S3 / Client / put_bucket_abac

put_bucket_abac

S3.Client.put_bucket_abac(**kwargs)

Sets the attribute-based access control (ABAC) property of the general purpose bucket. You must have s3:PutBucketABAC permission to perform this action. When you enable ABAC, you can use tags for access control on your buckets. Additionally, when ABAC is enabled, you must use the TagResource and UntagResource actions to manage tags on your buckets. You can nolonger use the PutBucketTagging and DeleteBucketTagging actions to tag your bucket. For more information, see Enabling ABAC in general purpose buckets.

See also: AWS API Documentation

Request Syntax

response = client.put_bucket_abac(
    Bucket='string',
    ContentMD5='string',
    ChecksumAlgorithm='CRC32'|'CRC32C'|'SHA1'|'SHA256'|'CRC64NVME',
    ExpectedBucketOwner='string',
    AbacStatus={
        'Status': 'Enabled'|'Disabled'
    }
)

Parameters:

• Bucket (string) –

  [REQUIRED]

  The name of the general purpose bucket.

• ContentMD5 (string) –

  The MD5 hash of the PutBucketAbac request body.

  For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.

• ChecksumAlgorithm (string) – Indicates the algorithm that you want Amazon S3 to use to create the checksum. For more information, see Checking object integrity in the Amazon S3 User Guide.

• ExpectedBucketOwner (string) – The Amazon Web Services account ID of the general purpose bucket’s owner.

• AbacStatus (dict) –

  [REQUIRED]

  The ABAC status of the general purpose bucket. When ABAC is enabled for the general purpose bucket, you can use tags to manage access to the general purpose buckets as well as for cost tracking purposes. When ABAC is disabled for the general purpose buckets, you can only use tags for cost tracking purposes. For more information, see Using tags with S3 general purpose buckets.

  • Status (string) –

    The ABAC status of the general purpose bucket.

Returns:

None