiters": [
"/"
],
"max_keys": [
1000
],
"operator": "ip_address",
"prefixes": [
"pref"
],
"source_ips": [
"1.1.1.1",
"1.2.2.0/24"
],
"usernames": [
"user1"
]
}
],
"effect": "allow",
"principals": [
"user1",
"group/grp1",
"nasgroup/group1"
],
"resources": [
"bucket1",
"bucket1/*"
],
"sid": "FullAccessToUser1"
}
]
},
"qos_policy": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"max_throughput_iops": 10000,
"max_throughput_mbps": 500,
"min_throughput_iops": 2000,
"min_throughput_mbps": 500,
"name": "performance",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
},
"retention": {
"default_period": "P10Y",
"mode": "governance"
},
"role": "string",
"size": 819200000,
"storage_service_level": "value",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"type": "s3",
"uuid": "string",
"versioning_state": "enabled",
"volume": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "volume1",
"uuid": "028baa66-41bd-11e9-81d5-00a0986138f7"
}
}
]
}
Error
Status: Default, Error
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
collection_links
Name | Type | Description |
---|---|---|
next |
||
self |
_links
Name | Type | Description |
---|---|---|
self |
aggregates
Aggregate
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
|
uuid |
string |
audit_event_selector
Event selector allows you to specify access and permission types to audit.
Name | Type | Description |
---|---|---|
access |
string |
Specifies read and write access types. |
permission |
string |
Specifies allow and deny permission types. |
encryption
Name | Type | Description |
---|---|---|
enabled |
boolean |
Specifies whether encryption is enabled on the bucket. By default, encryption is disabled on a bucket. This field cannot be set in a POST or PATCH method. |
abort_incomplete_multipart_upload
Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket. It cannot be specified with tags.
Name | Type | Description |
---|---|---|
_links |
||
after_initiation_days |
integer |
Number of days of initiation after which uploads can be aborted. |
expiration
Specifies a way to perform expiration action on filtered objects within a bucket.
Name | Type | Description |
---|---|---|
_links |
||
expired_object_delete_marker |
boolean |
Cleanup object delete markers. |
object_age_days |
integer |
Number of days since creation after which objects can be deleted. This cannot be used along with object_expiry_date. |
object_expiry_date |
string |
Specific date from when objects can expire. This cannot be used with object_age_days. |
non_current_version_expiration
Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket.
Name | Type | Description |
---|---|---|
_links |
||
new_non_current_versions |
integer |
Number of latest non-current versions to be retained. |
non_current_days |
integer |
Number of days after which non-current versions can be deleted. |
object_filter
Specifies a way to filter objects within a bucket.
Name | Type | Description |
---|---|---|
_links |
||
prefix |
string |
A prefix that is matched against object-names within a bucket. |
size_greater_than |
integer |
Size of the object greater than specified for which the corresponding lifecycle rule is to be applied. |
size_less_than |
integer |
Size of the object smaller than specified for which the corresponding lifecycle rule is to be applied. |
tags |
array[string] |
An array of key-value paired tags of the form |
svm
Specifies the name of the SVM where this bucket exists.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
rules
Information about the lifecycle management rule of a bucket.
Name | Type | Description |
---|---|---|
_links |
||
abort_incomplete_multipart_upload |
Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket. It cannot be specified with tags. |
|
bucket_name |
string |
Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-". |
enabled |
boolean |
Specifies whether or not the associated rule is enabled. |
expiration |
Specifies a way to perform expiration action on filtered objects within a bucket. |
|
name |
string |
Bucket lifecycle management rule identifier. The length of the name can range from 0 to 256 characters. |
non_current_version_expiration |
Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket. |
|
object_filter |
Specifies a way to filter objects within a bucket. |
|
svm |
Specifies the name of the SVM where this bucket exists. |
|
uuid |
string |
Specifies the unique identifier of the bucket. |
lifecycle_management
Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects.
Name | Type | Description |
---|---|---|
rules |
array[rules] |
Specifies an object store lifecycle management policy. This field cannot be set using the PATCH method. |
s3_bucket_policy_condition
Information about policy conditions based on various condition operators and condition keys.
Name | Type | Description |
---|---|---|
delimiters |
array[string] |
An array of delimiters that are compared with the delimiter value specified at the time of execution of an S3-based command, using the condition operator specified. |
max_keys |
array[integer] |
An array of maximum keys that are allowed or denied to be retrieved using an S3 list operation, based on the condition operator specified. |
operator |
string |
Condition operator that is applied to the specified condition key. |
prefixes |
array[string] |
An array of prefixes that are compared with the input prefix value specified at the time of execution of an S3-based command, using the condition operator specified. |
source_ips |
array[string] |
An array of IP address ranges that are compared with the IP address of a source command at the time of execution of an S3-based command, using the condition operator specified. |
usernames |
array[string] |
An array of usernames that a current user in the context is evaluated against using the condition operators. |
s3_bucket_policy_statement
Specifies information about a single access permission.
Name | Type | Description |
---|---|---|
actions |
array[string] |
|
conditions |
array[s3_bucket_policy_condition] |
Specifies bucket policy conditions. |
effect |
string |
Specifies whether access is allowed or denied when a user requests the specific action. If access (to allow) is not granted explicitly to a resource, access is implicitly denied. Access can also be denied explicitly to a resource, in order to make sure that a user cannot access it, even if a different policy grants access. |
principals |
array[string] |
|
resources |
array[string] |
|
sid |
string |
Specifies the statement identifier used to differentiate between statements. The sid length can range from 1 to 256 characters and can only contain the following combination of characters 0-9, A-Z, and a-z. Special characters are not valid. |
policy
A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied.
Name | Type | Description |
---|---|---|
statements |
array[s3_bucket_policy_statement] |
Specifies bucket access policy statement. |
destination
Name | Type | Description |
---|---|---|
is_cloud |
boolean |
Specifies whether a bucket is protected within the Cloud. |
is_external_cloud |
boolean |
Specifies whether a bucket is protected on external Cloud providers. |
is_ontap |
boolean |
Specifies whether a bucket is protected within ONTAP.
|
protection_status
Specifies attributes of bucket protection.
Name | Type | Description |
---|---|---|
destination |
||
is_protected |
boolean |
Specifies whether a bucket is a source and if it is protected within ONTAP and/or an external cloud. This field cannot be set in a POST method.
|
qos_policy
Specifes "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached.
Name | Type | Description |
---|---|---|
_links |
||
max_throughput_iops |
integer |
Specifies the maximum throughput in IOPS, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH. |
max_throughput_mbps |
integer |
Specifies the maximum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH. |
min_throughput_iops |
integer |
Specifies the minimum throughput in IOPS, 0 means none. Setting "min_throughput" is supported on AFF platforms only, unless FabricPool tiering policies are set. This is mutually exclusive with name and UUID during POST and PATCH. |
min_throughput_mbps |
integer |
Specifies the minimum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH. |
name |
string |
The QoS policy group name. This is mutually exclusive with UUID and other QoS attributes during POST and PATCH. |
uuid |
string |
The QoS policy group UUID. This is mutually exclusive with name and other QoS attributes during POST and PATCH. |
retention
Specifies the retention mode and default retention period configured on the bucket.
Name | Type | Description |
---|---|---|
default_period |
string |
Specifies the default retention period that is applied to objects while committing them to the WORM state without an associated retention period. The retention period can be in years, or days. The retention period value represents a duration and must be specified in the ISO-8601 duration format. A period specified for years and days is represented in the ISO-8601 format as "P |
mode |
string |
The lock mode of the bucket. compliance ‐ A SnapLock Compliance (SLC) bucket provides the highest level of WORM protection and an administrator cannot destroy a compliance bucket if it contains unexpired WORM objects. governance ‐ An administrator can delete a Governance bucket. no_lock ‐ Indicates the bucket does not support object locking. |
svm
SVM, applies only to SVM-scoped objects.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
volume
Specifies the FlexGroup volume name and UUID where the bucket is hosted. This field cannot be set in a POST method.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the volume. This field cannot be specified in a POST or PATCH method. |
uuid |
string |
Unique identifier for the volume. This corresponds to the instance-uuid that is exposed in the CLI and ONTAPI. It does not change due to a volume move.
|
s3_bucket_svm
A bucket is a container of objects. Each bucket defines an object namespace. S3 requests specify objects using a bucket-name and object-name pair. An object resides within a bucket.
Name | Type | Description |
---|---|---|
aggregates |
array[aggregates] |
A list of aggregates for FlexGroup volume constituents where the bucket is hosted. If this option is not specified, the bucket is auto-provisioned as a FlexGroup volume. The "uuid" field cannot be used with the field "storage_service_level". |
audit_event_selector |
Event selector allows you to specify access and permission types to audit. |
|
comment |
string |
Can contain any additional information about the bucket being created or modified. |
constituents_per_aggregate |
integer |
Specifies the number of constituents or FlexVol volumes per aggregate. A FlexGroup volume consisting of all such constituents across all specified aggregates is created. This option is used along with the aggregates option and cannot be used independently. This field cannot be set using the PATCH method. |
encryption |
||
lifecycle_management |
Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects. |
|
logical_used_size |
integer |
Specifies the bucket logical used size up to this point. This field cannot be set using the PATCH method. |
name |
string |
Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-". |
nas_path |
string |
Specifies the NAS path to which the nas bucket corresponds to. |
policy |
A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied. |
|
protection_status |
Specifies attributes of bucket protection. |
|
qos_policy |
Specifes "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached. |
|
retention |
Specifies the retention mode and default retention period configured on the bucket. |
|
role |
string |
Specifies the role of the bucket. This field cannot be set in a POST method. |
size |
integer |
Specifies the bucket size in bytes; ranges from 190MB to 62PB. |
storage_service_level |
string |
Specifies the storage service level of the FlexGroup volume on which the bucket should be created. Valid values are "value", "performance" or "extreme". This field cannot be used with the field "aggregates.uuid" or with the "constituents_per_aggregate" in a POST method. This field cannot be set using the PATCH method. |
svm |
SVM, applies only to SVM-scoped objects. |
|
type |
string |
Specifies the bucket type. Valid values are "s3"and "nas". This field cannot be set using the PATCH method. |
uuid |
string |
Specifies the unique identifier of the bucket. This field cannot be specified in a POST or PATCH method. |
versioning_state |
string |
Specifies the versioning state of the bucket. Valid values are "disabled", "enabled" or "suspended". Note that the versioning state cannot be modified to 'disabled' from any other state. |
volume |
Specifies the FlexGroup volume name and UUID where the bucket is hosted. This field cannot be set in a POST method. |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |