Skip to main content
ONTAP REST API reference

Create an S3 bucket configuration for an SVM

Contributors
PDFs

POST /protocols/s3/services/{svm.uuid}/buckets

Introduced In: 9.7

Creates the S3 bucket configuration of an SVM.

Important notes

  • Each SVM can have one or more bucket configurations.

  • Aggregate lists should be specified explicitly. If not specified, then the bucket is auto-provisioned as a FlexGroup.

  • Constituents per aggregate specifies the number of components (or FlexVols) per aggregate. Is specified only when an aggregate list is explicitly defined.

  • An access policy can be created when a bucket is created.

  • "qos_policy" can be specified if a bucket needs to be attached to a QoS group policy during creation time.

  • "audit_event_selector" can be specified if a bucket needs to be specify access and permission type for auditing.

  • Cross-origin resource sharing (CORS) configuration can be specified when a bucket is created.

Required properties

  • svm.uuid - Existing SVM in which to create the bucket configuration.

  • name - Bucket name that is to be created.

  • aggregates - List of aggregates for the FlexGroup on which the bucket is hosted on.

  • constituents_per_aggregate - Number of constituents per aggregate.

  • size - Specifying the bucket size is recommended.

  • policy - Specifying policy enables users to perform operations on buckets. Hence specifying the resource permissions is recommended.

  • qos_policy - A QoS policy for buckets.

  • audit_event_selector - Audit policy for buckets.

  • versioning_state - Versioning state for buckets.

  • type - Type of bucket.

  • nas_path - The NAS path to which the NAS bucket corresponds to.

  • use_mirrored_aggregates - Specifies whether mirrored aggregates are selected when provisioning a FlexGroup volume.

  • lifecycle_management - Object store server lifecycle management policy.

  • retention.mode - Object lock mode supported on the bucket.

  • retention.default_period - Specifies the duration of default-retention applicable for objects on the object store bucket.

  • cors - Specifying CORS rules enables the bucket to service the cross-origin requests.

  • snapshot_policy - Snapshot policy for the bucket.

Default property values

  • size - 800MB

  • comment - ""

  • aggregates - No default value.

  • constituents_per_aggregate - 4 , if an aggregates list is specified. Otherwise, no default value.

  • policy.statements.actions - GetObject, PutObject, DeleteObject, ListBucket, ListBucketMultipartUploads, ListMultipartUploadParts, GetObjectTagging, PutObjectTagging, DeleteObjectTagging, GetBucketVersioning, PutBucketVersioning.

  • policy.statements.principals - all S3 users and groups in the SVM or the NAS groups.

  • policy.statements.resources - all objects in the bucket.

  • policy.statements.conditions - list of bucket policy conditions.

  • qos-policy - No default value.

  • versioning_state - disabled.

  • use_mirrored_aggregates - true for a MetroCluster configuration and false for a non-MetroCluster configuration.

  • type - S3.

  • retention.mode - no_lock

  • vserver object-store-server bucket create

  • vserver object-store-server bucket policy statement create

  • vserver object-store-server bucket policy-statement-condition create

  • vserver object-store-server bucket lifecycle-management-rule create

  • vserver object-store-server bucket cors-rule create

Learn more

Parameters

Name Type In Required Description

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When doing a POST, PATCH, or DELETE operation on a single record, the default is 0 seconds. This means that if an asynchronous operation is started, the server immediately returns HTTP code 202 (Accepted) along with a link to the job. If a non-zero value is specified for POST, PATCH, or DELETE operations, ONTAP waits that length of time to see if the job completes so it can return something other than 202.

  • Default value: 1

  • Max value: 120

  • Min value: 0

return_records

boolean

query

False

The default is false. If set to true, the records are returned.

  • Default value:

svm.uuid

string

path

True

UUID of the SVM to which this object belongs.

Request Body

Name Type Description

aggregates

array[aggregates]

A list of aggregates for FlexGroup volume constituents where the bucket is hosted. If this option is not specified, the bucket is auto-provisioned as a FlexGroup volume. The "uuid" field cannot be used with the field "storage_service_level".

audit_event_selector

audit_event_selector

Event selector allows you to specify access and permission types to audit.

comment

string

Can contain any additional information about the bucket being created or modified.

constituents_per_aggregate

integer

Specifies the number of constituents or FlexVol volumes per aggregate. A FlexGroup volume consisting of all such constituents across all specified aggregates is created. This option is used along with the aggregates option and cannot be used independently. This field cannot be set using the PATCH method.

cors

cors

Cross-origin resource sharing (CORS) specifies an object associated with a bucket. The CORS configuration enables the bucket to service the cross-origin requests. A request might typically come from an origin with a domain that is different to that of the bucket. By configuring a CORS rule, you can define a combination of allowed origins, HTTP headers and methods that a bucket can use to filter out the cross-origin requests that it can service successfully.

encryption

encryption

lifecycle_management

lifecycle_management

Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects.

logical_used_size

integer

Specifies the bucket logical used size up to this point. This field cannot be set using the PATCH method.

name

string

Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-".

nas_path

string

Specifies the NAS path to which the nas bucket corresponds to.

policy

policy

A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied.

protection_status

protection_status

Specifies attributes of bucket protection.

qos_policy

qos_policy

Specifies "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached.

retention

retention

Specifies the retention mode and default retention period configured on the bucket.

role

string

Specifies the role of the bucket. This field cannot be set in a POST method.

size

integer

Specifies the bucket size in bytes; ranges from 190MB to 62PB.

snapshot_policy

snapshot_policy

Specifies the bucket snapshot policy.

storage_service_level

string

Specifies the storage service level of the FlexGroup volume on which the bucket should be created. Valid values are "value", "performance" or "extreme". This field cannot be used with the field "aggregates.uuid" or with the "constituents_per_aggregate" in a POST method. This field cannot be set using the PATCH method.

svm

svm

SVM, applies only to SVM-scoped objects.

type

string

Specifies the bucket type. Valid values are "s3"and "nas". This field cannot be set using the PATCH method.

uuid

string

Specifies the unique identifier of the bucket. This field cannot be specified in a POST or PATCH method.

versioning_state

string

Specifies the versioning state of the bucket. Valid values are "disabled", "enabled" or "suspended". Note that the versioning state cannot be modified to 'disabled' from any other state.

volume

volume

Specifies the FlexGroup volume name and UUID where the bucket is hosted. This field cannot be set in a POST method.
Example request 
{
  "aggregates": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "name": "aggr1",
      "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
    }
  ],
  "audit_event_selector": {
    "access": "string",
    "permission": "string"
  },
  "comment": "S3 bucket.",
  "constituents_per_aggregate": 4,
  "cors": {
    "rules": [
      {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "allowed_headers": [
          "x-amz-request-id"
        ],
        "allowed_methods": [
          "PUT",
          "DELETE"
        ],
        "allowed_origins": [
          "http://www.example.com"
        ],
        "expose_headers": [
          "x-amz-date"
        ],
        "id": "string",
        "max_age_seconds": 1024
      }
    ]
  },
  "lifecycle_management": {
    "rules": [
      {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "abort_incomplete_multipart_upload": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          }
        },
        "bucket_name": "bucket1",
        "expiration": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "object_age_days": 100,
          "object_expiry_date": "2039-09-22 20:00:00 -0400"
        },
        "name": "string",
        "non_current_version_expiration": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          }
        },
        "object_filter": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "prefix": "/logs",
          "size_greater_than": 10240,
          "size_less_than": 10485760,
          "tags": [
            "project1=projA",
            "project2=projB"
          ]
        },
        "svm": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "name": "svm1",
          "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
        },
        "uuid": "414b29a1-3b26-11e9-bd58-0050568ea055"
      }
    ]
  },
  "logical_used_size": 0,
  "name": "bucket1",
  "nas_path": "/",
  "policy": {
    "statements": [
      {
        "actions": [
          "GetObject",
          "PutObject",
          "DeleteObject",
          "ListBucket"
        ],
        "conditions": [
          {
            "delimiters": [
              "/"
            ],
            "max_keys": [
              1000
            ],
            "operator": "ip_address",
            "prefixes": [
              "pref"
            ],
            "source_ips": [
              "1.1.1.1",
              "1.2.2.0/24"
            ],
            "usernames": [
              "user1"
            ]
          }
        ],
        "effect": "allow",
        "principals": [
          "user1",
          "group/grp1",
          "nasgroup/group1"
        ],
        "resources": [
          "bucket1",
          "bucket1/*"
        ],
        "sid": "FullAccessToUser1"
      }
    ]
  },
  "qos_policy": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "max_throughput_iops": 10000,
    "max_throughput_mbps": 500,
    "min_throughput_iops": 2000,
    "min_throughput_mbps": 500,
    "name": "performance",
    "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
  },
  "retention": {
    "default_period": "P10Y",
    "mode": "governance"
  },
  "role": "string",
  "size": 819200000,
  "snapshot_policy": {
    "name": "default-1weekly",
    "uuid": "3675af31-431c-12fa-114a-20675afebc12"
  },
  "storage_service_level": "value",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  },
  "type": "s3",
  "uuid": "string",
  "versioning_state": "enabled",
  "volume": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "volume1",
    "uuid": "028baa66-41bd-11e9-81d5-00a0986138f7"
  }
}

Response

Status: 202, Accepted
Name Type Description

job

job_link
Example response 
{
  "job": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "uuid": "string"
  }
}

Headers

Name Description Type

Location

Useful for tracking the resource location

string

Response

Status: 201, Created

Error

Status: Default

ONTAP Error Response Codes

Error code Message

92405777

"Failed to create bucket "{bucket name}" for SVM "{svm.name}". Reason: {Reason of failure}. ";

92405785

"Bucket name "{bucket name}" contains invalid characters or invalid character combinations. Valid characters for a bucket name are 0-9, a-z, ".", and "-". Invalid character combinations are ".-", "-.", and "..". ";

92405786

"Bucket name "{bucket name}" is not valid. Bucket names must have between 3 and 63 characters. ";

92405811

"Failed to create bucket "{bucket name}" for SVM "{svm.name}". Wait a few minutes and try the operation again.";

92405812

"Failed to create the object store volume. Reason: {Reason for failure}.";

92405819

"Cannot provision an object store server volume for bucket "{bucket name}" in SVM "{svm.name}" on the following aggregates because they are SnapLock aggregates: {List of aggregates.name}.";

92405820

"Failed to check whether the aggregate "{aggregates.name}" is a FabricPool. Reason: {Reason for failure}.";

92405821

"Cannot provision an object store server volume for bucket "{bucket name}" in SVM "{svm.name}" on the following aggregates because they are FabricPool: {List of aggregates.name}.";

92405827

"Internal Error. Unable to generate object store volume name.";

92405857

"One or more aggregates must be specified if "constituents_per_aggregate" is specified.";

92405858

"Failed to "create" the "bucket" because the operation is only supported on data SVMs.";

92405859

"The specified "aggregates.uuid" "{aggregates.uuid}" does not exist.";

92405860

"The specified "aggregates.name" "{aggregates.name}" and "aggregates.uuid" "{aggregates.uuid}" do not refer to same aggregate.";

92405861

"The specified SVM UUID or bucket UUID does not exist.";

92405863

"Failed to create access policies for bucket "{bucket name}". Reason: {Reason of Failure}. Resolve all the issues and retry the operation.";

92405863

"Failed to create event selector for bucket "{bucket name}". Reason: {Reason of failure}. Reason: object-store-server audit configuration not created for SVM "{svm.name}". Resolve all the issues and retry the operation.";

92405891

The resources specified in the access policy are not valid. Valid ways to specify a resource are *, <bucket-name>, <bucket-name>/…​/…​. Valid characters for a resource are 0-9, A-Z, a-z, _, +, comma, ;, :, =, ., &, @,?, (, ), single quote, *, !, - and $.

92406166

"Cannot enable locking on a NAS bucket.";

92406170

"Cannot set "-default-retention-period" on object store bucket "{0}" in Vserver "{1}". Setting the default retention period on an object store bucket requires an effective cluster version of 9.14.1 or later.";

92406171

"Cannot set "{retention_mode}" to "compliance" in a MetroCluster configuration";

92406174

"Internal error. Failed to complete bucket create workflow with "-retention-mode" set to "compliance" or "governance". Reason: {0}";

92406175

"The SnapLock compliance clock is not running. Use the "snaplock compliance-clock initialize" command to initialize the compliance clock, and then try the operation again.";

92406176

"The SnapLock compliance clock is not running on the MetroCluster partner cluster. Use the "snaplock compliance-clock initialize" command to initialize the compliance clock on the MetroCluster partner cluster, and then try the operation again.";

92406230

"The value for "retention.default_period" parameter for object store bucket "" cannot be greater than the maximum lock retention period set in the object store server for SVM "". Check the maximum allowed lock retention period present in the object store server for SVM "" and try the operation again."; //end row //start row

92406236 //end row //start row

"The value for "retention.default_period" parameter for object store bucket "" cannot be less than the minimum lock retention period set in the object store server for SVM "". Check the minimum allowed lock retention period present in the object store server for SVM "" and try the operation again."; //end row //start row

92406217 //end row //start row

"The specified "allowed_headers" is not valid because it contains more than one wild card ("*") character."; //end row //start row

92406224 //end row //start row

"A Cross-Origin Resource Sharing (CORS) rule must have an origin and HTTP method specified."; //end row //start row

92406222 //end row //start row

"Cannot specify Cross-Origin Resource Sharing (CORS) configuration for object store bucket "" on SVM "". Specifying such configuration is supported on object store volumes created in ONTAP 9.8 or later releases only."; //end row //start row

92406211 //end row //start row

"The specified method "DONE" is not valid. Valid methods are GET, PUT, DELETE, HEAD, and POST."; //end row //start row

92405863 //end row //start row

"Failed to create CORS rules for bucket "bb1". Reason: "Field "index" cannot be specified for this operation.". Resolve all the issues and retry the operation."; //end row //start row

92406228 //end row //start row

"Cannot exceed the maximum limit of 100 Cross-Origin Resource Sharing (CORS) rules per S3 bucket "" in SVM "".";; //end row

|Name |Type |Description

|error |returned_error a|

.Example error [%collapsible%closed] ==== [source,json,subs=+macros] { "error": { "arguments": [ { "code": "string", "message": "string" } ], "code": "4", "message": "entry doesn't exist", "target": "uuid" } } ====

== Definitions

[.api-def-first-level] .See Definitions [%collapsible%closed] ==== [#href] [.api-collapsible-fifth-title] href

[cols=3*,options=header]

|Name |Type |Description

|href |string a|

[#_links] [.api-collapsible-fifth-title] _links

[cols=3*,options=header]

|Name |Type |Description

|self |href a|

[#aggregates] [.api-collapsible-fifth-title] aggregates

Aggregate

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|name |string a|

|uuid |string a|

[#audit_event_selector] [.api-collapsible-fifth-title] audit_event_selector

Event selector allows you to specify access and permission types to audit.

[cols=3*,options=header]

|Name |Type |Description

|access |string a|Specifies read and write access types.

|permission |string a|Specifies allow and deny permission types.

[#rules] [.api-collapsible-fifth-title] rules

Information about the CORS rule of an S3 bucket.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|allowed_headers |array[string] a|An array of HTTP headers allowed in the cross-origin requests.

|allowed_methods |array[string] a|An array of HTTP methods allowed in the cross-origin requests.

|allowed_origins |array[string] a|List of origins from where a cross-origin request is allowed to originate from for the S3 bucket.

|expose_headers |array[string] a|List of extra headers sent in the response that customers can access from their applications.

|id |string a|Bucket CORS rule identifier. The length of the name can range from 0 to 256 characters.

|max_age_seconds |integer a|The time in seconds for your browser to cache the preflight response for the specified resource.

[#cors] [.api-collapsible-fifth-title] cors

Cross-origin resource sharing (CORS) specifies an object associated with a bucket. The CORS configuration enables the bucket to service the cross-origin requests. A request might typically come from an origin with a domain that is different to that of the bucket. By configuring a CORS rule, you can define a combination of allowed origins, HTTP headers and methods that a bucket can use to filter out the cross-origin requests that it can service successfully.

[cols=3*,options=header]

|Name |Type |Description

|rules |array[rules] a|Specifies an object store bucket CORS rule.

[#encryption] [.api-collapsible-fifth-title] encryption

[cols=3*,options=header]

|Name |Type |Description

|enabled |boolean a|Specifies whether encryption is enabled on the bucket. By default, encryption is disabled on a bucket. This field cannot be set in a POST or PATCH method.

[#abort_incomplete_multipart_upload] [.api-collapsible-fifth-title] abort_incomplete_multipart_upload

Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket. It cannot be specified with tags.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|after_initiation_days |integer a|Number of days of initiation after which uploads can be aborted.

[#expiration] [.api-collapsible-fifth-title] expiration

Specifies a way to perform expiration action on filtered objects within a bucket.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|expired_object_delete_marker |boolean a|Cleanup object delete markers.

|object_age_days |integer a|Number of days since creation after which objects can be deleted. This cannot be used along with object_expiry_date.

|object_expiry_date |string a|Specific date from when objects can expire. This cannot be used with object_age_days.

[#non_current_version_expiration] [.api-collapsible-fifth-title] non_current_version_expiration

Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|new_non_current_versions |integer a|Number of latest non-current versions to be retained.

|non_current_days |integer a|Number of days after which non-current versions can be deleted.

[#object_filter] [.api-collapsible-fifth-title] object_filter

Specifies a way to filter objects within a bucket.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|prefix |string a|A prefix that is matched against object-names within a bucket.

|size_greater_than |integer a|Size of the object greater than specified for which the corresponding lifecycle rule is to be applied.

|size_less_than |integer a|Size of the object smaller than specified for which the corresponding lifecycle rule is to be applied.

|tags |array[string] a|An array of key-value paired tags of the form or <tag=value>.

[#svm] [.api-collapsible-fifth-title] svm

Specifies the name of the SVM where this bucket exists.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|name |string a|The name of the SVM. This field cannot be specified in a PATCH method.

|uuid |string a|The unique identifier of the SVM. This field cannot be specified in a PATCH method.

[#rules] [.api-collapsible-fifth-title] rules

Information about the lifecycle management rule of a bucket.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|abort_incomplete_multipart_upload |abort_incomplete_multipart_upload a|Specifies a way to perform abort_incomplete_multipart_upload action on filtered objects within a bucket. It cannot be specified with tags.

|bucket_name |string a|Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-".

|enabled |boolean a|Specifies whether or not the associated rule is enabled.

|expiration |expiration a|Specifies a way to perform expiration action on filtered objects within a bucket.

|name |string a|Bucket lifecycle management rule identifier. The length of the name can range from 0 to 256 characters.

|non_current_version_expiration |non_current_version_expiration a|Specifies a way to perform non_current_version_expiration action on filtered objects within a bucket.

|object_filter |object_filter a|Specifies a way to filter objects within a bucket.

|svm |svm a|Specifies the name of the SVM where this bucket exists.

|uuid |string a|Specifies the unique identifier of the bucket.

[#lifecycle_management] [.api-collapsible-fifth-title] lifecycle_management

Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects.

[cols=3*,options=header]

|Name |Type |Description

|rules |array[rules] a|Specifies an object store lifecycle management policy. This field cannot be set using the PATCH method.

[#s3_bucket_policy_condition] [.api-collapsible-fifth-title] s3_bucket_policy_condition

Information about policy conditions based on various condition operators and condition keys.

[cols=3*,options=header]

|Name |Type |Description

|delimiters |array[string] a|An array of delimiters that are compared with the delimiter value specified at the time of execution of an S3-based command, using the condition operator specified.

|max_keys |array[integer] a|An array of maximum keys that are allowed or denied to be retrieved using an S3 list operation, based on the condition operator specified.

|operator |string a|Condition operator that is applied to the specified condition key.

|prefixes |array[string] a|An array of prefixes that are compared with the input prefix value specified at the time of execution of an S3-based command, using the condition operator specified.

|source_ips |array[string] a|An array of IP address ranges that are compared with the IP address of a source command at the time of execution of an S3-based command, using the condition operator specified.

|usernames |array[string] a|An array of usernames that a current user in the context is evaluated against using the condition operators.

[#s3_bucket_policy_statement] [.api-collapsible-fifth-title] s3_bucket_policy_statement

Specifies information about a single access permission.

[cols=3*,options=header]

|Name |Type |Description

|actions |array[string] a|

|conditions |array[s3_bucket_policy_condition] a|Specifies bucket policy conditions.

|effect |string a|Specifies whether access is allowed or denied when a user requests the specific action. If access (to allow) is not granted explicitly to a resource, access is implicitly denied. Access can also be denied explicitly to a resource, in order to make sure that a user cannot access it, even if a different policy grants access.

|principals |array[string] a|

|resources |array[string] a|

|sid |string a|Specifies the statement identifier used to differentiate between statements. The sid length can range from 1 to 256 characters and can only contain the following combination of characters 0-9, A-Z, and a-z. Special characters are not valid.

[#policy] [.api-collapsible-fifth-title] policy

A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied.

[cols=3*,options=header]

|Name |Type |Description

|statements |array[s3_bucket_policy_statement] a|Specifies bucket access policy statement.

[#destination] [.api-collapsible-fifth-title] destination

[cols=3*,options=header]

|Name |Type |Description

|is_cloud |boolean a|Specifies whether a bucket is protected within the Cloud.

|is_external_cloud |boolean a|Specifies whether a bucket is protected on external Cloud providers.

|is_ontap |boolean a|Specifies whether a bucket is protected within ONTAP.

  • Default value: 1

  • readOnly: 1

  • Introduced in: 9.10

  • x-nullable: true

[#protection_status] [.api-collapsible-fifth-title] protection_status

Specifies attributes of bucket protection.

[cols=3*,options=header]

|Name |Type |Description

|destination |destination a|

|is_protected |boolean a|Specifies whether a bucket is a source and if it is protected within ONTAP and/or an external cloud. This field cannot be set in a POST method.

  • Default value: 1

  • readOnly: 1

  • Introduced in: 9.10

  • x-nullable: true

[#qos_policy] [.api-collapsible-fifth-title] qos_policy

Specifies "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|max_throughput_iops |integer a|Specifies the maximum throughput in IOPS, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH.

|max_throughput_mbps |integer a|Specifies the maximum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH.

|min_throughput_iops |integer a|Specifies the minimum throughput in IOPS, 0 means none. Setting "min_throughput" is supported on AFF platforms only, unless FabricPool tiering policies are set. This is mutually exclusive with name and UUID during POST and PATCH.

|min_throughput_mbps |integer a|Specifies the minimum throughput in Megabytes per sec, 0 means none. This is mutually exclusive with name and UUID during POST and PATCH.

|name |string a|The QoS policy group name. This is mutually exclusive with UUID and other QoS attributes during POST and PATCH.

|uuid |string a|The QoS policy group UUID. This is mutually exclusive with name and other QoS attributes during POST and PATCH.

[#retention] [.api-collapsible-fifth-title] retention

Specifies the retention mode and default retention period configured on the bucket.

[cols=3*,options=header]

|Name |Type |Description

|default_period |string a|Specifies the default retention period that is applied to objects while committing them to the WORM state without an associated retention period. The retention period can be in years, or days. The retention period value represents a duration and must be specified in the ISO-8601 duration format. A period specified for years and days is represented in the ISO-8601 format as "PY" and "PD" respectively, for example "P10Y" represents a duration of 10 years. The period string must contain only a single time element that is, either years, or days. A duration which combines different periods is not supported, for example "P1Y10D" is not supported.

|mode |string a|The lock mode of the bucket. compliance ‐ A SnapLock Compliance (SLC) bucket provides the highest level of WORM protection and an administrator cannot destroy a compliance bucket if it contains unexpired WORM objects. governance ‐ An administrator can delete a Governance bucket. no_lock ‐ Indicates the bucket does not support object locking.

[#snapshot_policy] [.api-collapsible-fifth-title] snapshot_policy

Specifies the bucket snapshot policy.

[cols=3*,options=header]

|Name |Type |Description

|name |string a|Specifies the name of the snapshot policy.

|uuid |string a|Specifies the unique identifier of the snapshot policy.

[#svm] [.api-collapsible-fifth-title] svm

SVM, applies only to SVM-scoped objects.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|name |string a|The name of the SVM. This field cannot be specified in a PATCH method.

|uuid |string a|The unique identifier of the SVM. This field cannot be specified in a PATCH method.

[#volume] [.api-collapsible-fifth-title] volume

Specifies the FlexGroup volume name and UUID where the bucket is hosted. This field cannot be set in a POST method.

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|name |string a|The name of the volume. This field cannot be specified in a PATCH method.

|uuid |string a|Unique identifier for the volume. This corresponds to the instance-uuid that is exposed in the CLI and ONTAPI. It does not change due to a volume move.

  • example: 028baa66-41bd-11e9-81d5-00a0986138f7

  • Introduced in: 9.6

  • x-nullable: true

[#s3_bucket_svm] [.api-collapsible-fifth-title] s3_bucket_svm

A bucket is a container of objects. Each bucket defines an object namespace. S3 requests specify objects using a bucket-name and object-name pair. An object resides within a bucket.

[cols=3*,options=header]

|Name |Type |Description

|aggregates |array[aggregates] a|A list of aggregates for FlexGroup volume constituents where the bucket is hosted. If this option is not specified, the bucket is auto-provisioned as a FlexGroup volume. The "uuid" field cannot be used with the field "storage_service_level".

|audit_event_selector |audit_event_selector a|Event selector allows you to specify access and permission types to audit.

|comment |string a|Can contain any additional information about the bucket being created or modified.

|constituents_per_aggregate |integer a|Specifies the number of constituents or FlexVol volumes per aggregate. A FlexGroup volume consisting of all such constituents across all specified aggregates is created. This option is used along with the aggregates option and cannot be used independently. This field cannot be set using the PATCH method.

|cors |cors a|Cross-origin resource sharing (CORS) specifies an object associated with a bucket. The CORS configuration enables the bucket to service the cross-origin requests. A request might typically come from an origin with a domain that is different to that of the bucket. By configuring a CORS rule, you can define a combination of allowed origins, HTTP headers and methods that a bucket can use to filter out the cross-origin requests that it can service successfully.

|encryption |encryption a|

|lifecycle_management |lifecycle_management a|Lifecycle management is implemented as an object associated with a bucket. It defines rules to be applied against objects within a bucket. These rules are applied in the background and can delete objects.

|logical_used_size |integer a|Specifies the bucket logical used size up to this point. This field cannot be set using the PATCH method.

|name |string a|Specifies the name of the bucket. Bucket name is a string that can only contain the following combination of ASCII-range alphanumeric characters 0-9, a-z, ".", and "-".

|nas_path |string a|Specifies the NAS path to which the nas bucket corresponds to.

|policy |policy a|A policy is an object associated with a bucket. It defines resource (bucket, folder, or object) permissions. These policies get evaluated when an S3 user makes a request by executing a specific command. The user must be part of the principal (user or group) specified in the policy. Permissions in the policies determine whether the request is allowed or denied.

|protection_status |protection_status a|Specifies attributes of bucket protection.

|qos_policy |qos_policy a|Specifies "qos_policy.max_throughput_iops" and/or "qos_policy.max_throughput_mbps" or "qos_policy.min_throughput_iops" and/or "qos_policy.min_throughput_mbps". Specifying "min_throughput_iops" or "min_throughput_mbps" is only supported on volumes hosted on a node that is flash optimized. A pre-created QoS policy can also be used by specifying "qos_policy.name" or "qos_policy.uuid" properties. Setting or assigning a QoS policy to a bucket is not supported if its containing volume or SVM already has a QoS policy attached.

|retention |retention a|Specifies the retention mode and default retention period configured on the bucket.

|role |string a|Specifies the role of the bucket. This field cannot be set in a POST method.

|size |integer a|Specifies the bucket size in bytes; ranges from 190MB to 62PB.

|snapshot_policy |snapshot_policy a|Specifies the bucket snapshot policy.

|storage_service_level |string a|Specifies the storage service level of the FlexGroup volume on which the bucket should be created. Valid values are "value", "performance" or "extreme". This field cannot be used with the field "aggregates.uuid" or with the "constituents_per_aggregate" in a POST method. This field cannot be set using the PATCH method.

|svm |svm a|SVM, applies only to SVM-scoped objects.

|type |string a|Specifies the bucket type. Valid values are "s3"and "nas". This field cannot be set using the PATCH method.

|uuid |string a|Specifies the unique identifier of the bucket. This field cannot be specified in a POST or PATCH method.

|versioning_state |string a|Specifies the versioning state of the bucket. Valid values are "disabled", "enabled" or "suspended". Note that the versioning state cannot be modified to 'disabled' from any other state.

|volume |volume a|Specifies the FlexGroup volume name and UUID where the bucket is hosted. This field cannot be set in a POST method.

[#job_link] [.api-collapsible-fifth-title] job_link

[cols=3*,options=header]

|Name |Type |Description

|_links |_links a|

|uuid |string a|The UUID of the asynchronous job that is triggered by a POST, PATCH, or DELETE operation.

[#error_arguments] [.api-collapsible-fifth-title] error_arguments

[cols=3*,options=header]

|Name |Type |Description

|code |string a|Argument code

|message |string a|Message argument

[#returned_error] [.api-collapsible-fifth-title] returned_error

[cols=3*,options=header]

|Name |Type |Description

|arguments |array[error_arguments] a|Message arguments

|code |string a|Error code

|message |string a|Error message

|target |string a|The target parameter that caused the error.

====