Update
Updates the specified bucket.
In most cases, storage.editor role (see documentation) should be enough
to update a bucket, subject to its policy.
- TypeScript
- Python
import {
cloudApi,
decodeMessage,
serviceClients,
Session,
waitForOperation,
} from "@yandex-cloud/nodejs-sdk";
const Bucket = cloudApi.storage.bucket.Bucket;
const CorsRule_Method = cloudApi.storage.bucket.CorsRule_Method;
const DefaultRetention_Mode = cloudApi.storage.bucket.DefaultRetention_Mode;
const Grant_GrantType = cloudApi.storage.bucket.Grant_GrantType;
const Grant_Permission = cloudApi.storage.bucket.Grant_Permission;
const ObjectLock_ObjectLockStatus =
cloudApi.storage.bucket.ObjectLock_ObjectLockStatus;
const UpdateBucketRequest = cloudApi.storage.bucket_service.UpdateBucketRequest;
const Versioning = cloudApi.storage.bucket.Versioning;
const WebsiteSettings_Protocol =
cloudApi.storage.bucket.WebsiteSettings_Protocol;
(async () => {
const authToken = process.env["YC_OAUTH_TOKEN"];
const session = new Session({ oauthToken: authToken });
const client = session.client(serviceClients.BucketServiceClient);
const operation = await client.update(
UpdateBucketRequest.fromPartial({
name: "name",
updateMask: {
// paths: ["paths"]
},
// anonymousAccessFlags: {
// read: {
// value: true
// },
// list: {
// value: true
// },
// configRead: {
// value: true
// }
// },
// defaultStorageClass: "defaultStorageClass",
// maxSize: 0,
// cors: [{
// id: "id",
// allowedMethods: [CorsRule_Method.METHOD_GET],
// allowedHeaders: ["allowedHeaders"],
// allowedOrigins: ["allowedOrigins"],
// exposeHeaders: ["exposeHeaders"],
// maxAgeSeconds: {
// value: 0
// }
// }],
// websiteSettings: {
// index: "index",
// error: "error",
// redirectAllRequests: {
// protocol: WebsiteSettings_Protocol.PROTOCOL_HTTP,
// hostname: "hostname"
// },
// routingRules: [{
// condition: {
// httpErrorCodeReturnedEquals: "httpErrorCodeReturnedEquals",
// keyPrefixEquals: "keyPrefixEquals"
// },
// redirect: {
// hostname: "hostname",
// httpRedirectCode: "httpRedirectCode",
// protocol: WebsiteSettings_Protocol.PROTOCOL_HTTP,
// replaceKeyPrefixWith: "replaceKeyPrefixWith",
// replaceKeyWith: "replaceKeyWith"
// }
// }]
// },
// versioning: Versioning.VERSIONING_DISABLED,
// lifecycleRules: [{
// id: {
// value: "value"
// },
// enabled: true,
// filter: {
// prefix: "prefix",
// objectSizeGreaterThan: {
// value: 0
// },
// objectSizeLessThan: {
// value: 0
// },
// tag: {
// key: "key",
// value: "value"
// },
// andOperator: {
// prefix: "prefix",
// objectSizeGreaterThan: {
// value: 0
// },
// objectSizeLessThan: {
// value: 0
// },
// tag: [{
// key: "key",
// value: "value"
// }]
// }
// },
// expiration: {
// date: {
// seconds: 0,
// nanos: 0
// },
// days: {
// value: 0
// },
// expiredObjectDeleteMarker: {
// value: true
// }
// },
// transitions: [{
// date: {
// seconds: 0,
// nanos: 0
// },
// days: {
// value: 0
// },
// storageClass: "storageClass"
// }],
// abortIncompleteMultipartUpload: {
// daysAfterExpiration: {
// value: 0
// }
// },
// noncurrentExpiration: {
// noncurrentDays: {
// value: 0
// }
// },
// noncurrentTransitions: [{
// noncurrentDays: {
// value: 0
// },
// storageClass: "storageClass"
// }],
// noncurrentDeleteMarkers: {
// noncurrentDays: {
// value: 0
// }
// }
// }],
// policy: {},
// acl: {
// grants: [{
// permission: Grant_Permission.PERMISSION_FULL_CONTROL,
// grantType: Grant_GrantType.GRANT_TYPE_ACCOUNT,
// granteeId: "granteeId"
// }]
// },
// tags: [{
// key: "key",
// value: "value"
// }],
// objectLock: {
// status: ObjectLock_ObjectLockStatus.OBJECT_LOCK_STATUS_DISABLED,
// defaultRetention: {
// mode: DefaultRetention_Mode.MODE_GOVERNANCE,
// days: 0,
// years: 0
// }
// },
// encryption: {
// rules: [{
// kmsMasterKeyId: "kmsMasterKeyId",
// sseAlgorithm: "sseAlgorithm"
// }]
// }
})
);
const finishedOp = await waitForOperation(operation, session);
if (finishedOp.response) {
const result = decodeMessage<typeof Bucket>(finishedOp.response);
console.log(result);
}
})();
import os
import grpc
import yandexcloud
from yandex.cloud.storage.v1.bucket_pb2 import ACL
from yandex.cloud.storage.v1.bucket_pb2 import AnonymousAccessFlags
from yandex.cloud.storage.v1.bucket_pb2 import Bucket
from yandex.cloud.storage.v1.bucket_service_pb2_grpc import BucketServiceStub
from yandex.cloud.storage.v1.bucket_pb2 import CorsRule
from yandex.cloud.storage.v1.bucket_pb2 import Encryption
from yandex.cloud.storage.v1.bucket_pb2 import LifecycleRule
from yandex.cloud.storage.v1.bucket_pb2 import ObjectLock
from yandex.cloud.storage.v1.bucket_pb2 import Tag
from yandex.cloud.storage.v1.bucket_service_pb2 import UpdateBucketMetadata
from yandex.cloud.storage.v1.bucket_service_pb2 import UpdateBucketRequest
from yandex.cloud.storage.v1.bucket_pb2 import Versioning
from yandex.cloud.storage.v1.bucket_pb2 import WebsiteSettings
token = os.getenv("YC_OAUTH_TOKEN")
sdk = yandexcloud.SDK(token=token)
service = sdk.client(BucketServiceStub)
operation = service.Update(
UpdateBucketRequest(
name="name",
update_mask=FieldMask.FromJsonString("field1,field2"),
# anonymous_access_flags = AnonymousAccessFlags(
# read = BoolValue(
# value = true
# ),
# list = BoolValue(
# value = true
# ),
# config_read = BoolValue(
# value = true
# )
# ),
# default_storage_class = "defaultStorageClass",
# max_size = 0,
# cors = [CorsRule(
# id = "id",
# allowed_methods = [CorsRule.Method.METHOD_GET],
# allowed_headers = ["allowedHeaders"],
# allowed_origins = ["allowedOrigins"],
# expose_headers = ["exposeHeaders"],
# max_age_seconds = Int64Value(
# value = 0
# )
# )],
# website_settings = WebsiteSettings(
# index = "index",
# error = "error",
# redirect_all_requests = WebsiteSettings.Scheme(
# protocol = WebsiteSettings.Protocol.PROTOCOL_HTTP,
# hostname = "hostname"
# ),
# routing_rules = [WebsiteSettings.RoutingRule(
# condition = WebsiteSettings.Condition(
# http_error_code_returned_equals = "httpErrorCodeReturnedEquals",
# key_prefix_equals = "keyPrefixEquals"
# ),
# redirect = WebsiteSettings.Redirect(
# hostname = "hostname",
# http_redirect_code = "httpRedirectCode",
# protocol = WebsiteSettings.Protocol.PROTOCOL_HTTP,
# replace_key_prefix_with = "replaceKeyPrefixWith",
# replace_key_with = "replaceKeyWith"
# )
# )]
# ),
# versioning = Versioning.VERSIONING_DISABLED,
# lifecycle_rules = [LifecycleRule(
# id = StringValue(
# value = "value"
# ),
# enabled = true,
# filter = LifecycleRule.RuleFilter(
# prefix = "prefix",
# object_size_greater_than = Int64Value(
# value = 0
# ),
# object_size_less_than = Int64Value(
# value = 0
# ),
# tag = Tag(
# key = "key",
# value = "value"
# ),
# and_operator = RuleFilter.And(
# prefix = "prefix",
# object_size_greater_than = Int64Value(
# value = 0
# ),
# object_size_less_than = Int64Value(
# value = 0
# ),
# tag = [Tag(
# key = "key",
# value = "value"
# )]
# )
# ),
# expiration = LifecycleRule.Expiration(
# date = Timestamp(
# seconds = 0,
# nanos = 0
# ),
# days = Int64Value(
# value = 0
# ),
# expired_object_delete_marker = BoolValue(
# value = true
# )
# ),
# transitions = [LifecycleRule.Transition(
# date = Timestamp(
# seconds = 0,
# nanos = 0
# ),
# days = Int64Value(
# value = 0
# ),
# storage_class = "storageClass"
# )],
# abort_incomplete_multipart_upload = LifecycleRule.AfterDays(
# days_after_expiration = Int64Value(
# value = 0
# )
# ),
# noncurrent_expiration = LifecycleRule.NoncurrentExpiration(
# noncurrent_days = Int64Value(
# value = 0
# )
# ),
# noncurrent_transitions = [LifecycleRule.NoncurrentTransition(
# noncurrent_days = Int64Value(
# value = 0
# ),
# storage_class = "storageClass"
# )],
# noncurrent_delete_markers = LifecycleRule.NoncurrentDeleteMarkers(
# noncurrent_days = Int64Value(
# value = 0
# )
# )
# )],
# policy = {},
# acl = ACL(
# grants = [ACL.Grant(
# permission = Grant.Permission.PERMISSION_FULL_CONTROL,
# grant_type = Grant.GrantType.GRANT_TYPE_ACCOUNT,
# grantee_id = "granteeId"
# )]
# ),
# tags = [Tag(
# key = "key",
# value = "value"
# )],
# object_lock = ObjectLock(
# status = ObjectLock.ObjectLockStatus.OBJECT_LOCK_STATUS_DISABLED,
# default_retention = ObjectLock.DefaultRetention(
# mode = DefaultRetention.Mode.MODE_GOVERNANCE,
# days = 0,
# years = 0
# )
# ),
# encryption = Encryption(
# rules = [Encryption.EncryptionRule(
# kms_master_key_id = "kmsMasterKeyId",
# sse_algorithm = "sseAlgorithm"
# )]
# )
)
)
operation_result = sdk.wait_operation_and_get_result(
operation,
response_type=Bucket,
meta_type=UpdateBucketMetadata,
)
print(operation_result)
UpdateBucketRequest
name : string
Name of the bucket to update.
The name cannot be updated.
To get the bucket name, make a BucketService.List request.
updateMask : google.protobuf.FieldMask
Update mask that specifies which attributes of the bucket should be updated. Use * for full update.
anonymousAccessFlags : AnonymousAccessFlags
Flags for configuring public (anonymous) access to the bucket's content and settings. For details, see documentation.
defaultStorageClass : string
Default storage class for objects in the bucket. Supported classes are standard storage (STANDARD), cold storage
(COLD, STANDARD_IA, NEARLINE all synonyms), and ice storage (ICE and GLACIER are synonyms).
For details, see documentation.
maxSize : int64
Maximum size of the bucket, in bytes. For details, see documentation.
cors : CorsRule
List of rules for cross-domain requests to objects in the bucket (cross-origin resource sharing, CORS). For details, see documentation.
websiteSettings : WebsiteSettings
Configuration for hosting a static website in the bucket. For details, see documentation.
versioning : Versioning
Bucket versioning status. For details, see documentation.
lifecycleRules : LifecycleRule
List of object lifecycle rules for the bucket. For details, see documentation.
policy : google.protobuf.Struct
Bucket policies that set permissions for actions with the bucket, its objects, and groups of objects. For details, see documentation.
acl : ACL
Access control list (ACL) of the bucket. For details, see documentation.
tags : Tag
List of tags for the bucket. For details, see documentation.
objectLock : ObjectLock
Configuration for object lock on the bucket. For details about the concept, see documentation.
encryption : Encryption
Configuration for bucket's encryption For detauls, see documentation
AnonymousAccessFlags
read : google.protobuf.BoolValue
Specifies whether public (anonymous) access to read objects in the bucket is enabled.
list : google.protobuf.BoolValue
Specifies whether public (anonymous) access to the list of objects in the bucket is enabled.
configRead : google.protobuf.BoolValue
Specifies whether public (anonymous) access to read CORS, static website hosting, and object lifecycles settings of the bucket is enabled.
CorsRule
A CORS rule resource. For details about the concept, see documentation.
Method
List of HTTP methods that are allowed by the CORS rule.
When a client sends a CORS-preflight options request with the Access-Control-Request-Method header (see
S3-compatible API reference](https://cloud.yandex.com/docs/storage/s3/api-ref/object/options)), the specified method is checked against the
list of the allowed methods. If there is a match, all the allowed methods are listed in the
Access-Control-Allow-Methods header of the response.
METHOD_UNSPECIFIEDList of HTTP methods that are allowed by the CORS rule. When a client sends a CORS-preflight
optionsrequest with theAccess-Control-Request-Methodheader (see S3-compatible API reference](https://cloud.yandex.com/docs/storage/s3/api-ref/object/options)), the specified method is checked against the list of the allowed methods. If there is a match, all the allowed methods are listed in theAccess-Control-Allow-Methodsheader of the response.METHOD_GETHTTP
GETmethod.METHOD_HEADHTTP
HEADmethod.METHOD_POSTHTTP
POSTmethod.METHOD_PUTHTTP
PUTmethod.METHOD_DELETEHTTP
DELETEmethod.
id : string
ID of the CORS rule.
allowedMethods : Method
List of HTTP methods allowed by the CORS rule.
When a client sends a CORS-preflight options request with the Access-Control-Request-Method header (see
S3-compatible API reference), the specified method is checked against
the list of the allowed methods. If there is a match, all the allowed methods are listed in the
Access-Control-Allow-Methods header of the response.
allowedHeaders : string
List of HTTP headers allowed by the CORS rule.
When a client sends a CORS-preflight options request with the Access-Control-Request-Headers header (see
S3-compatible API reference), the specified headers are checked against
the list of the allowed headers. If there is a match, the specified headers that are allowed are listed in the
Access-Control-Allow-Headers header of the response.
Each string in the list can contain at most one * wildcard character that matches 0 or more characters.
For example, x-amz-* value will allow all Amazon S3-compatible headers.
allowedOrigins : string
List of request origins allowed by the CORS rule.
Each string in the list can contain at most one * wildcard character that matches 0 or more characters.
For example, http://*.example.com value will allow requests originating from all subdomains of example.com.
exposeHeaders : string
List of headers contained in responses to CORS requests that can be accessed by applications.
maxAgeSeconds : google.protobuf.Int64Value
Time in seconds that a client can cache the response to a CORS-preflight request as identified by the object requested, the HTTP method, and the origin.
WebsiteSettings
Protocol
PROTOCOL_UNSPECIFIEDPROTOCOL_HTTPhttpscheme.PROTOCOL_HTTPShttpsscheme.
Scheme
A configuration resource for redirecting all requests sent to the website.
protocol : Protocol
Scheme of the redirect URI.
hostname : string
Hostname of the redirect URI.
Condition
httpErrorCodeReturnedEquals : string
HTTP status code (number only) that must match for the redirect to apply.
keyPrefixEquals : string
Prefix of the object key from which requests are redirected.
Redirect
hostname : string
Hostname of the redirect URI.
httpRedirectCode : string
HTTP status code of the redirect response.
Default value: "301".
protocol : Protocol
Scheme of the redirect URI.
replaceKeyPrefixWith : string
Substitution for the prefix of the object key specified in Condition.key_prefix_equals.
At most one of replace_key_prefix_with and replace_key_with can be specified.
replaceKeyWith : string
New object key.
At most one of replace_key_with and replace_key_prefix_with can be specified.
RoutingRule
List of redirect rules.
condition : Condition
Redirect condition.
redirect : Redirect
Redirect instructions.
index : string
Key of the index page object that is returned when a response is made to the root of the website.
Either index or redirect_all_requests must be specified in order for the bucket to host a static website.
If specified, the index page object must be located in the root of the bucket.
error : string
Key of the error page object that is returned when an error occurs.
redirectAllRequests : Scheme
Configuration for redirecting all requests sent to the website.
Either redirect_all_requests or index must be specified in order for the bucket to host a static website. If redirect_all_requests is specified, it must be the only field in Bucket.website_settings.
routingRules : RoutingRule
List of redirect rules.
LifecycleRule
An object lifecycle rule resource for the bucket. For details about the concept, see documentation.
AfterDays
daysAfterExpiration : google.protobuf.Int64Value
Time period, in number of days from the start of the multipart upload, after which the incomplete upload is aborted.
NoncurrentDeleteMarkers
noncurrentDays : google.protobuf.Int64Value
Time period, in number of days since the version of a delete marker was classified as non-current, after which the delete marker expires.
NoncurrentExpiration
noncurrentDays : google.protobuf.Int64Value
Time period, in number of days since the version of an object was classified as non-current, after which the version expires.
NoncurrentTransition
List of transition rules for non-current versions of objects in a bucket with versioning enabled
(Bucket.versioning is VERSIONING_ENABLED) or suspended (VERSIONING_SUSPENDED).
At transition, the non-current version of the object is transitioned to the specified storage class.
noncurrentDays : google.protobuf.Int64Value
Time period, in number of days since the version of an object was classified as non-current, after which the version is transitioned.
storageClass : string
Storage class to which a non-current version of an object is transitioned from standard storage.
The only supported class is cold storage (COLD, STANDARD_IA, NEARLINE all synonyms). Transitions from cold
to standard storage and transitions to or from ice storage are not allowed.
Transition
List of transition rules.
The transition of an object is described as follows.
For the unversioned bucket (Bucket.versioning is VERSIONING_DISABLED), the object is transitioned to the
specified storage class.
For the bucket with versioning enabled (Bucket.versioning is VERSIONING_ENABLED) or suspended
(VERSIONING_SUSPENDED), the current version of the object is transitioned to the specified storage class.
date : google.protobuf.Timestamp
Specific date of object transition.
The rule continues to apply even after the date has passed, i.e. any new objects created in the bucket are transitioned immediately.
At most one of date and days fields can be specified.
days : google.protobuf.Int64Value
Time period, in number of days from the creation or modification of the object, after which an object is transitioned.
At most one of days and date fields can be specified.
storageClass : string
Storage class to which an object is transitioned from standard storage.
The only supported class is cold storage (COLD, STANDARD_IA, NEARLINE all synonyms). Transitions from cold
to standard storage and transitions to or from ice storage are not allowed.
Expiration
date : google.protobuf.Timestamp
Specific date of object expiration.
The rule continues to apply even after the date has passed, i.e. any new objects created in the bucket expire immediately.
Exactly one of date, days, and expired_object_delete_marker fields can be specified.
days : google.protobuf.Int64Value
Time period, in number of days from the creation or modification of the object, after which an object expires.
Exactly one of days, date, and expired_object_delete_marker fields can be specified.
expiredObjectDeleteMarker : google.protobuf.BoolValue
Indicates whether a delete marker of an object with no non-current versions (referred to as an expired object delete marker) is removed at the object's expiration.
Exactly one of expired_object_delete_marker, date, and days fields can be specified.
RuleFilter
And
prefix : string
objectSizeGreaterThan : google.protobuf.Int64Value
objectSizeLessThan : google.protobuf.Int64Value
tag : Tag
prefix : string
Key prefix that the object must have in order for the rule to apply.
objectSizeGreaterThan : google.protobuf.Int64Value
Size that the object must be greater.
objectSizeLessThan : google.protobuf.Int64Value
Size that the object must be less t.
tag : Tag
Tags that the object's tag set must have for the rule to apply.
andOperator : And
Apply a logical AND to all of the predicates configured inside the And operator.
id : google.protobuf.StringValue
ID of the rule. Provided by the client or generated at creation time.
enabled : bool
Indicates whether the rule is in effect.
filter : RuleFilter
Filter that identifies the objects to which the rule applies.
If not specified, the rule applies to all objects in the bucket.
expiration : Expiration
Expiration rule.
The expiration of an object is described as follows.
For the unversioned bucket (Bucket.versioning is VERSIONING_DISABLED), the object is deleted and cannot be
recovered.
For the bucket with versioning enabled (Bucket.versioning is VERSIONING_ENABLED), the current version of the
object (if it exists and is not a delete marker) is retained as a non-current version, and a delete marker becomes
the current version of the object.
For the bucket with versioning suspended (Bucket.versioning is VERSIONING_SUSPENDED), the current version of
the object is retained as a non-current version if it is not a delete marker, or is removed otherwise, and a
delete marker becomes the current version of the object.
transitions : Transition
List of transition rules.
The transition of an object is described as follows.
For the unversioned bucket (Bucket.versioning is VERSIONING_DISABLED), the object is transitioned to the
specified storage class.
For the bucket with versioning enabled (Bucket.versioning is VERSIONING_ENABLED) or suspended
(VERSIONING_SUSPENDED), the current version of the object is transitioned to the specified storage class.
abortIncompleteMultipartUpload : AfterDays
Configuration for aborting incomplete multipart uploads.
noncurrentExpiration : NoncurrentExpiration
Expiration rule for non-current versions of objects in a bucket with versioning enabled (Bucket.versioning is
VERSIONING_ENABLED) or suspended (VERSIONING_SUSPENDED).
At expiration, the non-current version of the object is deleted and cannot be recovered.
noncurrentTransitions : NoncurrentTransition
List of transition rules for non-current versions of objects in a bucket with versioning enabled
(Bucket.versioning is VERSIONING_ENABLED) or suspended (VERSIONING_SUSPENDED).
At transition, the non-current version of the object is transitioned to the specified storage class.
noncurrentDeleteMarkers : NoncurrentDeleteMarkers
Expiration rule for non-current delete markers of an objects in a bucket with versioning
enabled (Bucket.versioning is VERSIONING_ENABLED) or suspended (VERSIONING_SUSPENDED).
Works in the same way as noncurrent_expiration rule, but only for delete markers.
At expiration, the non-current delete marker of the object is deleted and cannot be recovered.
ACL
Grant
A grant resource, used to specify the permission granted and the grantee.
Permission
PERMISSION_UNSPECIFIEDPERMISSION_FULL_CONTROLAllows grantee the
PERMISSION_WRITE,PERMISSION_WRITE_ACP,PERMISSION_READ, andPERMISSION_READ_ACPon the bucket. Maps tox-amz-grant-full-controlheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_WRITEAllows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects. Maps to
x-amz-grant-writeheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_WRITE_ACPAllows grantee to write the ACL for the bucket. Maps to
x-amz-grant-write-acpheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_READAllows grantee to list the objects in the bucket. Maps to
x-amz-grant-readheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_READ_ACPAllows grantee to read the bucket ACL Maps to
x-amz-grant-read-acpheader for bucketPutAcl method of Amazon S3-compatible HTTP API.
GrantType
GRANT_TYPE_UNSPECIFIEDGRANT_TYPE_ACCOUNTA grantee is an account on the platform. For this grantee type, you need to specify the user ID in [Bucket.acl.grants.grantee_id][37] field. To get user ID, see instruction. Maps to using
id="*"value forx-amz-grant-*header (bucketPutAcl method of Amazon S3-compatible HTTP API).GRANT_TYPE_ALL_AUTHENTICATED_USERSGrantees are all authenticated users, both from your clouds and other users' clouds. Access permission to this group allows any account on the platform to access the resource via a signed (authenticated) request. Maps to using
uri="http://acs.amazonaws.com/groups/global/AuthenticatedUsers"value forx-amz-grant-*header (bucketPutAcl method of Amazon S3-compatible HTTP API).GRANT_TYPE_ALL_USERSGrantees are all internet users. Access permission to this group allows anyone in the world access to the resource via signed (authenticated) or unsigned (anonymous) requests. Maps to using
uri="http://acs.amazonaws.com/groups/global/AllUsers"value forx-amz-grant-*header (bucketPutAcl method of Amazon S3-compatible HTTP API).
permission : Permission
Permission granted by the grant.
grantType : GrantType
The grantee type for the grant.
granteeId : string
ID of the account who is a grantee. Required when the grant_type is GRANT_TYPE_ACCOUNT.
grants : Grant
List of permissions granted and the grantees.
Tag
key : string
Key of the bucket tag.
value : string
Value of the bucket tag.
ObjectLock
A resource for Object Lock configuration of a bucket. For details about the concept, see documentation.
ObjectLockStatus
Activity status of the object lock settings on the bucket
OBJECT_LOCK_STATUS_UNSPECIFIEDActivity status of the object lock settings on the bucket
OBJECT_LOCK_STATUS_DISABLEDActivity status of the object lock settings on the bucket
OBJECT_LOCK_STATUS_ENABLEDActivity status of the object lock settings on the bucket
DefaultRetention
Default lock configuration for added objects
Mode
Lock type
MODE_UNSPECIFIEDLock type
MODE_GOVERNANCELock type
MODE_COMPLIANCELock type
mode : Mode
One of period
status : ObjectLockStatus
defaultRetention : DefaultRetention
Encryption
EncryptionRule
kmsMasterKeyId : string
sseAlgorithm : string
rules : EncryptionRule
Condition
httpErrorCodeReturnedEquals : string
HTTP status code (number only) that must match for the redirect to apply.
keyPrefixEquals : string
Prefix of the object key from which requests are redirected.
Redirect
hostname : string
Hostname of the redirect URI.
httpRedirectCode : string
HTTP status code of the redirect response.
Default value: "301".
protocol : Protocol
Scheme of the redirect URI.
replaceKeyPrefixWith : string
Substitution for the prefix of the object key specified in Condition.key_prefix_equals.
At most one of replace_key_prefix_with and replace_key_with can be specified.
replaceKeyWith : string
New object key.
At most one of replace_key_with and replace_key_prefix_with can be specified.
Scheme
A configuration resource for redirecting all requests sent to the website.
protocol : Protocol
Scheme of the redirect URI.
hostname : string
Hostname of the redirect URI.
RoutingRule
List of redirect rules.
condition : Condition
Redirect condition.
redirect : Redirect
Redirect instructions.
And
prefix : string
objectSizeGreaterThan : google.protobuf.Int64Value
objectSizeLessThan : google.protobuf.Int64Value
tag : Tag
RuleFilter
And
prefix : string
objectSizeGreaterThan : google.protobuf.Int64Value
objectSizeLessThan : google.protobuf.Int64Value
tag : Tag
prefix : string
Key prefix that the object must have in order for the rule to apply.
objectSizeGreaterThan : google.protobuf.Int64Value
Size that the object must be greater.
objectSizeLessThan : google.protobuf.Int64Value
Size that the object must be less t.
tag : Tag
Tags that the object's tag set must have for the rule to apply.
andOperator : And
Apply a logical AND to all of the predicates configured inside the And operator.
Expiration
date : google.protobuf.Timestamp
Specific date of object expiration.
The rule continues to apply even after the date has passed, i.e. any new objects created in the bucket expire immediately.
Exactly one of date, days, and expired_object_delete_marker fields can be specified.
days : google.protobuf.Int64Value
Time period, in number of days from the creation or modification of the object, after which an object expires.
Exactly one of days, date, and expired_object_delete_marker fields can be specified.
expiredObjectDeleteMarker : google.protobuf.BoolValue
Indicates whether a delete marker of an object with no non-current versions (referred to as an expired object delete marker) is removed at the object's expiration.
Exactly one of expired_object_delete_marker, date, and days fields can be specified.
Transition
List of transition rules.
The transition of an object is described as follows.
For the unversioned bucket (Bucket.versioning is VERSIONING_DISABLED), the object is transitioned to the
specified storage class.
For the bucket with versioning enabled (Bucket.versioning is VERSIONING_ENABLED) or suspended
(VERSIONING_SUSPENDED), the current version of the object is transitioned to the specified storage class.
date : google.protobuf.Timestamp
Specific date of object transition.
The rule continues to apply even after the date has passed, i.e. any new objects created in the bucket are transitioned immediately.
At most one of date and days fields can be specified.
days : google.protobuf.Int64Value
Time period, in number of days from the creation or modification of the object, after which an object is transitioned.
At most one of days and date fields can be specified.
storageClass : string
Storage class to which an object is transitioned from standard storage.
The only supported class is cold storage (COLD, STANDARD_IA, NEARLINE all synonyms). Transitions from cold
to standard storage and transitions to or from ice storage are not allowed.
AfterDays
daysAfterExpiration : google.protobuf.Int64Value
Time period, in number of days from the start of the multipart upload, after which the incomplete upload is aborted.
NoncurrentExpiration
noncurrentDays : google.protobuf.Int64Value
Time period, in number of days since the version of an object was classified as non-current, after which the version expires.
NoncurrentTransition
List of transition rules for non-current versions of objects in a bucket with versioning enabled
(Bucket.versioning is VERSIONING_ENABLED) or suspended (VERSIONING_SUSPENDED).
At transition, the non-current version of the object is transitioned to the specified storage class.
noncurrentDays : google.protobuf.Int64Value
Time period, in number of days since the version of an object was classified as non-current, after which the version is transitioned.
storageClass : string
Storage class to which a non-current version of an object is transitioned from standard storage.
The only supported class is cold storage (COLD, STANDARD_IA, NEARLINE all synonyms). Transitions from cold
to standard storage and transitions to or from ice storage are not allowed.
NoncurrentDeleteMarkers
noncurrentDays : google.protobuf.Int64Value
Time period, in number of days since the version of a delete marker was classified as non-current, after which the delete marker expires.
Grant
A grant resource, used to specify the permission granted and the grantee.
Permission
PERMISSION_UNSPECIFIEDPERMISSION_FULL_CONTROLAllows grantee the
PERMISSION_WRITE,PERMISSION_WRITE_ACP,PERMISSION_READ, andPERMISSION_READ_ACPon the bucket. Maps tox-amz-grant-full-controlheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_WRITEAllows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects. Maps to
x-amz-grant-writeheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_WRITE_ACPAllows grantee to write the ACL for the bucket. Maps to
x-amz-grant-write-acpheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_READAllows grantee to list the objects in the bucket. Maps to
x-amz-grant-readheader for bucketPutAcl method of Amazon S3-compatible HTTP API.PERMISSION_READ_ACPAllows grantee to read the bucket ACL Maps to
x-amz-grant-read-acpheader for bucketPutAcl method of Amazon S3-compatible HTTP API.
GrantType
GRANT_TYPE_UNSPECIFIEDGRANT_TYPE_ACCOUNTA grantee is an account on the platform. For this grantee type, you need to specify the user ID in [Bucket.acl.grants.grantee_id][60] field. To get user ID, see instruction. Maps to using
id="*"value forx-amz-grant-*header (bucketPutAcl method of Amazon S3-compatible HTTP API).GRANT_TYPE_ALL_AUTHENTICATED_USERSGrantees are all authenticated users, both from your clouds and other users' clouds. Access permission to this group allows any account on the platform to access the resource via a signed (authenticated) request. Maps to using
uri="http://acs.amazonaws.com/groups/global/AuthenticatedUsers"value forx-amz-grant-*header (bucketPutAcl method of Amazon S3-compatible HTTP API).GRANT_TYPE_ALL_USERSGrantees are all internet users. Access permission to this group allows anyone in the world access to the resource via signed (authenticated) or unsigned (anonymous) requests. Maps to using
uri="http://acs.amazonaws.com/groups/global/AllUsers"value forx-amz-grant-*header (bucketPutAcl method of Amazon S3-compatible HTTP API).
permission : Permission
Permission granted by the grant.
grantType : GrantType
The grantee type for the grant.
granteeId : string
ID of the account who is a grantee. Required when the grant_type is GRANT_TYPE_ACCOUNT.
DefaultRetention
Default lock configuration for added objects
Mode
Lock type
MODE_UNSPECIFIEDLock type
MODE_GOVERNANCELock type
MODE_COMPLIANCELock type
mode : Mode
EncryptionRule
kmsMasterKeyId : string
sseAlgorithm : string
Operation
An Operation resource. For more information, see Operation.
id : string
ID of the operation.
description : string
Description of the operation. 0-256 characters long.
createdAt : google.protobuf.Timestamp
Creation timestamp.
createdBy : string
ID of the user or service account who initiated the operation.
modifiedAt : google.protobuf.Timestamp
The time when the Operation resource was last modified.
done : bool
If the value is false, it means the operation is still in progress.
If true, the operation is completed, and either error or response is available.
metadata : google.protobuf.Any
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
One of result
The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.
error: google.rpc.StatusThe error result of the operation in case of failure or cancellation.
response: google.protobuf.AnyThe normal response of the operation in case of success.If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.