Amazon Simple Storage Service

{'ACL': {'aws-exec-read'}}

Creates a copy of an object that is already stored in Amazon S3.

Request Syntax

client.copy_object(
    ACL='private'|'public-read'|'public-read-write'|'authenticated-read'|'aws-exec-read'|'bucket-owner-read'|'bucket-owner-full-control',
    Bucket='string',
    CacheControl='string',
    ContentDisposition='string',
    ContentEncoding='string',
    ContentLanguage='string',
    ContentType='string',
    CopySource='string',
    CopySourceIfMatch='string',
    CopySourceIfModifiedSince=datetime(2015, 1, 1),
    CopySourceIfNoneMatch='string',
    CopySourceIfUnmodifiedSince=datetime(2015, 1, 1),
    Expires=datetime(2015, 1, 1),
    GrantFullControl='string',
    GrantRead='string',
    GrantReadACP='string',
    GrantWriteACP='string',
    Key='string',
    Metadata={
        'string': 'string'
    },
    MetadataDirective='COPY'|'REPLACE',
    ServerSideEncryption='AES256'|'aws:kms',
    StorageClass='STANDARD'|'REDUCED_REDUNDANCY'|'STANDARD_IA',
    WebsiteRedirectLocation='string',
    SSECustomerAlgorithm='string',
    SSECustomerKey='string',
    SSECustomerKeyMD5='string',
    SSEKMSKeyId='string',
    CopySourceSSECustomerAlgorithm='string',
    CopySourceSSECustomerKey='string',
    CopySourceSSECustomerKeyMD5='string',
    RequestPayer='requester'
)

type ACL:

string

param ACL:

The canned ACL to apply to the object.

type Bucket:

string

param Bucket:

[REQUIRED]

type CacheControl:

string

param CacheControl:

Specifies caching behavior along the request/reply chain.

type ContentDisposition:

string

param ContentDisposition:

Specifies presentational information for the object.

type ContentEncoding:

string

param ContentEncoding:

Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

type ContentLanguage:

string

param ContentLanguage:

The language the content is in.

type ContentType:

string

param ContentType:

A standard MIME type describing the format of the object data.

type CopySource:

string

param CopySource:

[REQUIRED] The name of the source bucket and key name of the source object, separated by a slash (/). Must be URL-encoded.

type CopySourceIfMatch:

string

param CopySourceIfMatch:

Copies the object if its entity tag (ETag) matches the specified tag.

type CopySourceIfModifiedSince:

datetime

param CopySourceIfModifiedSince:

Copies the object if it has been modified since the specified time.

type CopySourceIfNoneMatch:

string

param CopySourceIfNoneMatch:

Copies the object if its entity tag (ETag) is different than the specified ETag.

type CopySourceIfUnmodifiedSince:

datetime

param CopySourceIfUnmodifiedSince:

Copies the object if it hasn't been modified since the specified time.

type Expires:

datetime

param Expires:

The date and time at which the object is no longer cacheable.

type GrantFullControl:

string

param GrantFullControl:

Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

type GrantRead:

string

param GrantRead:

Allows grantee to read the object data and its metadata.

type GrantReadACP:

string

param GrantReadACP:

Allows grantee to read the object ACL.

type GrantWriteACP:

string

param GrantWriteACP:

Allows grantee to write the ACL for the applicable object.

type Key:

string

param Key:

[REQUIRED]

type Metadata:

dict

param Metadata:

A map of metadata to store with the object in S3.

• (string) --

  • (string) --

type MetadataDirective:

string

param MetadataDirective:

Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request.

type ServerSideEncryption:

string

param ServerSideEncryption:

The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).

type StorageClass:

string

param StorageClass:

The type of storage to use for the object. Defaults to 'STANDARD'.

type WebsiteRedirectLocation:

string

param WebsiteRedirectLocation:

If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

type SSECustomerAlgorithm:

string

param SSECustomerAlgorithm:

Specifies the algorithm to use to when encrypting the object (e.g., AES256).

type SSECustomerKey:

string

param SSECustomerKey:

Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side​-encryption​-customer-algorithm header.

type SSECustomerKeyMD5:

string

param SSECustomerKeyMD5:

Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.

type SSEKMSKeyId:

string

param SSEKMSKeyId:

Specifies the AWS KMS key ID to use for object encryption. All GET and PUT requests for an object protected by AWS KMS will fail if not made via SSL or using SigV4. Documentation on configuring any of the officially supported AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version

type CopySourceSSECustomerAlgorithm:

string

param CopySourceSSECustomerAlgorithm:

Specifies the algorithm to use when decrypting the source object (e.g., AES256).

type CopySourceSSECustomerKey:

string

param CopySourceSSECustomerKey:

Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.

type CopySourceSSECustomerKeyMD5:

string

param CopySourceSSECustomerKeyMD5:

Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.

type RequestPayer:

string

param RequestPayer:

Confirms that the requester knows that she or he will be charged for the request. Bucket owners need not specify this parameter in their requests. Documentation on downloading objects from requester pays buckets can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html

rtype:

dict

returns:

Response Syntax

{
    'CopyObjectResult': {
        'ETag': 'string',
        'LastModified': datetime(2015, 1, 1)
    },
    'Expiration': 'string',
    'CopySourceVersionId': 'string',
    'VersionId': 'string',
    'ServerSideEncryption': 'AES256'|'aws:kms',
    'SSECustomerAlgorithm': 'string',
    'SSECustomerKeyMD5': 'string',
    'SSEKMSKeyId': 'string',
    'RequestCharged': 'requester'
}

Response Structure

• (dict) --

  • CopyObjectResult (dict) --

    • ETag (string) --

    • LastModified (datetime) --

  • Expiration (string) -- If the object expiration is configured, the response includes this header.

  • CopySourceVersionId (string) --

  • VersionId (string) -- Version ID of the newly created copy.

  • ServerSideEncryption (string) -- The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).

  • SSECustomerAlgorithm (string) -- If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.

  • SSECustomerKeyMD5 (string) -- If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.

  • SSEKMSKeyId (string) -- If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.

  • RequestCharged (string) -- If present, indicates that the requester was successfully charged for the request.

{'ACL': {'aws-exec-read'}}

Initiates a multipart upload and returns an upload ID.

Note: After you initiate multipart upload and upload one or more parts, you must either complete or abort multipart upload in order to stop getting charged for storage of the uploaded parts. Only after you either complete or abort multipart upload, Amazon S3 frees up the parts storage and stops charging you for the parts storage.

Request Syntax

client.create_multipart_upload(
    ACL='private'|'public-read'|'public-read-write'|'authenticated-read'|'aws-exec-read'|'bucket-owner-read'|'bucket-owner-full-control',
    Bucket='string',
    CacheControl='string',
    ContentDisposition='string',
    ContentEncoding='string',
    ContentLanguage='string',
    ContentType='string',
    Expires=datetime(2015, 1, 1),
    GrantFullControl='string',
    GrantRead='string',
    GrantReadACP='string',
    GrantWriteACP='string',
    Key='string',
    Metadata={
        'string': 'string'
    },
    ServerSideEncryption='AES256'|'aws:kms',
    StorageClass='STANDARD'|'REDUCED_REDUNDANCY'|'STANDARD_IA',
    WebsiteRedirectLocation='string',
    SSECustomerAlgorithm='string',
    SSECustomerKey='string',
    SSECustomerKeyMD5='string',
    SSEKMSKeyId='string',
    RequestPayer='requester'
)

type ACL:

string

param ACL:

The canned ACL to apply to the object.

type Bucket:

string

param Bucket:

[REQUIRED]

type CacheControl:

string

param CacheControl:

Specifies caching behavior along the request/reply chain.

type ContentDisposition:

string

param ContentDisposition:

Specifies presentational information for the object.

type ContentEncoding:

string

param ContentEncoding:

Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

type ContentLanguage:

string

param ContentLanguage:

The language the content is in.

type ContentType:

string

param ContentType:

A standard MIME type describing the format of the object data.

type Expires:

datetime

param Expires:

The date and time at which the object is no longer cacheable.

type GrantFullControl:

string

param GrantFullControl:

Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

type GrantRead:

string

param GrantRead:

Allows grantee to read the object data and its metadata.

type GrantReadACP:

string

param GrantReadACP:

Allows grantee to read the object ACL.

type GrantWriteACP:

string

param GrantWriteACP:

Allows grantee to write the ACL for the applicable object.

type Key:

string

param Key:

[REQUIRED]

type Metadata:

dict

param Metadata:

A map of metadata to store with the object in S3.

• (string) --

  • (string) --

type ServerSideEncryption:

string

param ServerSideEncryption:

The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).

type StorageClass:

string

param StorageClass:

The type of storage to use for the object. Defaults to 'STANDARD'.

type WebsiteRedirectLocation:

string

param WebsiteRedirectLocation:

If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

type SSECustomerAlgorithm:

string

param SSECustomerAlgorithm:

Specifies the algorithm to use to when encrypting the object (e.g., AES256).

type SSECustomerKey:

string

param SSECustomerKey:

Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side​-encryption​-customer-algorithm header.

type SSECustomerKeyMD5:

string

param SSECustomerKeyMD5:

Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.

type SSEKMSKeyId:

string

param SSEKMSKeyId:

Specifies the AWS KMS key ID to use for object encryption. All GET and PUT requests for an object protected by AWS KMS will fail if not made via SSL or using SigV4. Documentation on configuring any of the officially supported AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version

type RequestPayer:

string

param RequestPayer:

Confirms that the requester knows that she or he will be charged for the request. Bucket owners need not specify this parameter in their requests. Documentation on downloading objects from requester pays buckets can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html

rtype:

dict

returns:

Response Syntax

{
    'Bucket': 'string',
    'Key': 'string',
    'UploadId': 'string',
    'ServerSideEncryption': 'AES256'|'aws:kms',
    'SSECustomerAlgorithm': 'string',
    'SSECustomerKeyMD5': 'string',
    'SSEKMSKeyId': 'string',
    'RequestCharged': 'requester'
}

Response Structure

• (dict) --

  • Bucket (string) -- Name of the bucket to which the multipart upload was initiated.

  • Key (string) -- Object key for which the multipart upload was initiated.

  • UploadId (string) -- ID for the initiated multipart upload.

  • ServerSideEncryption (string) -- The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).

  • SSECustomerAlgorithm (string) -- If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.

  • SSECustomerKeyMD5 (string) -- If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.

  • SSEKMSKeyId (string) -- If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.

  • RequestCharged (string) -- If present, indicates that the requester was successfully charged for the request.

{'ACL': {'aws-exec-read'}}

Adds an object to a bucket.

Request Syntax

client.put_object(
    ACL='private'|'public-read'|'public-read-write'|'authenticated-read'|'aws-exec-read'|'bucket-owner-read'|'bucket-owner-full-control',
    Body=b'bytes'|file,
    Bucket='string',
    CacheControl='string',
    ContentDisposition='string',
    ContentEncoding='string',
    ContentLanguage='string',
    ContentLength=123,
    ContentMD5='string',
    ContentType='string',
    Expires=datetime(2015, 1, 1),
    GrantFullControl='string',
    GrantRead='string',
    GrantReadACP='string',
    GrantWriteACP='string',
    Key='string',
    Metadata={
        'string': 'string'
    },
    ServerSideEncryption='AES256'|'aws:kms',
    StorageClass='STANDARD'|'REDUCED_REDUNDANCY'|'STANDARD_IA',
    WebsiteRedirectLocation='string',
    SSECustomerAlgorithm='string',
    SSECustomerKey='string',
    SSECustomerKeyMD5='string',
    SSEKMSKeyId='string',
    RequestPayer='requester'
)

type ACL:

string

param ACL:

The canned ACL to apply to the object.

type Body:

bytes or seekable file-like object

param Body:

Object data.

type Bucket:

string

param Bucket:

[REQUIRED]

type CacheControl:

string

param CacheControl:

Specifies caching behavior along the request/reply chain.

type ContentDisposition:

string

param ContentDisposition:

Specifies presentational information for the object.

type ContentEncoding:

string

param ContentEncoding:

Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

type ContentLanguage:

string

param ContentLanguage:

The language the content is in.

type ContentLength:

integer

param ContentLength:

Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically.

type ContentMD5:

string

param ContentMD5:

type ContentType:

string

param ContentType:

A standard MIME type describing the format of the object data.

type Expires:

datetime

param Expires:

The date and time at which the object is no longer cacheable.

type GrantFullControl:

string

param GrantFullControl:

Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

type GrantRead:

string

param GrantRead:

Allows grantee to read the object data and its metadata.

type GrantReadACP:

string

param GrantReadACP:

Allows grantee to read the object ACL.

type GrantWriteACP:

string

param GrantWriteACP:

Allows grantee to write the ACL for the applicable object.

type Key:

string

param Key:

[REQUIRED]

type Metadata:

dict

param Metadata:

A map of metadata to store with the object in S3.

• (string) --

  • (string) --

type ServerSideEncryption:

string

param ServerSideEncryption:

The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).

type StorageClass:

string

param StorageClass:

The type of storage to use for the object. Defaults to 'STANDARD'.

type WebsiteRedirectLocation:

string

param WebsiteRedirectLocation:

If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

type SSECustomerAlgorithm:

string

param SSECustomerAlgorithm:

Specifies the algorithm to use to when encrypting the object (e.g., AES256).

type SSECustomerKey:

string

param SSECustomerKey:

Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side​-encryption​-customer-algorithm header.

type SSECustomerKeyMD5:

string

param SSECustomerKeyMD5:

Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.

type SSEKMSKeyId:

string

param SSEKMSKeyId:

Specifies the AWS KMS key ID to use for object encryption. All GET and PUT requests for an object protected by AWS KMS will fail if not made via SSL or using SigV4. Documentation on configuring any of the officially supported AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version

type RequestPayer:

string

param RequestPayer:

Confirms that the requester knows that she or he will be charged for the request. Bucket owners need not specify this parameter in their requests. Documentation on downloading objects from requester pays buckets can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html

rtype:

dict

returns:

Response Syntax

{
    'Expiration': 'string',
    'ETag': 'string',
    'ServerSideEncryption': 'AES256'|'aws:kms',
    'VersionId': 'string',
    'SSECustomerAlgorithm': 'string',
    'SSECustomerKeyMD5': 'string',
    'SSEKMSKeyId': 'string',
    'RequestCharged': 'requester'
}

Response Structure

• (dict) --

  • Expiration (string) -- If the object expiration is configured, this will contain the expiration date (expiry-date) and rule ID (rule-id). The value of rule-id is URL encoded.

  • ETag (string) -- Entity tag for the uploaded object.

  • ServerSideEncryption (string) -- The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).

  • VersionId (string) -- Version of the object.

  • SSECustomerAlgorithm (string) -- If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.

  • SSECustomerKeyMD5 (string) -- If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.

  • SSEKMSKeyId (string) -- If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.

  • RequestCharged (string) -- If present, indicates that the requester was successfully charged for the request.

{'ACL': {'aws-exec-read'}}

uses the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket

Request Syntax

client.put_object_acl(
    ACL='private'|'public-read'|'public-read-write'|'authenticated-read'|'aws-exec-read'|'bucket-owner-read'|'bucket-owner-full-control',
    AccessControlPolicy={
        'Grants': [
            {
                'Grantee': {
                    'DisplayName': 'string',
                    'EmailAddress': 'string',
                    'ID': 'string',
                    'Type': 'CanonicalUser'|'AmazonCustomerByEmail'|'Group',
                    'URI': 'string'
                },
                'Permission': 'FULL_CONTROL'|'WRITE'|'WRITE_ACP'|'READ'|'READ_ACP'
            },
        ],
        'Owner': {
            'DisplayName': 'string',
            'ID': 'string'
        }
    },
    Bucket='string',
    ContentMD5='string',
    GrantFullControl='string',
    GrantRead='string',
    GrantReadACP='string',
    GrantWrite='string',
    GrantWriteACP='string',
    Key='string',
    RequestPayer='requester'
)

type ACL:

string

param ACL:

The canned ACL to apply to the object.

type AccessControlPolicy:

dict

param AccessControlPolicy:

• Grants (list) -- A list of grants.

  • (dict) --

    • Grantee (dict) --

      • DisplayName (string) -- Screen name of the grantee.

      • EmailAddress (string) -- Email address of the grantee.

      • ID (string) -- The canonical user ID of the grantee.

      • Type (string) -- [REQUIRED] Type of grantee

      • URI (string) -- URI of the grantee group.

    • Permission (string) -- Specifies the permission given to the grantee.

• Owner (dict) --

  • DisplayName (string) --

  • ID (string) --

type Bucket:

string

param Bucket:

[REQUIRED]

type ContentMD5:

string

param ContentMD5:

type GrantFullControl:

string

param GrantFullControl:

Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.

type GrantRead:

string

param GrantRead:

Allows grantee to list the objects in the bucket.

type GrantReadACP:

string

param GrantReadACP:

Allows grantee to read the bucket ACL.

type GrantWrite:

string

param GrantWrite:

Allows grantee to create, overwrite, and delete any object in the bucket.

type GrantWriteACP:

string

param GrantWriteACP:

Allows grantee to write the ACL for the applicable bucket.

type Key:

string

param Key:

[REQUIRED]

type RequestPayer:

string

param RequestPayer:

Confirms that the requester knows that she or he will be charged for the request. Bucket owners need not specify this parameter in their requests. Documentation on downloading objects from requester pays buckets can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html

rtype:

dict

returns:

Response Syntax

{
    'RequestCharged': 'requester'
}

Response Structure

• (dict) --

  • RequestCharged (string) -- If present, indicates that the requester was successfully charged for the request.