2021/03/18 - AWS S3 Control - 10 new api methods
Changes S3 Object Lambda is a new S3 feature that enables users to apply their own custom code to process the output of a standard S3 GET request by automatically invoking a Lambda function with a GET request
Creates an Object Lambda Access Point. For more information, see Transforming objects with Object Lambda Access Points in the Amazon Simple Storage Service User Guide .
The following actions are related to CreateAccessPointForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.create_access_point_for_object_lambda(
AccountId='string',
Name='string',
Configuration={
'SupportingAccessPoint': 'string',
'CloudWatchMetricsEnabled': True|False,
'AllowedFeatures': [
'GetObject-Range'|'GetObject-PartNumber',
],
'TransformationConfigurations': [
{
'Actions': [
'GetObject',
],
'ContentTransformation': {
'AwsLambda': {
'FunctionArn': 'string',
'FunctionPayload': 'string'
}
}
},
]
}
)
string
[REQUIRED]
The AWS account ID for owner of the specified Object Lambda Access Point.
string
[REQUIRED]
The name you want to assign to this Object Lambda Access Point.
dict
[REQUIRED]
Object Lambda Access Point configuration as a JSON document.
SupportingAccessPoint (string) -- [REQUIRED]
Standard access point associated with the Object Lambda Access Point.
CloudWatchMetricsEnabled (boolean) --
A container for whether the CloudWatch metrics configuration is enabled.
AllowedFeatures (list) --
A container for allowed features. Valid inputs are GetObject-Range and GetObject-PartNumber .
(string) --
TransformationConfigurations (list) -- [REQUIRED]
A container for transformation configurations for an Object Lambda Access Point.
(dict) --
A configuration used when creating an Object Lambda Access Point transformation.
Actions (list) -- [REQUIRED]
A container for the action of an Object Lambda Access Point configuration.
(string) --
ContentTransformation (dict) -- [REQUIRED]
A container for the content transformation of an Object Lambda Access Point configuration.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: AwsLambda.
AwsLambda (dict) --
A container for an AWS Lambda function.
FunctionArn (string) -- [REQUIRED]
The Amazon Resource Name (ARN) of the AWS Lambda function.
FunctionPayload (string) --
Additional JSON that provides supplemental data to the Lambda function used to transform objects.
dict
Response Syntax
{
'ObjectLambdaAccessPointArn': 'string'
}
Response Structure
(dict) --
ObjectLambdaAccessPointArn (string) --
Specifies the ARN for the Object Lambda Access Point.
Returns the status of the resource policy associated with an Object Lambda Access Point.
See also: AWS API Documentation
Request Syntax
client.get_access_point_policy_status_for_object_lambda(
AccountId='string',
Name='string'
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the Object Lambda Access Point.
dict
Response Syntax
{
'PolicyStatus': {
'IsPublic': True|False
}
}
Response Structure
(dict) --
PolicyStatus (dict) --
Indicates whether this access point policy is public. For more information about how Amazon S3 evaluates policies to determine whether they are public, see The Meaning of "Public" in the Amazon Simple Storage Service User Guide .
IsPublic (boolean) --
Replaces configuration for an Object Lambda Access Point.
The following actions are related to PutAccessPointConfigurationForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.put_access_point_configuration_for_object_lambda(
AccountId='string',
Name='string',
Configuration={
'SupportingAccessPoint': 'string',
'CloudWatchMetricsEnabled': True|False,
'AllowedFeatures': [
'GetObject-Range'|'GetObject-PartNumber',
],
'TransformationConfigurations': [
{
'Actions': [
'GetObject',
],
'ContentTransformation': {
'AwsLambda': {
'FunctionArn': 'string',
'FunctionPayload': 'string'
}
}
},
]
}
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the Object Lambda Access Point.
dict
[REQUIRED]
Object Lambda Access Point configuration document.
SupportingAccessPoint (string) -- [REQUIRED]
Standard access point associated with the Object Lambda Access Point.
CloudWatchMetricsEnabled (boolean) --
A container for whether the CloudWatch metrics configuration is enabled.
AllowedFeatures (list) --
A container for allowed features. Valid inputs are GetObject-Range and GetObject-PartNumber .
(string) --
TransformationConfigurations (list) -- [REQUIRED]
A container for transformation configurations for an Object Lambda Access Point.
(dict) --
A configuration used when creating an Object Lambda Access Point transformation.
Actions (list) -- [REQUIRED]
A container for the action of an Object Lambda Access Point configuration.
(string) --
ContentTransformation (dict) -- [REQUIRED]
A container for the content transformation of an Object Lambda Access Point configuration.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: AwsLambda.
AwsLambda (dict) --
A container for an AWS Lambda function.
FunctionArn (string) -- [REQUIRED]
The Amazon Resource Name (ARN) of the AWS Lambda function.
FunctionPayload (string) --
Additional JSON that provides supplemental data to the Lambda function used to transform objects.
None
Returns the resource policy for an Object Lambda Access Point.
The following actions are related to GetAccessPointPolicyForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.get_access_point_policy_for_object_lambda(
AccountId='string',
Name='string'
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the Object Lambda Access Point.
dict
Response Syntax
{
'Policy': 'string'
}
Response Structure
(dict) --
Policy (string) --
Object Lambda Access Point resource policy document.
Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see Creating Object Lambda Access Points in the Amazon Simple Storage Service User Guide .
The following actions are related to PutAccessPointPolicyForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.put_access_point_policy_for_object_lambda(
AccountId='string',
Name='string',
Policy='string'
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the Object Lambda Access Point.
string
[REQUIRED]
Object Lambda Access Point resource policy document.
None
Deletes the specified Object Lambda Access Point.
The following actions are related to DeleteAccessPointForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.delete_access_point_for_object_lambda(
AccountId='string',
Name='string'
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the access point you want to delete.
None
Returns a list of the access points associated with the Object Lambda Access Point. You can retrieve up to 1000 access points per call. If there are more than 1,000 access points (or the number specified in maxResults , whichever is less), the response will include a continuation token that you can use to list the additional access points.
The following actions are related to ListAccessPointsForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.list_access_points_for_object_lambda(
AccountId='string',
NextToken='string',
MaxResults=123
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
integer
The maximum number of access points that you want to include in the list. If there are more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
dict
Response Syntax
{
'ObjectLambdaAccessPointList': [
{
'Name': 'string',
'ObjectLambdaAccessPointArn': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ObjectLambdaAccessPointList (list) --
Returns list of Object Lambda Access Points.
(dict) --
An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.
Name (string) --
The name of the Object Lambda Access Point.
ObjectLambdaAccessPointArn (string) --
Specifies the ARN for the Object Lambda Access Point.
NextToken (string) --
If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
Removes the resource policy for an Object Lambda Access Point.
The following actions are related to DeleteAccessPointPolicyForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.delete_access_point_policy_for_object_lambda(
AccountId='string',
Name='string'
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the Object Lambda Access Point you want to delete the policy for.
None
Returns configuration for an Object Lambda Access Point.
The following actions are related to GetAccessPointConfigurationForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.get_access_point_configuration_for_object_lambda(
AccountId='string',
Name='string'
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the Object Lambda Access Point you want to return the configuration for.
dict
Response Syntax
{
'Configuration': {
'SupportingAccessPoint': 'string',
'CloudWatchMetricsEnabled': True|False,
'AllowedFeatures': [
'GetObject-Range'|'GetObject-PartNumber',
],
'TransformationConfigurations': [
{
'Actions': [
'GetObject',
],
'ContentTransformation': {
'AwsLambda': {
'FunctionArn': 'string',
'FunctionPayload': 'string'
}
}
},
]
}
}
Response Structure
(dict) --
Configuration (dict) --
Object Lambda Access Point configuration document.
SupportingAccessPoint (string) --
Standard access point associated with the Object Lambda Access Point.
CloudWatchMetricsEnabled (boolean) --
A container for whether the CloudWatch metrics configuration is enabled.
AllowedFeatures (list) --
A container for allowed features. Valid inputs are GetObject-Range and GetObject-PartNumber .
(string) --
TransformationConfigurations (list) --
A container for transformation configurations for an Object Lambda Access Point.
(dict) --
A configuration used when creating an Object Lambda Access Point transformation.
Actions (list) --
A container for the action of an Object Lambda Access Point configuration.
(string) --
ContentTransformation (dict) --
A container for the content transformation of an Object Lambda Access Point configuration.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: AwsLambda. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
AwsLambda (dict) --
A container for an AWS Lambda function.
FunctionArn (string) --
The Amazon Resource Name (ARN) of the AWS Lambda function.
FunctionPayload (string) --
Additional JSON that provides supplemental data to the Lambda function used to transform objects.
Returns configuration information about the specified Object Lambda Access Point
The following actions are related to GetAccessPointForObjectLambda :
See also: AWS API Documentation
Request Syntax
client.get_access_point_for_object_lambda(
AccountId='string',
Name='string'
)
string
[REQUIRED]
The account ID for the account that owns the specified Object Lambda Access Point.
string
[REQUIRED]
The name of the Object Lambda Access Point.
dict
Response Syntax
{
'Name': 'string',
'PublicAccessBlockConfiguration': {
'BlockPublicAcls': True|False,
'IgnorePublicAcls': True|False,
'BlockPublicPolicy': True|False,
'RestrictPublicBuckets': True|False
},
'CreationDate': datetime(2015, 1, 1)
}
Response Structure
(dict) --
Name (string) --
The name of the Object Lambda Access Point.
PublicAccessBlockConfiguration (dict) --
Configuration to block all public access. This setting is turned on and can not be edited.
BlockPublicAcls (boolean) --
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:
PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
PUT Object calls fail if the request includes a public ACL.
PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
This is not supported for Amazon S3 on Outposts.
IgnorePublicAcls (boolean) --
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
This is not supported for Amazon S3 on Outposts.
BlockPublicPolicy (boolean) --
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
Enabling this setting doesn't affect existing bucket policies.
This is not supported for Amazon S3 on Outposts.
RestrictPublicBuckets (boolean) --
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only AWS service principals and authorized users within this account.
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
This is not supported for Amazon S3 on Outposts.
CreationDate (datetime) --
The date and time when the specified Object Lambda Access Point was created.