Skip to main content

Retrieve the S3 bucket configuration for an SVM

Contributors
PDFs

GET /protocols/s3/buckets/{svm.uuid}/{uuid}

Introduced In: 9.8

Retrieves the S3 bucket configuration of an SVM. Note that in order to retrieve S3 bucket policy conditions, the 'fields' option should be set to '**'.

  • vserver object-store-server bucket show

  • vserver object-store-server bucket policy statement show

  • vserver object-store-server bucket policy-statement-condition show

  • vserver object-store-server bucket lifecycle-management-rule show

Learn more

Parameters

Name Type In Required Description

uuid

string

path

True

The unique identifier of the bucket.

svm.uuid

string

path

True

UUID of the SVM to which this object belongs.

fields

array[string]

query

False

Specify the fields to return.

Response

Status: 200, Ok
Name Type Description

aggregates

array[aggregates]

A list of aggregates for FlexGroup volume constituents where the bucket is hosted. If this option is not specified, the bucket is auto-provisioned as a FlexGroup volume.

allowed

boolean

If this is set to true, an SVM administrator can manage the S3 service. If it is false, only the cluster administrator can manage the service. This field cannot be specified in a POST method.

audit_event_selector

audit_event_selector

Audit event selector allows you to specify access and permission types to audit.

comment

string

Can contain any additional information about the bucket being created or modified.

constituents_per_aggregate

integer

Specifies the number of constituents or FlexVol volumes per aggregate. A FlexGroup volume consisting of all such constituents across all specified aggregates is created. This option is used along with the aggregates option and cannot be used independently.

encryption

encryption

lifecycle_management

lifecycle_management

Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects.

logical_used_size

integer

Specifies the bucket logical used size up to this point. This field cannot be specified using a POST or PATCH method.

name

string

Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-".

nas_path

string

Specifies the NAS path to which the nas bucket corresponds to.

policy

policy

A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied.

protection_status

protection_status

Specifies attributes of bucket protection.

qos_policy

qos_policy

Specifes "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached.

retention

retention

Specifies the retention mode and default retention period configured on the bucket.

role

string

Specifies the role of the bucket. This field cannot be specified using a POST method.

size

integer

Specifies the bucket size in bytes; ranges from 190MB to 62PB.

storage_service_level

string

Specifies the storage service level of the FlexGroup volume on which the bucket should be created. Valid values are "value", "performance" or "extreme".

svm

svm

SVM, applies only to SVM-scoped objects.

type

string

Specifies the bucket type. Valid values are "s3"and "nas".

use_mirrored_aggregates

boolean

Specifies whether mirrored aggregates are selected when provisioning a FlexGroup. Only mirrored aggregates are used if this parameter is set to "true" and only unmirrored aggregates are used if this parameter is set to "false". The default value is "true" for a MetroCluster configuration and is "false" for a non-MetroCluster configuration.

uuid

string

Specifies the unique identifier of the bucket.

versioning_state

string

Specifies the versioning state of the bucket. Valid values are "disabled", "enabled" or "suspended". Note that the versioning state cannot be modified to 'disabled' from any other state.

volume

volume

Specifies the FlexGroup volume name and UUID where the bucket is hosted.
Example response 
{
  "aggregates": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "name": "aggr1",
      "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
    }
  ],
  "audit_event_selector": {
    "access": "string",
    "permission": "string"
  },
  "comment": "S3 bucket.",
  "constituents_per_aggregate": 4,
  "lifecycle_management": {
    "rules": [
      {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "abort_incomplete_multipart_upload": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          }
        },
        "bucket_name": "bucket1",
        "expiration": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "object_age_days": 100,
          "object_expiry_date": "2039-09-22 20:00:00 -0400"
        },
        "name": "string",
        "non_current_version_expiration": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          }
        },
        "object_filter": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "prefix": "/logs",
          "size_greater_than": 10240,
          "size_less_than": 10485760,
          "tags": [
            "project1=projA",
            "project2=projB"
          ]
        },
        "svm": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "name": "svm1",
          "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
        },
        "uuid": "414b29a1-3b26-11e9-bd58-0050568ea055"
      }
    ]
  },
  "logical_used_size": 0,
  "name": "bucket1",
  "nas_path": "/",
  "policy": {
    "statements": [
      {
        "actions": [
          "GetObject",
          "PutObject",
          "DeleteObject",
          "ListBucket"
        ],
        "conditions": [
          {
            "delimiters": [
              "/"
            ],
            "max_keys": [
              1000
            ],
            "operator": "ip_address",
            "prefixes": [
              "pref"
            ],
            "source_ips": [
              "1.1.1.1",
              "1.2.2.0/24"
            ],
            "usernames": [
              "user1"
            ]
          }
        ],
        "effect": "allow",
        "principals": [
          "user1",
          "group/grp1",
          "nasgroup/group1"
        ],
        "resources": [
          "bucket1",
          "bucket1/*"
        ],
        "sid": "FullAccessToUser1"
      }
    ]
  },
  "qos_policy": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "max_throughput_iops": 10000,
    "max_throughput_mbps": 500,
    "min_throughput_iops": 2000,
    "min_throughput_mbps": 500,
    "name": "performance",
    "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
  },
  "retention": {
    "default_period": "P10Y",
    "mode": "governance"
  },
  "role": "string",
  "size": 1677721600,
  "storage_service_level": "value",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  },
  "type": "s3",
  "uuid": "414b29a1-3b26-11e9-bd58-0050568ea055",
  "versioning_state": "enabled",
  "volume": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "volume1",
    "uuid": "028baa66-41bd-11e9-81d5-00a0986138f7"
  }
}

Error

Status: Default, Error
Name Type Description

error

returned_error
Example error 
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

_links

Name Type Description

self

href

aggregates

Aggregate

Name Type Description

_links

_links

name

string

uuid

string

audit_event_selector

Audit event selector allows you to specify access and permission types to audit.

Name Type Description

access

string

Specifies read and write access types.

permission

string

Specifies allow and deny permission types.

encryption

Name Type Description

enabled

boolean

Specifies whether encryption is enabled on the bucket. By default, encryption is disabled on a bucket. This field cannot be specified in a POST method.

abort_incomplete_multipart_upload

Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket. It cannot be specified with tags.

Name Type Description

_links

_links

after_initiation_days

integer

Number of days of initiation after which uploads can be aborted.

expiration

Specifies a way to perform expiration action on filtered objects within a bucket.

Name Type Description

_links

_links

expired_object_delete_marker

boolean

Cleanup object delete markers.

object_age_days

integer

Number of days since creation after which objects can be deleted. This cannot be used along with object_expiry_date.

object_expiry_date

string

Specific date from when objects can expire. This cannot be used with object_age_days.

non_current_version_expiration

Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket.

Name Type Description

_links

_links

new_non_current_versions

integer

Number of latest non-current versions to be retained.

non_current_days

integer

Number of days after which non-current versions can be deleted.

object_filter

Specifies a way to filter objects within a bucket.

Name Type Description

_links

_links

prefix

string

A prefix that is matched against object-names within a bucket.

size_greater_than

integer

Size of the object greater than specified for which the corresponding lifecycle rule is to be applied.

size_less_than

integer

Size of the object smaller than specified for which the corresponding lifecycle rule is to be applied.

tags

array[string]

An array of key-value paired tags of the form or <tag=value>.

svm

Specifies the name of the SVM where this bucket exists.

Name Type Description

_links

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

rules

Information about the lifecycle management rule of a bucket.

Name Type Description

_links

_links

abort_incomplete_multipart_upload

abort_incomplete_multipart_upload

Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket. It cannot be specified with tags.

bucket_name

string

Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-".

enabled

boolean

Specifies whether or not the associated rule is enabled.

expiration

expiration

Specifies a way to perform expiration action on filtered objects within a bucket.

name

string

Bucket lifecycle management rule identifier. The length of the name can range from 0 to 256 characters.

non_current_version_expiration

non_current_version_expiration

Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket.

object_filter

object_filter

Specifies a way to filter objects within a bucket.

svm

svm

Specifies the name of the SVM where this bucket exists.

uuid

string

Specifies the unique identifier of the bucket.

lifecycle_management

Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects.

Name Type Description

rules

array[rules]

Specifies an object store lifecycle management policy.

s3_bucket_policy_condition

Information about policy conditions based on various condition operators and condition keys.

Name Type Description

delimiters

array[string]

An array of delimiters that are compared with the delimiter value specified at the time of execution of an S3-based command, using the condition operator specified.

max_keys

array[integer]

An array of maximum keys that are allowed or denied to be retrieved using an S3 list operation, based on the condition operator specified.

operator

string

Condition operator that is applied to the specified condition key.

prefixes

array[string]

An array of prefixes that are compared with the input prefix value specified at the time of execution of an S3-based command, using the condition operator specified.

source_ips

array[string]

An array of IP address ranges that are compared with the IP address of a source command at the time of execution of an S3-based command, using the condition operator specified.

usernames

array[string]

An array of usernames that a current user in the context is evaluated against using the condition operators.

s3_bucket_policy_statement

Specifies information about a single access permission.

Name Type Description

actions

array[string]

conditions

array[s3_bucket_policy_condition]

Specifies bucket policy conditions.

effect

string

Specifies whether access is allowed or denied when a user requests the specific action. If access (to allow) is not granted explicitly to a resource, access is implicitly denied. Access can also be denied explicitly to a resource, in order to make sure that a user cannot access it, even if a different policy grants access.

principals

array[string]

resources

array[string]

sid

string

Specifies the statement identifier used to differentiate between statements. The sid length can range from 1 to 256 characters and can only contain the following combination of characters 0-9, A-Z, and a-z. Special characters are not valid.

policy

A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied.

Name Type Description

statements

array[s3_bucket_policy_statement]

Specifies bucket access policy statement.

destination

Name Type Description

is_cloud

boolean

Specifies whether a bucket is protected within the Cloud. This field cannot be specified using a POST method.

is_external_cloud

boolean

Specifies whether a bucket is protected on external Cloud providers. This field cannot be specified using a POST method.

is_ontap

boolean

Specifies whether a bucket is protected within ONTAP. This field cannot be specified using a POST method.

  • Default value: 1

  • readOnly: 1

  • Introduced in: 9.10

  • x-nullable: true

protection_status

Specifies attributes of bucket protection.

Name Type Description

destination

destination

is_protected

boolean

Specifies whether a bucket is a source and if it is protected within ONTAP and/or an external cloud. This field cannot be specified using a POST method.

  • Default value: 1

  • readOnly: 1

  • Introduced in: 9.10

  • x-nullable: true

qos_policy

Specifes "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached.

Name Type Description

_links

_links

max_throughput_iops

integer

Specifies the maximum throughput in IOPS, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH.

max_throughput_mbps

integer

Specifies the maximum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH.

min_throughput_iops

integer

Specifies the minimum throughput in IOPS, 0 means none. Setting "min_throughput" is supported on AFF platforms only, unless FabricPool tiering policies are set. This is mutually exclusive with name and UUID during POST and PATCH.

min_throughput_mbps

integer

Specifies the minimum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH.

name

string

The QoS policy group name. This is mutually exclusive with UUID and other QoS attributes during POST and PATCH.

uuid

string

The QoS policy group UUID. This is mutually exclusive with name and other QoS attributes during POST and PATCH.

retention

Specifies the retention mode and default retention period configured on the bucket.

Name Type Description

default_period

string

Specifies the default retention period that is applied to objects while committing them to the WORM state without an associated retention period. The retention period can be in years, or days. The retention period value represents a duration and must be specified in the ISO-8601 duration format. A period specified for years and days is represented in the ISO-8601 format as "PY" and "PD" respectively, for example "P10Y" represents a duration of 10 years. The period string must contain only a single time element that is, either years, or days. A duration which combines different periods is not supported, for example "P1Y10D" is not supported.

mode

string

The lock mode of the bucket. compliance ‐ A SnapLock Compliance (SLC) bucket provides the highest level of WORM protection and an administrator cannot destroy a compliance bucket if it contains unexpired WORM objects. governance ‐ An administrator can delete a Governance bucket. no_lock ‐ Indicates the bucket does not support object locking.

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

_links

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

volume

Specifies the FlexGroup volume name and UUID where the bucket is hosted.

Name Type Description

_links

_links

name

string

The name of the volume. This field cannot be specified in a POST or PATCH method.

uuid

string

Unique identifier for the volume. This corresponds to the instance-uuid that is exposed in the CLI and ONTAPI. It does not change due to a volume move.

  • example: 028baa66-41bd-11e9-81d5-00a0986138f7

  • Introduced in: 9.6

  • x-nullable: true

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.