# Amazon S3 Control


The following actions are supported by Amazon S3 Control:
+  [AssociateAccessGrantsIdentityCenter](API_control_AssociateAccessGrantsIdentityCenter.md) 
+  [CreateAccessGrant](API_control_CreateAccessGrant.md) 
+  [CreateAccessGrantsInstance](API_control_CreateAccessGrantsInstance.md) 
+  [CreateAccessGrantsLocation](API_control_CreateAccessGrantsLocation.md) 
+  [CreateAccessPoint](API_control_CreateAccessPoint.md) 
+  [CreateAccessPointForObjectLambda](API_control_CreateAccessPointForObjectLambda.md) 
+  [CreateBucket](API_control_CreateBucket.md) 
+  [CreateJob](API_control_CreateJob.md) 
+  [CreateMultiRegionAccessPoint](API_control_CreateMultiRegionAccessPoint.md) 
+  [CreateStorageLensGroup](API_control_CreateStorageLensGroup.md) 
+  [DeleteAccessGrant](API_control_DeleteAccessGrant.md) 
+  [DeleteAccessGrantsInstance](API_control_DeleteAccessGrantsInstance.md) 
+  [DeleteAccessGrantsInstanceResourcePolicy](API_control_DeleteAccessGrantsInstanceResourcePolicy.md) 
+  [DeleteAccessGrantsLocation](API_control_DeleteAccessGrantsLocation.md) 
+  [DeleteAccessPoint](API_control_DeleteAccessPoint.md) 
+  [DeleteAccessPointForObjectLambda](API_control_DeleteAccessPointForObjectLambda.md) 
+  [DeleteAccessPointPolicy](API_control_DeleteAccessPointPolicy.md) 
+  [DeleteAccessPointPolicyForObjectLambda](API_control_DeleteAccessPointPolicyForObjectLambda.md) 
+  [DeleteAccessPointScope](API_control_DeleteAccessPointScope.md) 
+  [DeleteBucket](API_control_DeleteBucket.md) 
+  [DeleteBucketLifecycleConfiguration](API_control_DeleteBucketLifecycleConfiguration.md) 
+  [DeleteBucketPolicy](API_control_DeleteBucketPolicy.md) 
+  [DeleteBucketReplication](API_control_DeleteBucketReplication.md) 
+  [DeleteBucketTagging](API_control_DeleteBucketTagging.md) 
+  [DeleteJobTagging](API_control_DeleteJobTagging.md) 
+  [DeleteMultiRegionAccessPoint](API_control_DeleteMultiRegionAccessPoint.md) 
+  [DeletePublicAccessBlock](API_control_DeletePublicAccessBlock.md) 
+  [DeleteStorageLensConfiguration](API_control_DeleteStorageLensConfiguration.md) 
+  [DeleteStorageLensConfigurationTagging](API_control_DeleteStorageLensConfigurationTagging.md) 
+  [DeleteStorageLensGroup](API_control_DeleteStorageLensGroup.md) 
+  [DescribeJob](API_control_DescribeJob.md) 
+  [DescribeMultiRegionAccessPointOperation](API_control_DescribeMultiRegionAccessPointOperation.md) 
+  [DissociateAccessGrantsIdentityCenter](API_control_DissociateAccessGrantsIdentityCenter.md) 
+  [GetAccessGrant](API_control_GetAccessGrant.md) 
+  [GetAccessGrantsInstance](API_control_GetAccessGrantsInstance.md) 
+  [GetAccessGrantsInstanceForPrefix](API_control_GetAccessGrantsInstanceForPrefix.md) 
+  [GetAccessGrantsInstanceResourcePolicy](API_control_GetAccessGrantsInstanceResourcePolicy.md) 
+  [GetAccessGrantsLocation](API_control_GetAccessGrantsLocation.md) 
+  [GetAccessPoint](API_control_GetAccessPoint.md) 
+  [GetAccessPointConfigurationForObjectLambda](API_control_GetAccessPointConfigurationForObjectLambda.md) 
+  [GetAccessPointForObjectLambda](API_control_GetAccessPointForObjectLambda.md) 
+  [GetAccessPointPolicy](API_control_GetAccessPointPolicy.md) 
+  [GetAccessPointPolicyForObjectLambda](API_control_GetAccessPointPolicyForObjectLambda.md) 
+  [GetAccessPointPolicyStatus](API_control_GetAccessPointPolicyStatus.md) 
+  [GetAccessPointPolicyStatusForObjectLambda](API_control_GetAccessPointPolicyStatusForObjectLambda.md) 
+  [GetAccessPointScope](API_control_GetAccessPointScope.md) 
+  [GetBucket](API_control_GetBucket.md) 
+  [GetBucketLifecycleConfiguration](API_control_GetBucketLifecycleConfiguration.md) 
+  [GetBucketPolicy](API_control_GetBucketPolicy.md) 
+  [GetBucketReplication](API_control_GetBucketReplication.md) 
+  [GetBucketTagging](API_control_GetBucketTagging.md) 
+  [GetBucketVersioning](API_control_GetBucketVersioning.md) 
+  [GetDataAccess](API_control_GetDataAccess.md) 
+  [GetJobTagging](API_control_GetJobTagging.md) 
+  [GetMultiRegionAccessPoint](API_control_GetMultiRegionAccessPoint.md) 
+  [GetMultiRegionAccessPointPolicy](API_control_GetMultiRegionAccessPointPolicy.md) 
+  [GetMultiRegionAccessPointPolicyStatus](API_control_GetMultiRegionAccessPointPolicyStatus.md) 
+  [GetMultiRegionAccessPointRoutes](API_control_GetMultiRegionAccessPointRoutes.md) 
+  [GetPublicAccessBlock](API_control_GetPublicAccessBlock.md) 
+  [GetStorageLensConfiguration](API_control_GetStorageLensConfiguration.md) 
+  [GetStorageLensConfigurationTagging](API_control_GetStorageLensConfigurationTagging.md) 
+  [GetStorageLensGroup](API_control_GetStorageLensGroup.md) 
+  [ListAccessGrants](API_control_ListAccessGrants.md) 
+  [ListAccessGrantsInstances](API_control_ListAccessGrantsInstances.md) 
+  [ListAccessGrantsLocations](API_control_ListAccessGrantsLocations.md) 
+  [ListAccessPoints](API_control_ListAccessPoints.md) 
+  [ListAccessPointsForDirectoryBuckets](API_control_ListAccessPointsForDirectoryBuckets.md) 
+  [ListAccessPointsForObjectLambda](API_control_ListAccessPointsForObjectLambda.md) 
+  [ListCallerAccessGrants](API_control_ListCallerAccessGrants.md) 
+  [ListJobs](API_control_ListJobs.md) 
+  [ListMultiRegionAccessPoints](API_control_ListMultiRegionAccessPoints.md) 
+  [ListRegionalBuckets](API_control_ListRegionalBuckets.md) 
+  [ListStorageLensConfigurations](API_control_ListStorageLensConfigurations.md) 
+  [ListStorageLensGroups](API_control_ListStorageLensGroups.md) 
+  [ListTagsForResource](API_control_ListTagsForResource.md) 
+  [PutAccessGrantsInstanceResourcePolicy](API_control_PutAccessGrantsInstanceResourcePolicy.md) 
+  [PutAccessPointConfigurationForObjectLambda](API_control_PutAccessPointConfigurationForObjectLambda.md) 
+  [PutAccessPointPolicy](API_control_PutAccessPointPolicy.md) 
+  [PutAccessPointPolicyForObjectLambda](API_control_PutAccessPointPolicyForObjectLambda.md) 
+  [PutAccessPointScope](API_control_PutAccessPointScope.md) 
+  [PutBucketLifecycleConfiguration](API_control_PutBucketLifecycleConfiguration.md) 
+  [PutBucketPolicy](API_control_PutBucketPolicy.md) 
+  [PutBucketReplication](API_control_PutBucketReplication.md) 
+  [PutBucketTagging](API_control_PutBucketTagging.md) 
+  [PutBucketVersioning](API_control_PutBucketVersioning.md) 
+  [PutJobTagging](API_control_PutJobTagging.md) 
+  [PutMultiRegionAccessPointPolicy](API_control_PutMultiRegionAccessPointPolicy.md) 
+  [PutPublicAccessBlock](API_control_PutPublicAccessBlock.md) 
+  [PutStorageLensConfiguration](API_control_PutStorageLensConfiguration.md) 
+  [PutStorageLensConfigurationTagging](API_control_PutStorageLensConfigurationTagging.md) 
+  [SubmitMultiRegionAccessPointRoutes](API_control_SubmitMultiRegionAccessPointRoutes.md) 
+  [TagResource](API_control_TagResource.md) 
+  [UntagResource](API_control_UntagResource.md) 
+  [UpdateAccessGrantsLocation](API_control_UpdateAccessGrantsLocation.md) 
+  [UpdateJobPriority](API_control_UpdateJobPriority.md) 
+  [UpdateJobStatus](API_control_UpdateJobStatus.md) 
+  [UpdateStorageLensGroup](API_control_UpdateStorageLensGroup.md) 

# AssociateAccessGrantsIdentityCenter


Associate your S3 Access Grants instance with an Amazon IAM Identity Center instance. Use this action if you want to create access grants for users or groups from your corporate identity directory. First, you must add your corporate identity directory to Amazon IAM Identity Center. Then, you can associate this IAM Identity Center instance with your S3 Access Grants instance.

Permissions  
You must have the `s3:AssociateAccessGrantsIdentityCenter` permission to use this operation. 

Additional Permissions  
You must also have the following permissions: `sso:CreateApplication`, `sso:PutApplicationGrant`, and `sso:PutApplicationAuthenticationMethod`. 

## Request Syntax


```
POST /v20180820/accessgrantsinstance/identitycenter HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<AssociateAccessGrantsIdentityCenterRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <IdentityCenterArn>string</IdentityCenterArn>
</AssociateAccessGrantsIdentityCenterRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_AssociateAccessGrantsIdentityCenter_RequestSyntax) **   <a name="AmazonS3-control_AssociateAccessGrantsIdentityCenter-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [AssociateAccessGrantsIdentityCenterRequest](#API_control_AssociateAccessGrantsIdentityCenter_RequestSyntax) **   <a name="AmazonS3-control_AssociateAccessGrantsIdentityCenter-request-AssociateAccessGrantsIdentityCenterRequest"></a>
Root level tag for the AssociateAccessGrantsIdentityCenterRequest parameters.  
Required: Yes

 ** [IdentityCenterArn](#API_control_AssociateAccessGrantsIdentityCenter_RequestSyntax) **   <a name="AmazonS3-control_AssociateAccessGrantsIdentityCenter-request-IdentityCenterArn"></a>
The Amazon Resource Name (ARN) of the Amazon IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.amazonaws.cn/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/AssociateAccessGrantsIdentityCenter) 

# CreateAccessGrant


Creates an access grant that gives a grantee access to your S3 data. The grantee can be an IAM user or role or a directory user, or group. Before you can create a grant, you must have an S3 Access Grants instance in the same Region as the S3 data. You can create an S3 Access Grants instance using the [CreateAccessGrantsInstance](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessGrantsInstance.html). You must also have registered at least one S3 data location in your S3 Access Grants instance using [CreateAccessGrantsLocation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessGrantsLocation.html). 

Permissions  
You must have the `s3:CreateAccessGrant` permission to use this operation. 

Additional Permissions  
For any directory identity - `sso:DescribeInstance` and `sso:DescribeApplication`   
For directory users - `identitystore:DescribeUser`   
For directory groups - `identitystore:DescribeGroup` 

## Request Syntax


```
POST /v20180820/accessgrantsinstance/grant HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <AccessGrantsLocationId>string</AccessGrantsLocationId>
   <AccessGrantsLocationConfiguration>
      <S3SubPrefix>string</S3SubPrefix>
   </AccessGrantsLocationConfiguration>
   <Grantee>
      <GranteeIdentifier>string</GranteeIdentifier>
      <GranteeType>string</GranteeType>
   </Grantee>
   <Permission>string</Permission>
   <ApplicationArn>string</ApplicationArn>
   <S3PrefixType>string</S3PrefixType>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</CreateAccessGrantRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessGrantRequest](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-CreateAccessGrantRequest"></a>
Root level tag for the CreateAccessGrantRequest parameters.  
Required: Yes

 ** [AccessGrantsLocationConfiguration](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-AccessGrantsLocationConfiguration"></a>
The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.  
Type: [AccessGrantsLocationConfiguration](API_control_AccessGrantsLocationConfiguration.md) data type  
Required: No

 ** [AccessGrantsLocationId](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-AccessGrantsLocationId"></a>
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
If you are passing the `default` location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the `Subprefix` field.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [ApplicationArn](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-ApplicationArn"></a>
The Amazon Resource Name (ARN) of an Amazon IAM Identity Center application associated with your Identity Center instance. If an application ARN is included in the request to create an access grant, the grantee can only access the S3 data through this application.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$`   
Required: No

 ** [Grantee](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-Grantee"></a>
The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.  
Type: [Grantee](API_control_Grantee.md) data type  
Required: Yes

 ** [Permission](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-Permission"></a>
The type of access that you are granting to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Type: String  
Valid Values: `READ | WRITE | READWRITE`   
Required: Yes

 ** [S3PrefixType](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-S3PrefixType"></a>
The type of `S3SubPrefix`. The only possible value is `Object`. Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.   
Type: String  
Valid Values: `Object`   
Required: No

 ** [Tags](#API_control_CreateAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-request-Tags"></a>
The Amazon resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantResult>
   <CreatedAt>timestamp</CreatedAt>
   <AccessGrantId>string</AccessGrantId>
   <AccessGrantArn>string</AccessGrantArn>
   <Grantee>
      <GranteeIdentifier>string</GranteeIdentifier>
      <GranteeType>string</GranteeType>
   </Grantee>
   <AccessGrantsLocationId>string</AccessGrantsLocationId>
   <AccessGrantsLocationConfiguration>
      <S3SubPrefix>string</S3SubPrefix>
   </AccessGrantsLocationConfiguration>
   <Permission>string</Permission>
   <ApplicationArn>string</ApplicationArn>
   <GrantScope>string</GrantScope>
</CreateAccessGrantResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessGrantResult](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-CreateAccessGrantResult"></a>
Root level tag for the CreateAccessGrantResult parameters.  
Required: Yes

 ** [AccessGrantArn](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-AccessGrantArn"></a>
The Amazon Resource Name (ARN) of the access grant.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/grant/[a-zA-Z0-9\-]+` 

 ** [AccessGrantId](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-AccessGrantId"></a>
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationConfiguration](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-AccessGrantsLocationConfiguration"></a>
The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access.   
Type: [AccessGrantsLocationConfiguration](API_control_AccessGrantsLocationConfiguration.md) data type

 ** [AccessGrantsLocationId](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-AccessGrantsLocationId"></a>
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [ApplicationArn](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-ApplicationArn"></a>
The Amazon Resource Name (ARN) of an Amazon IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [CreatedAt](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-CreatedAt"></a>
The date and time when you created the access grant.   
Type: Timestamp

 ** [Grantee](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-Grantee"></a>
The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.  
Type: [Grantee](API_control_Grantee.md) data type

 ** [GrantScope](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-GrantScope"></a>
The S3 path of the data to which you are granting access. It is the result of appending the `Subprefix` to the location scope.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [Permission](#API_control_CreateAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrant-response-Permission"></a>
The type of access that you are granting to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Type: String  
Valid Values: `READ | WRITE | READWRITE` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateAccessGrant) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessGrant) 

# CreateAccessGrantsInstance


Creates an S3 Access Grants instance, which serves as a logical grouping for access grants. You can create one S3 Access Grants instance per Region per account. 

Permissions  
You must have the `s3:CreateAccessGrantsInstance` permission to use this operation. 

Additional Permissions  
To associate an IAM Identity Center instance with your S3 Access Grants instance, you must also have the `sso:DescribeInstance`, `sso:CreateApplication`, `sso:PutApplicationGrant`, and `sso:PutApplicationAuthenticationMethod` permissions. 

## Request Syntax


```
POST /v20180820/accessgrantsinstance HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantsInstanceRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <IdentityCenterArn>string</IdentityCenterArn>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</CreateAccessGrantsInstanceRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessGrantsInstanceRequest](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-request-CreateAccessGrantsInstanceRequest"></a>
Root level tag for the CreateAccessGrantsInstanceRequest parameters.  
Required: Yes

 ** [IdentityCenterArn](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-request-IdentityCenterArn"></a>
If you would like to associate your S3 Access Grants instance with an Amazon IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the Amazon IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.amazonaws.cn/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$`   
Required: No

 ** [Tags](#API_control_CreateAccessGrantsInstance_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-request-Tags"></a>
The Amazon resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantsInstanceResult>
   <CreatedAt>timestamp</CreatedAt>
   <AccessGrantsInstanceId>string</AccessGrantsInstanceId>
   <AccessGrantsInstanceArn>string</AccessGrantsInstanceArn>
   <IdentityCenterArn>string</IdentityCenterArn>
   <IdentityCenterInstanceArn>string</IdentityCenterInstanceArn>
   <IdentityCenterApplicationArn>string</IdentityCenterApplicationArn>
</CreateAccessGrantsInstanceResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessGrantsInstanceResult](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-response-CreateAccessGrantsInstanceResult"></a>
Root level tag for the CreateAccessGrantsInstanceResult parameters.  
Required: Yes

 ** [AccessGrantsInstanceArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-response-AccessGrantsInstanceArn"></a>
The Amazon Resource Name (ARN) of the Amazon IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.amazonaws.cn/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsInstanceId](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-response-AccessGrantsInstanceId"></a>
The ID of the S3 Access Grants instance. The ID is `default`. You can have one S3 Access Grants instance per Region per account.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-response-CreatedAt"></a>
The date and time when you created the S3 Access Grants instance.   
Type: Timestamp

 ** [IdentityCenterApplicationArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-response-IdentityCenterApplicationArn"></a>
If you associated your S3 Access Grants instance with an Amazon IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [IdentityCenterArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-response-IdentityCenterArn"></a>
 *This parameter has been deprecated.*   
If you associated your S3 Access Grants instance with an Amazon IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

 ** [IdentityCenterInstanceArn](#API_control_CreateAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsInstance-response-IdentityCenterInstanceArn"></a>
The Amazon Resource Name (ARN) of the Amazon IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.amazonaws.cn/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateAccessGrantsInstance) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessGrantsInstance) 

# CreateAccessGrantsLocation


The S3 data location that you would like to register in your S3 Access Grants instance. Your S3 data must be in the same Region as your S3 Access Grants instance. The location can be one of the following: 
+ The default S3 location `s3://` 
+ A bucket - `S3://<bucket-name>` 
+ A bucket and prefix - `S3://<bucket-name>/<prefix>` 

When you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering. Give S3 Access Grants permission to assume this role [using a policy](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-grants-location.html). S3 Access Grants assumes this role to manage access to the location and to vend temporary credentials to grantees or client applications. 

Permissions  
You must have the `s3:CreateAccessGrantsLocation` permission to use this operation. 

Additional Permissions  
You must also have the following permission for the specified IAM role: `iam:PassRole` 

## Request Syntax


```
POST /v20180820/accessgrantsinstance/location HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantsLocationRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <LocationScope>string</LocationScope>
   <IAMRoleArn>string</IAMRoleArn>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</CreateAccessGrantsLocationRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessGrantsLocationRequest](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-request-CreateAccessGrantsLocationRequest"></a>
Root level tag for the CreateAccessGrantsLocationRequest parameters.  
Required: Yes

 ** [IAMRoleArn](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-request-IAMRoleArn"></a>
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*`   
Required: Yes

 ** [LocationScope](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-request-LocationScope"></a>
The S3 path to the location that you are registering. The location scope can be the default S3 location `s3://`, the S3 path to a bucket `s3://<bucket>`, or the S3 path to a bucket and prefix `s3://<bucket>/<prefix>`. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$`   
Required: Yes

 ** [Tags](#API_control_CreateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-request-Tags"></a>
The Amazon resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.  
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantsLocationResult>
   <CreatedAt>timestamp</CreatedAt>
   <AccessGrantsLocationId>string</AccessGrantsLocationId>
   <AccessGrantsLocationArn>string</AccessGrantsLocationArn>
   <LocationScope>string</LocationScope>
   <IAMRoleArn>string</IAMRoleArn>
</CreateAccessGrantsLocationResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessGrantsLocationResult](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-response-CreateAccessGrantsLocationResult"></a>
Root level tag for the CreateAccessGrantsLocationResult parameters.  
Required: Yes

 ** [AccessGrantsLocationArn](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-response-AccessGrantsLocationArn"></a>
The Amazon Resource Name (ARN) of the location you are registering.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/location/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationId](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-response-AccessGrantsLocationId"></a>
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-response-CreatedAt"></a>
The date and time when you registered the location.   
Type: Timestamp

 ** [IAMRoleArn](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-response-IAMRoleArn"></a>
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*` 

 ** [LocationScope](#API_control_CreateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessGrantsLocation-response-LocationScope"></a>
The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://`, the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateAccessGrantsLocation) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessGrantsLocation) 

# CreateAccessPoint


Creates an access point and associates it to a specified bucket. For more information, see [Managing access to shared datasets with access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points.html) or [Managing access to shared datasets in directory buckets with access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.

To create an access point and attach it to a volume on an Amazon FSx file system, see [CreateAndAttachS3AccessPoint](https://docs.amazonaws.cn/fsx/latest/APIReference/API_CreateAndAttachS3AccessPoint.html) in the *Amazon FSx API Reference*.



**Note**  
S3 on Outposts only supports VPC-style access points.   
For more information, see [ Accessing Amazon S3 on Outposts using virtual private cloud (VPC) only access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPoint.html#API_control_CreateAccessPoint_Examples) section.



The following actions are related to `CreateAccessPoint`:
+  [GetAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPoint.html) 
+  [DeleteAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPoint.html) 
+  [ListAccessPoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPoints.html) 
+  [ListAccessPointsForDirectoryBuckets](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPointsForDirectoryBuckets.html) 

## Request Syntax


```
PUT /v20180820/accesspoint/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessPointRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Bucket>string</Bucket>
   <VpcConfiguration>
      <VpcId>string</VpcId>
   </VpcConfiguration>
   <PublicAccessBlockConfiguration>
      <BlockPublicAcls>boolean</BlockPublicAcls>
      <BlockPublicPolicy>boolean</BlockPublicPolicy>
      <IgnorePublicAcls>boolean</IgnorePublicAcls>
      <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
   </PublicAccessBlockConfiguration>
   <BucketAccountId>string</BucketAccountId>
   <Scope>
      <Permissions>
         <Permission>string</Permission>
      </Permissions>
      <Prefixes>
         <Prefix>string</Prefix>
      </Prefixes>
   </Scope>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</CreateAccessPointRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-uri-uri-Name"></a>
The name you want to assign to this access point.  
For directory buckets, the access point name must consist of a base name that you provide and suffix that includes the `ZoneID` (Amazon Availability Zone or Local Zone) of your bucket location, followed by `--xa-s3`. For more information, see [Managing access to shared datasets in directory buckets with access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-header-AccountId"></a>
The Amazon Web Services account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessPointRequest](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-CreateAccessPointRequest"></a>
Root level tag for the CreateAccessPointRequest parameters.  
Required: Yes

 ** [Bucket](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-Bucket"></a>
The name of the bucket that you want to associate this access point with.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [BucketAccountId](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-BucketAccountId"></a>
The Amazon Web Services account ID associated with the S3 bucket associated with this access point.  
For same account access point when your bucket and access point belong to the same account owner, the `BucketAccountId` is not required. For cross-account access point when your bucket and access point are not in the same account, the `BucketAccountId` is required.   
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: No

 ** [PublicAccessBlockConfiguration](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-PublicAccessBlockConfiguration"></a>
 The `PublicAccessBlock` configuration that you want to apply to the access point.   
Type: [PublicAccessBlockConfiguration](API_control_PublicAccessBlockConfiguration.md) data type  
Required: No

 ** [Scope](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-Scope"></a>
For directory buckets, you can filter access control to specific prefixes, API operations, or a combination of both. For more information, see [Managing access to shared datasets in directory buckets with access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.  
Scope is only supported for access points attached to directory buckets.
Type: [Scope](API_control_Scope.md) data type  
Required: No

 ** [Tags](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-Tags"></a>
An array of tags that you can apply to an access point. Tags are key-value pairs of metadata used to control access to your access points. For more information about tags, see [Using tags with Amazon S3](https://docs.amazonaws.cn/AmazonS3/latest/userguide/tagging.html). For information about tagging access points, see [Using tags for attribute-based access control (ABAC)](https://docs.amazonaws.cn/AmazonS3/latest/userguide/tagging.html#using-tags-for-abac).  
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

 ** [VpcConfiguration](#API_control_CreateAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-request-VpcConfiguration"></a>
If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).  
This is required for creating an access point for Amazon S3 on Outposts buckets.
Type: [VpcConfiguration](API_control_VpcConfiguration.md) data type  
Required: No

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessPointResult>
   <AccessPointArn>string</AccessPointArn>
   <Alias>string</Alias>
</CreateAccessPointResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessPointResult](#API_control_CreateAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-response-CreateAccessPointResult"></a>
Root level tag for the CreateAccessPointResult parameters.  
Required: Yes

 ** [AccessPointArn](#API_control_CreateAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-response-AccessPointArn"></a>
The ARN of the access point.  
This is only supported by Amazon S3 on Outposts.
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 128.

 ** [Alias](#API_control_CreateAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessPoint-response-Alias"></a>
The name or alias of the access point.  
Type: String  
Length Constraints: Maximum length of 63.  
Pattern: `^[0-9a-z\\-]{63}` 

## Examples


### Sample request for creating an access point for an Amazon S3 on Outposts bucket


This request creates an access point for S3 on Outposts bucket.

```
            PUT /v20180820/accesspoint/example-access-point HTTP/1.1
            Host:s3-outposts.<Region>.amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            <?xml version="1.0" encoding="UTF-8"?>
               <CreateAccessPointRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
                  <Bucket>example-outpost-bucket </Bucket>
               </CreateAccessPointRequest>
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateAccessPoint) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessPoint) 

# CreateAccessPointForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Creates an Object Lambda Access Point. For more information, see [Transforming objects with Object Lambda Access Points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/transforming-objects.html) in the *Amazon S3 User Guide*.

The following actions are related to `CreateAccessPointForObjectLambda`:
+  [DeleteAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html) 
+  [GetAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html) 
+  [ListAccessPointsForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html) 

## Request Syntax


```
PUT /v20180820/accesspointforobjectlambda/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessPointForObjectLambdaRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Configuration>
      <AllowedFeatures>
         <AllowedFeature>string</AllowedFeature>
      </AllowedFeatures>
      <CloudWatchMetricsEnabled>boolean</CloudWatchMetricsEnabled>
      <SupportingAccessPoint>string</SupportingAccessPoint>
      <TransformationConfigurations>
         <TransformationConfiguration>
            <Actions>
               <Action>string</Action>
            </Actions>
            <ContentTransformation>
               <AwsLambda>
                  <FunctionArn>string</FunctionArn>
                  <FunctionPayload>string</FunctionPayload>
               </AwsLambda>
            </ContentTransformation>
         </TransformationConfiguration>
      </TransformationConfigurations>
   </Configuration>
</CreateAccessPointForObjectLambdaRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPointForObjectLambda-request-uri-uri-Name"></a>
The name you want to assign to this Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPointForObjectLambda-request-header-AccountId"></a>
The Amazon Web Services account ID for owner of the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateAccessPointForObjectLambdaRequest](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPointForObjectLambda-request-CreateAccessPointForObjectLambdaRequest"></a>
Root level tag for the CreateAccessPointForObjectLambdaRequest parameters.  
Required: Yes

 ** [Configuration](#API_control_CreateAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_CreateAccessPointForObjectLambda-request-Configuration"></a>
Object Lambda Access Point configuration as a JSON document.  
Type: [ObjectLambdaConfiguration](API_control_ObjectLambdaConfiguration.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessPointForObjectLambdaResult>
   <ObjectLambdaAccessPointArn>string</ObjectLambdaAccessPointArn>
   <Alias>
      <Status>string</Status>
      <Value>string</Value>
   </Alias>
</CreateAccessPointForObjectLambdaResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateAccessPointForObjectLambdaResult](#API_control_CreateAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessPointForObjectLambda-response-CreateAccessPointForObjectLambdaResult"></a>
Root level tag for the CreateAccessPointForObjectLambdaResult parameters.  
Required: Yes

 ** [Alias](#API_control_CreateAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessPointForObjectLambda-response-Alias"></a>
The alias of the Object Lambda Access Point.  
Type: [ObjectLambdaAccessPointAlias](API_control_ObjectLambdaAccessPointAlias.md) data type

 ** [ObjectLambdaAccessPointArn](#API_control_CreateAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_CreateAccessPointForObjectLambda-response-ObjectLambdaAccessPointArn"></a>
Specifies the ARN for the Object Lambda Access Point.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:s3-object-lambda:[^:]*:\d{12}:accesspoint/.*` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateAccessPointForObjectLambda) 

# CreateBucket


**Note**  
This action creates an Amazon S3 on Outposts bucket. To create an S3 bucket, see [Create Bucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_CreateBucket.html) in the *Amazon S3 API Reference*. 

Creates a new Outposts bucket. By creating the bucket, you become the bucket owner. To create an Outposts bucket, you must have S3 on Outposts. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

Not every string is an acceptable bucket name. For information on bucket naming restrictions, see [Working with Amazon S3 Buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules).

S3 on Outposts buckets support:
+ Tags
+ LifecycleConfigurations for deleting expired objects

For a complete list of restrictions and Amazon S3 feature limitations on S3 on Outposts, see [ Amazon S3 on Outposts Restrictions and Limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OnOutpostsRestrictionsLimitations.html).

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and `x-amz-outpost-id` in your API request, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateBucket.html#API_control_CreateBucket_Examples) section.

The following actions are related to `CreateBucket` for Amazon S3 on Outposts:
+  [PutObject](https://docs.amazonaws.cn/AmazonS3/latest/API/API_PutObject.html) 
+  [GetBucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucket.html) 
+  [DeleteBucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucket.html) 
+  [CreateAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [PutAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html) 

## Request Syntax


```
PUT /v20180820/bucket/name HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-acl: ACL
x-amz-grant-full-control: GrantFullControl
x-amz-grant-read: GrantRead
x-amz-grant-read-acp: GrantReadACP
x-amz-grant-write: GrantWrite
x-amz-grant-write-acp: GrantWriteACP
x-amz-bucket-object-lock-enabled: ObjectLockEnabledForBucket
x-amz-outpost-id: OutpostId
<?xml version="1.0" encoding="UTF-8"?>
<CreateBucketConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <LocationConstraint>string</LocationConstraint>
</CreateBucketConfiguration>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-Bucket"></a>
The name of the bucket.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-acl](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-ACL"></a>
The canned ACL to apply to the bucket.  
This is not supported by Amazon S3 on Outposts buckets.
Valid Values: `private | public-read | public-read-write | authenticated-read` 

 ** [x-amz-bucket-object-lock-enabled](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-ObjectLockEnabledForBucket"></a>
Specifies whether you want S3 Object Lock to be enabled for the new bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-full-control](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-GrantFullControl"></a>
Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-read](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-GrantRead"></a>
Allows grantee to list the objects in the bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-read-acp](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-GrantReadACP"></a>
Allows grantee to read the bucket ACL.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-write](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-GrantWrite"></a>
Allows grantee to create, overwrite, and delete any object in the bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-grant-write-acp](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-GrantWriteACP"></a>
Allows grantee to write the ACL for the applicable bucket.  
This is not supported by Amazon S3 on Outposts buckets.

 ** [x-amz-outpost-id](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-header-OutpostId"></a>
The ID of the Outposts where the bucket is being created.  
This ID is required by Amazon S3 on Outposts buckets.
Length Constraints: Minimum length of 1. Maximum length of 64.

## Request Body


The request accepts the following data in XML format.

 ** [CreateBucketConfiguration](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-CreateBucketConfiguration"></a>
Root level tag for the CreateBucketConfiguration parameters.  
Required: Yes

 ** [LocationConstraint](#API_control_CreateBucket_RequestSyntax) **   <a name="AmazonS3-control_CreateBucket-request-LocationConstraint"></a>
Specifies the Region where the bucket will be created. If you are creating a bucket on the US East (N. Virginia) Region (us-east-1), you do not need to specify the location.   
This is not supported by Amazon S3 on Outposts buckets.
Type: String  
Valid Values: `EU | eu-west-1 | us-west-1 | us-west-2 | ap-south-1 | ap-southeast-1 | ap-southeast-2 | ap-northeast-1 | sa-east-1 | cn-north-1 | eu-central-1`   
Required: No

## Response Syntax


```
HTTP/1.1 200
Location: Location
<?xml version="1.0" encoding="UTF-8"?>
<CreateBucketResult>
   <BucketArn>string</BucketArn>
</CreateBucketResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The response returns the following HTTP headers.

 ** [Location](#API_control_CreateBucket_ResponseSyntax) **   <a name="AmazonS3-control_CreateBucket-response-header-Location"></a>
The location of the bucket.

The following data is returned in XML format by the service.

 ** [CreateBucketResult](#API_control_CreateBucket_ResponseSyntax) **   <a name="AmazonS3-control_CreateBucket-response-CreateBucketResult"></a>
Root level tag for the CreateBucketResult parameters.  
Required: Yes

 ** [BucketArn](#API_control_CreateBucket_ResponseSyntax) **   <a name="AmazonS3-control_CreateBucket-response-BucketArn"></a>
The Amazon Resource Name (ARN) of the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 128.

## Errors


 ** BucketAlreadyExists **   
The requested Outposts bucket name is not available. The bucket namespace is shared by all users of the Amazon Outposts in this Region. Select a different name and try again.  
HTTP Status Code: 400

 ** BucketAlreadyOwnedByYou **   
The Outposts bucket you tried to create already exists, and you own it.   
HTTP Status Code: 400

## Examples


### Sample request to create an Amazon S3 on Outposts bucket


This request creates an Outposts bucket named `example-outpost-bucket`.

```
            PUT /v20180820/bucket/example-outpost-bucket/  HTTP/1.1
            Host:s3-outposts.<Region>.amazonaws.com
            x-amz-outpost-id: op-01ac5d28a6a232904
            Content-Length: 
            Date: Wed, 01 Mar  2006 12:00:00 GMT
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateBucket) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateBucket) 

# CreateJob


This operation creates an S3 Batch Operations job.

You can use S3 Batch Operations to perform large-scale batch actions on Amazon S3 objects. Batch Operations can run a single action on lists of Amazon S3 objects that you specify. For more information, see [S3 Batch Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
For information about permissions required to use the Batch Operations, see [Granting permissions for S3 Batch Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/batch-ops-iam-role-policies.html) in the *Amazon S3 User Guide*.



Related actions include:
+  [DescribeJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [ListJobs](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [UpdateJobPriority](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobPriority.html) 
+  [UpdateJobStatus](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 
+  [JobOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_JobOperation.html) 

## Request Syntax


```
POST /v20180820/jobs HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateJobRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <ConfirmationRequired>boolean</ConfirmationRequired>
   <Operation>
      <LambdaInvoke>
         <FunctionArn>string</FunctionArn>
         <InvocationSchemaVersion>string</InvocationSchemaVersion>
         <UserArguments>
            <entry>
               <key>string</key>
               <value>string</value>
            </entry>
         </UserArguments>
      </LambdaInvoke>
      <S3ComputeObjectChecksum>
         <ChecksumAlgorithm>string</ChecksumAlgorithm>
         <ChecksumType>string</ChecksumType>
      </S3ComputeObjectChecksum>
      <S3DeleteObjectTagging>
      </S3DeleteObjectTagging>
      <S3InitiateRestoreObject>
         <ExpirationInDays>integer</ExpirationInDays>
         <GlacierJobTier>string</GlacierJobTier>
      </S3InitiateRestoreObject>
      <S3PutObjectAcl>
         <AccessControlPolicy>
            <AccessControlList>
               <Grants>
                  <S3Grant>
                     <Grantee>
                        <DisplayName>string</DisplayName>
                        <Identifier>string</Identifier>
                        <TypeIdentifier>string</TypeIdentifier>
                     </Grantee>
                     <Permission>string</Permission>
                  </S3Grant>
               </Grants>
               <Owner>
                  <DisplayName>string</DisplayName>
                  <ID>string</ID>
               </Owner>
            </AccessControlList>
            <CannedAccessControlList>string</CannedAccessControlList>
         </AccessControlPolicy>
      </S3PutObjectAcl>
      <S3PutObjectCopy>
         <AccessControlGrants>
            <S3Grant>
               <Grantee>
                  <DisplayName>string</DisplayName>
                  <Identifier>string</Identifier>
                  <TypeIdentifier>string</TypeIdentifier>
               </Grantee>
               <Permission>string</Permission>
            </S3Grant>
         </AccessControlGrants>
         <BucketKeyEnabled>boolean</BucketKeyEnabled>
         <CannedAccessControlList>string</CannedAccessControlList>
         <ChecksumAlgorithm>string</ChecksumAlgorithm>
         <MetadataDirective>string</MetadataDirective>
         <ModifiedSinceConstraint>timestamp</ModifiedSinceConstraint>
         <NewObjectMetadata>
            <CacheControl>string</CacheControl>
            <ContentDisposition>string</ContentDisposition>
            <ContentEncoding>string</ContentEncoding>
            <ContentLanguage>string</ContentLanguage>
            <ContentLength>long</ContentLength>
            <ContentMD5>string</ContentMD5>
            <ContentType>string</ContentType>
            <HttpExpiresDate>timestamp</HttpExpiresDate>
            <RequesterCharged>boolean</RequesterCharged>
            <SSEAlgorithm>string</SSEAlgorithm>
            <UserMetadata>
               <entry>
                  <key>string</key>
                  <value>string</value>
               </entry>
            </UserMetadata>
         </NewObjectMetadata>
         <NewObjectTagging>
            <S3Tag>
               <Key>string</Key>
               <Value>string</Value>
            </S3Tag>
         </NewObjectTagging>
         <ObjectLockLegalHoldStatus>string</ObjectLockLegalHoldStatus>
         <ObjectLockMode>string</ObjectLockMode>
         <ObjectLockRetainUntilDate>timestamp</ObjectLockRetainUntilDate>
         <RedirectLocation>string</RedirectLocation>
         <RequesterPays>boolean</RequesterPays>
         <SSEAwsKmsKeyId>string</SSEAwsKmsKeyId>
         <StorageClass>string</StorageClass>
         <TargetKeyPrefix>string</TargetKeyPrefix>
         <TargetResource>string</TargetResource>
         <UnModifiedSinceConstraint>timestamp</UnModifiedSinceConstraint>
      </S3PutObjectCopy>
      <S3PutObjectLegalHold>
         <LegalHold>
            <Status>string</Status>
         </LegalHold>
      </S3PutObjectLegalHold>
      <S3PutObjectRetention>
         <BypassGovernanceRetention>boolean</BypassGovernanceRetention>
         <Retention>
            <Mode>string</Mode>
            <RetainUntilDate>timestamp</RetainUntilDate>
         </Retention>
      </S3PutObjectRetention>
      <S3PutObjectTagging>
         <TagSet>
            <S3Tag>
               <Key>string</Key>
               <Value>string</Value>
            </S3Tag>
         </TagSet>
      </S3PutObjectTagging>
      <S3ReplicateObject>
      </S3ReplicateObject>
      <S3UpdateObjectEncryption>
         <ObjectEncryption>
            <SSE-KMS>
               <BucketKeyEnabled>boolean</BucketKeyEnabled>
               <KMSKeyArn>string</KMSKeyArn>
            </SSE-KMS>
         </ObjectEncryption>
      </S3UpdateObjectEncryption>
   </Operation>
   <Report>
      <Bucket>string</Bucket>
      <Enabled>boolean</Enabled>
      <ExpectedBucketOwner>string</ExpectedBucketOwner>
      <Format>string</Format>
      <Prefix>string</Prefix>
      <ReportScope>string</ReportScope>
   </Report>
   <ClientRequestToken>string</ClientRequestToken>
   <Manifest>
      <Location>
         <ETag>string</ETag>
         <ObjectArn>string</ObjectArn>
         <ObjectVersionId>string</ObjectVersionId>
      </Location>
      <Spec>
         <Fields>
            <member>string</member>
         </Fields>
         <Format>string</Format>
      </Spec>
   </Manifest>
   <Description>string</Description>
   <Priority>integer</Priority>
   <RoleArn>string</RoleArn>
   <Tags>
      <S3Tag>
         <Key>string</Key>
         <Value>string</Value>
      </S3Tag>
   </Tags>
   <ManifestGenerator>
      <S3JobManifestGenerator>
         <EnableManifestOutput>boolean</EnableManifestOutput>
         <ExpectedBucketOwner>string</ExpectedBucketOwner>
         <Filter>
            <CreatedAfter>timestamp</CreatedAfter>
            <CreatedBefore>timestamp</CreatedBefore>
            <EligibleForReplication>boolean</EligibleForReplication>
            <KeyNameConstraint>
               <MatchAnyPrefix>
                  <member>string</member>
               </MatchAnyPrefix>
               <MatchAnySubstring>
                  <member>string</member>
               </MatchAnySubstring>
               <MatchAnySuffix>
                  <member>string</member>
               </MatchAnySuffix>
            </KeyNameConstraint>
            <MatchAnyObjectEncryption>
               <ObjectEncryption>
                  <DSSE-KMS>
                     <KmsKeyArn>string</KmsKeyArn>
                  </DSSE-KMS>
                  <NOT-SSE>
                  </NOT-SSE>
                  <SSE-C>
                  </SSE-C>
                  <SSE-KMS>
                     <BucketKeyEnabled>boolean</BucketKeyEnabled>
                     <KmsKeyArn>string</KmsKeyArn>
                  </SSE-KMS>
                  <SSE-S3>
                  </SSE-S3>
               </ObjectEncryption>
            </MatchAnyObjectEncryption>
            <MatchAnyStorageClass>
               <member>string</member>
            </MatchAnyStorageClass>
            <ObjectReplicationStatuses>
               <member>string</member>
            </ObjectReplicationStatuses>
            <ObjectSizeGreaterThanBytes>long</ObjectSizeGreaterThanBytes>
            <ObjectSizeLessThanBytes>long</ObjectSizeLessThanBytes>
         </Filter>
         <ManifestOutputLocation>
            <Bucket>string</Bucket>
            <ExpectedManifestBucketOwner>string</ExpectedManifestBucketOwner>
            <ManifestEncryption>
               <SSE-KMS>
                  <KeyId>string</KeyId>
               </SSE-KMS>
               <SSE-S3>
               </SSE-S3>
            </ManifestEncryption>
            <ManifestFormat>string</ManifestFormat>
            <ManifestPrefix>string</ManifestPrefix>
         </ManifestOutputLocation>
         <SourceBucket>string</SourceBucket>
      </S3JobManifestGenerator>
   </ManifestGenerator>
</CreateJobRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-header-AccountId"></a>
The Amazon Web Services account ID that creates the job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateJobRequest](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-CreateJobRequest"></a>
Root level tag for the CreateJobRequest parameters.  
Required: Yes

 ** [ClientRequestToken](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-ClientRequestToken"></a>
An idempotency token to ensure that you don't accidentally submit the same request twice. You can use any string up to the maximum length.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Required: Yes

 ** [ConfirmationRequired](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-ConfirmationRequired"></a>
Indicates whether confirmation is required before Amazon S3 runs the job. Confirmation is only required for jobs created through the Amazon S3 console.  
Type: Boolean  
Required: No

 ** [Description](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-Description"></a>
A description for this job. You can use any string within the permitted length. Descriptions don't need to be unique and can be used for multiple jobs.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 256.  
Required: No

 ** [Manifest](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-Manifest"></a>
Configuration parameters for the manifest.  
Type: [JobManifest](API_control_JobManifest.md) data type  
Required: No

 ** [ManifestGenerator](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-ManifestGenerator"></a>
The attribute container for the ManifestGenerator details. Jobs must be created with either a manifest file or a ManifestGenerator, but not both.  
Type: [JobManifestGenerator](API_control_JobManifestGenerator.md) data type  
 **Note: **This object is a Union. Only one member of this object can be specified or returned.  
Required: No

 ** [Operation](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-Operation"></a>
The action that you want this job to perform on every object listed in the manifest. For more information about the available actions, see [Operations](https://docs.amazonaws.cn/AmazonS3/latest/dev/batch-ops-operations.html) in the *Amazon S3 User Guide*.  
Type: [JobOperation](API_control_JobOperation.md) data type  
Required: Yes

 ** [Priority](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-Priority"></a>
The numerical priority for this job. Higher numbers indicate higher priority.  
Type: Integer  
Valid Range: Minimum value of 0. Maximum value of 2147483647.  
Required: Yes

 ** [Report](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-Report"></a>
Configuration parameters for the optional job-completion report.  
Type: [JobReport](API_control_JobReport.md) data type  
Required: Yes

 ** [RoleArn](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-RoleArn"></a>
The Amazon Resource Name (ARN) for the Amazon Identity and Access Management (IAM) role that Batch Operations will use to run this job's action on every object in the manifest.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*`   
Required: Yes

 ** [Tags](#API_control_CreateJob_RequestSyntax) **   <a name="AmazonS3-control_CreateJob-request-Tags"></a>
A set of tags to associate with the S3 Batch Operations job. This is an optional parameter.   
Type: Array of [S3Tag](API_control_S3Tag.md) data types  
Required: No

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateJobResult>
   <JobId>string</JobId>
</CreateJobResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateJobResult](#API_control_CreateJob_ResponseSyntax) **   <a name="AmazonS3-control_CreateJob-response-CreateJobResult"></a>
Root level tag for the CreateJobResult parameters.  
Required: Yes

 ** [JobId](#API_control_CreateJob_ResponseSyntax) **   <a name="AmazonS3-control_CreateJob-response-JobId"></a>
The ID for this job. Amazon S3 generates this ID automatically and returns it after a successful `Create Job` request.  
Type: String  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+` 

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** IdempotencyException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateJob) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateJob) 

# CreateMultiRegionAccessPoint


**Note**  
This operation is not supported by directory buckets.

Creates a Multi-Region Access Point and associates it with the specified buckets. For more information about creating Multi-Region Access Points, see [Creating Multi-Region Access Points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html) in the *Amazon S3 User Guide*.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with `DescribeMultiRegionAccessPointOperation`.

The following actions are related to `CreateMultiRegionAccessPoint`:
+  [DeleteMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [GetMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 
+  [ListMultiRegionAccessPoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
POST /v20180820/async-requests/mrap/create HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateMultiRegionAccessPointRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <ClientToken>string</ClientToken>
   <Details>
      <Name>string</Name>
      <PublicAccessBlock>
         <BlockPublicAcls>boolean</BlockPublicAcls>
         <BlockPublicPolicy>boolean</BlockPublicPolicy>
         <IgnorePublicAcls>boolean</IgnorePublicAcls>
         <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
      </PublicAccessBlock>
      <Regions>
         <Region>
            <Bucket>string</Bucket>
            <BucketAccountId>string</BucketAccountId>
         </Region>
      </Regions>
   </Details>
</CreateMultiRegionAccessPointRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateMultiRegionAccessPoint-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point. The owner of the Multi-Region Access Point also must own the underlying buckets.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateMultiRegionAccessPointRequest](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateMultiRegionAccessPoint-request-CreateMultiRegionAccessPointRequest"></a>
Root level tag for the CreateMultiRegionAccessPointRequest parameters.  
Required: Yes

 ** [ClientToken](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateMultiRegionAccessPoint-request-ClientToken"></a>
An idempotency token used to identify the request and guarantee that requests are unique.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `\S+`   
Required: Yes

 ** [Details](#API_control_CreateMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_CreateMultiRegionAccessPoint-request-Details"></a>
A container element containing details about the Multi-Region Access Point.  
Type: [CreateMultiRegionAccessPointInput](API_control_CreateMultiRegionAccessPointInput.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateMultiRegionAccessPointResult>
   <RequestTokenARN>string</RequestTokenARN>
</CreateMultiRegionAccessPointResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [CreateMultiRegionAccessPointResult](#API_control_CreateMultiRegionAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_CreateMultiRegionAccessPoint-response-CreateMultiRegionAccessPointResult"></a>
Root level tag for the CreateMultiRegionAccessPointResult parameters.  
Required: Yes

 ** [RequestTokenARN](#API_control_CreateMultiRegionAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_CreateMultiRegionAccessPoint-response-RequestTokenARN"></a>
The request token associated with the request. You can use this token with [DescribeMultiRegionAccessPointOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) to determine the status of asynchronous requests.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateMultiRegionAccessPoint) 

# CreateStorageLensGroup


 Creates a new S3 Storage Lens group and associates it with the specified Amazon account ID. An S3 Storage Lens group is a custom grouping of objects based on prefix, suffix, object tags, object size, object age, or a combination of these filters. For each Storage Lens group that you’ve created, you can also optionally add Amazon resource tags. For more information about S3 Storage Lens groups, see [Working with S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage-lens-groups-overview.html).

To use this operation, you must have the permission to perform the `s3:CreateStorageLensGroup` action. If you’re trying to create a Storage Lens group with Amazon resource tags, you must also have permission to perform the `s3:TagResource` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
POST /v20180820/storagelensgroup HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateStorageLensGroupRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <StorageLensGroup>
      <Filter>
         <And>
            <MatchAnyPrefix>
               <Prefix>string</Prefix>
            </MatchAnyPrefix>
            <MatchAnySuffix>
               <Suffix>string</Suffix>
            </MatchAnySuffix>
            <MatchAnyTag>
               <Tag>
                  <Key>string</Key>
                  <Value>string</Value>
               </Tag>
            </MatchAnyTag>
            <MatchObjectAge>
               <DaysGreaterThan>integer</DaysGreaterThan>
               <DaysLessThan>integer</DaysLessThan>
            </MatchObjectAge>
            <MatchObjectSize>
               <BytesGreaterThan>long</BytesGreaterThan>
               <BytesLessThan>long</BytesLessThan>
            </MatchObjectSize>
         </And>
         <MatchAnyPrefix>
            <Prefix>string</Prefix>
         </MatchAnyPrefix>
         <MatchAnySuffix>
            <Suffix>string</Suffix>
         </MatchAnySuffix>
         <MatchAnyTag>
            <Tag>
               <Key>string</Key>
               <Value>string</Value>
            </Tag>
         </MatchAnyTag>
         <MatchObjectAge>
            <DaysGreaterThan>integer</DaysGreaterThan>
            <DaysLessThan>integer</DaysLessThan>
         </MatchObjectAge>
         <MatchObjectSize>
            <BytesGreaterThan>long</BytesGreaterThan>
            <BytesLessThan>long</BytesLessThan>
         </MatchObjectSize>
         <Or>
            <MatchAnyPrefix>
               <Prefix>string</Prefix>
            </MatchAnyPrefix>
            <MatchAnySuffix>
               <Suffix>string</Suffix>
            </MatchAnySuffix>
            <MatchAnyTag>
               <Tag>
                  <Key>string</Key>
                  <Value>string</Value>
               </Tag>
            </MatchAnyTag>
            <MatchObjectAge>
               <DaysGreaterThan>integer</DaysGreaterThan>
               <DaysLessThan>integer</DaysLessThan>
            </MatchObjectAge>
            <MatchObjectSize>
               <BytesGreaterThan>long</BytesGreaterThan>
               <BytesLessThan>long</BytesLessThan>
            </MatchObjectSize>
         </Or>
      </Filter>
      <Name>string</Name>
      <StorageLensGroupArn>string</StorageLensGroupArn>
   </StorageLensGroup>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</CreateStorageLensGroupRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_CreateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_CreateStorageLensGroup-request-header-AccountId"></a>
 The Amazon Web Services account ID that the Storage Lens group is created from and associated with.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [CreateStorageLensGroupRequest](#API_control_CreateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_CreateStorageLensGroup-request-CreateStorageLensGroupRequest"></a>
Root level tag for the CreateStorageLensGroupRequest parameters.  
Required: Yes

 ** [StorageLensGroup](#API_control_CreateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_CreateStorageLensGroup-request-StorageLensGroup"></a>
 The Storage Lens group configuration.   
Type: [StorageLensGroup](API_control_StorageLensGroup.md) data type  
Required: Yes

 ** [Tags](#API_control_CreateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_CreateStorageLensGroup-request-Tags"></a>
 The Amazon resource tags that you're adding to your Storage Lens group. This parameter is optional.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: No

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/CreateStorageLensGroup) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/CreateStorageLensGroup) 

# DeleteAccessGrant


Deletes the access grant from the S3 Access Grants instance. You cannot undo an access grant deletion and the grantee will no longer have access to the S3 data.

Permissions  
You must have the `s3:DeleteAccessGrant` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/grant/id HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DeleteAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessGrant-request-uri-uri-AccessGrantId"></a>
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessGrant-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessGrant) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrant) 

# DeleteAccessGrantsInstance


Deletes your S3 Access Grants instance. You must first delete the access grants and locations before S3 Access Grants can delete the instance. See [DeleteAccessGrant](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessGrant.html) and [DeleteAccessGrantsLocation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessGrantsLocation.html). If you have associated an IAM Identity Center instance with your S3 Access Grants instance, you must first dissassociate the Identity Center instance from the S3 Access Grants instance before you can delete the S3 Access Grants instance. See [AssociateAccessGrantsIdentityCenter](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_AssociateAccessGrantsIdentityCenter.html) and [DissociateAccessGrantsIdentityCenter](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DissociateAccessGrantsIdentityCenter.html).

Permissions  
You must have the `s3:DeleteAccessGrantsInstance` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeleteAccessGrantsInstance_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessGrantsInstance-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessGrantsInstance) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrantsInstance) 

# DeleteAccessGrantsInstanceResourcePolicy


Deletes the resource policy of the S3 Access Grants instance. The resource policy is used to manage cross-account access to your S3 Access Grants instance. By deleting the resource policy, you delete any cross-account permissions to your S3 Access Grants instance. 

Permissions  
You must have the `s3:DeleteAccessGrantsInstanceResourcePolicy` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/resourcepolicy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeleteAccessGrantsInstanceResourcePolicy_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessGrantsInstanceResourcePolicy-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicy) 

# DeleteAccessGrantsLocation


Deregisters a location from your S3 Access Grants instance. You can only delete a location registration from an S3 Access Grants instance if there are no grants associated with this location. See [Delete a grant](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessGrant.html) for information on how to delete grants. You need to have at least one registered location in your S3 Access Grants instance in order to create access grants. 

Permissions  
You must have the `s3:DeleteAccessGrantsLocation` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/location/id HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DeleteAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessGrantsLocation-request-uri-uri-AccessGrantsLocationId"></a>
The ID of the registered location that you are deregistering from your S3 Access Grants instance. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessGrantsLocation-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessGrantsLocation) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessGrantsLocation) 

# DeleteAccessPoint


Deletes the specified access point.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPoint.html#API_control_DeleteAccessPoint_Examples) section.

The following actions are related to `DeleteAccessPoint`:
+  [CreateAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [GetAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPoint.html) 
+  [ListAccessPoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPoints.html) 

## Request Syntax


```
DELETE /v20180820/accesspoint/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPoint-request-uri-uri-Name"></a>
The name of the access point you want to delete.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPoint-request-header-AccountId"></a>
The Amazon Web Services account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### DeleteAccessPoint syntax for Amazon S3 on Outposts


The following request deletes the access point of the specified Outpost.

```
           DELETE  /v20180820/accesspoint/example-access-point  HTTP/1.1
           Host: s3-outposts.<Region>.amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
           Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessPoint) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPoint) 

# DeleteAccessPointForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Deletes the specified Object Lambda Access Point.

The following actions are related to `DeleteAccessPointForObjectLambda`:
+  [CreateAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html) 
+  [GetAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html) 
+  [ListAccessPointsForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html) 

## Request Syntax


```
DELETE /v20180820/accesspointforobjectlambda/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointForObjectLambda-request-uri-uri-Name"></a>
The name of the access point you want to delete.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointForObjectLambda) 

# DeleteAccessPointPolicy


Deletes the access point policy for the specified access point.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html#API_control_DeleteAccessPointPolicy_Examples) section.

The following actions are related to `DeleteAccessPointPolicy`:
+  [PutAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html) 
+  [GetAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html) 

## Request Syntax


```
DELETE /v20180820/accesspoint/name/policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointPolicy-request-uri-uri-Name"></a>
The name of the access point whose policy you want to delete.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointPolicy-request-header-AccountId"></a>
The account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request syntax for using the DeleteAccessPointPolicy action with Amazon S3 on Outposts access point


This example illustrates one usage of DeleteAccessPointPolicy.

```
           DELETE  /v20180820/accesspoint/example-access-point/policy  HTTP/1.1
           Host: s3-outposts.<Region>.amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessPointPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointPolicy) 

# DeleteAccessPointPolicyForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Removes the resource policy for an Object Lambda Access Point.

The following actions are related to `DeleteAccessPointPolicyForObjectLambda`:
+  [GetAccessPointPolicyForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointPolicyForObjectLambda.html) 
+  [PutAccessPointPolicyForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutAccessPointPolicyForObjectLambda.html) 

## Request Syntax


```
DELETE /v20180820/accesspointforobjectlambda/name/policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointPolicyForObjectLambda-request-uri-uri-Name"></a>
The name of the Object Lambda Access Point you want to delete the policy for.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointPolicyForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambda) 

# DeleteAccessPointScope


 Deletes an existing access point scope for a directory bucket.

**Note**  
When you delete the scope of an access point, all prefixes and permissions are deleted.

To use this operation, you must have the permission to perform the `s3express:DeleteAccessPointScope` action.

For information about REST API errors, see [REST error responses](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
DELETE /v20180820/accesspoint/name/scope HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointScope-request-uri-uri-Name"></a>
 The name of the access point with the scope that you want to delete.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_DeleteAccessPointScope-request-header-AccountId"></a>
 The Amazon account ID that owns the access point with the scope that you want to delete.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteAccessPointScope) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteAccessPointScope) 

# DeleteBucket


**Note**  
This action deletes an Amazon S3 on Outposts bucket. To delete an S3 bucket, see [DeleteBucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_DeleteBucket.html) in the *Amazon S3 API Reference*. 

Deletes the Amazon S3 on Outposts bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucket.html#API_control_DeleteBucket_Examples) section.

**Related Resources**
+  [CreateBucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateBucket.html) 
+  [GetBucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucket.html) 
+  [DeleteObject](https://docs.amazonaws.cn/AmazonS3/latest/API/API_DeleteObject.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucket_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucket-request-header-Bucket"></a>
Specifies the bucket being deleted.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucket_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucket-request-header-AccountId"></a>
The account ID that owns the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request to delete an Amazon S3 on Outposts bucket


This request deletes the Outposts bucket named `example-outpost-bucket`. 

```
DELETE /v20180820/bucket/example-outpost-bucket/ HTTP/1.1
Host: s3-outposts.<Region>.amazonaws.com
x-amz-outpost-id: op-01ac5d28a6a232904
x-amz-account-id:example-account-id
Date: Wed, 01 Mar  2006 12:00:00 GMT
Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteBucket) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucket) 

# DeleteBucketLifecycleConfiguration


**Note**  
This action deletes an Amazon S3 on Outposts bucket's lifecycle configuration. To delete an S3 bucket's lifecycle configuration, see [DeleteBucketLifecycle](https://docs.amazonaws.cn/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) in the *Amazon S3 API Reference*. 

Deletes the lifecycle configuration from the specified Outposts bucket. Amazon S3 on Outposts removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 on Outposts no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

To use this operation, you must have permission to perform the `s3-outposts:PutLifecycleConfiguration` action. By default, the bucket owner has this permission and the Outposts bucket owner can grant this permission to others.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketLifecycleConfiguration.html#API_control_DeleteBucketLifecycleConfiguration_Examples) section.

For more information about object expiration, see [Elements to Describe Lifecycle Actions](https://docs.amazonaws.cn/AmazonS3/latest/dev/intro-lifecycle-rules.html#intro-lifecycle-rules-actions).

Related actions include:
+  [PutBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [GetBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/lifecycleconfiguration HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketLifecycleConfiguration-request-header-Bucket"></a>
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketLifecycleConfiguration-request-header-AccountId"></a>
The account ID of the lifecycle configuration to delete.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request to delete the lifecycle configuration of an Amazon S3 on Outposts bucket


This example illustrates one usage of DeleteBucketLifecycleConfiguration.

```
                  DELETE /v20180820/bucket/example-outpost-bucket/lifecycleconfiguration HTTP/1.1
                  Host: s3-outposts.<Region>.amazonaws.com 
                  x-amz-outpost-id: op-01ac5d28a6a232904
                  x-amz-account-id:example-account-id
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketLifecycleConfiguration) 

# DeleteBucketPolicy


**Note**  
This action deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see [DeleteBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_DeleteBucketPolicy.html) in the *Amazon S3 API Reference*. 

This implementation of the DELETE action uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the `s3-outposts:DeleteBucketPolicy` permissions on the specified Outposts bucket and belong to the bucket owner's account to use this action. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

If you don't have `DeleteBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error. 

**Important**  
As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see [Using Bucket Policies and User Policies](https://docs.amazonaws.cn/AmazonS3/latest/dev/using-iam-policies.html). 

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html#API_control_DeleteBucketPolicy_Examples) section.

The following actions are related to `DeleteBucketPolicy`:
+  [GetBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketPolicy.html) 
+  [PutBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketPolicy.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/policy HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketPolicy-request-header-Bucket"></a>
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketPolicy-request-header-AccountId"></a>
The account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request for deleting a bucket policy for an Amazon S3 on Outposts bucket


This example illustrates one usage of DeleteBucketPolicy.

```
            DELETE v20180820/bucket/example-outpost-bucket/policy  HTTP/1.1
            Host: s3-outposts.<Region>.amazonaws.com  
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteBucketPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketPolicy) 

# DeleteBucketReplication


**Note**  
This operation deletes an Amazon S3 on Outposts bucket's replication configuration. To delete an S3 bucket's replication configuration, see [DeleteBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_DeleteBucketReplication.html) in the *Amazon S3 API Reference*. 

Deletes the replication configuration from the specified S3 on Outposts bucket.

To use this operation, you must have permissions to perform the `s3-outposts:PutReplicationConfiguration` action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see [Setting up IAM with S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsIAM.html) and [Managing access to S3 on Outposts buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsBucketPolicy.html) in the *Amazon S3 User Guide*.

**Note**  
It can take a while to propagate `PUT` or `DELETE` requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a `GET` request soon after a `PUT` or `DELETE` request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketReplication.html#API_control_DeleteBucketReplication_Examples) section.

For information about S3 replication on Outposts configuration, see [Replicating objects for S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsReplication.html) in the *Amazon S3 User Guide*.

The following operations are related to `DeleteBucketReplication`:
+  [PutBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketReplication.html) 
+  [GetBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketReplication.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/replication HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketReplication-request-header-Bucket"></a>
Specifies the S3 on Outposts bucket to delete the replication configuration for.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketReplication-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket to delete the replication configuration for.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample Request


The following `DELETE` request deletes the `replication` subresource from the specified S3 on Outposts bucket. This request removes the replication configuration that is set for the bucket. 

```
DELETE /v20180820/bucket/example-outpost-bucket/replication HTTP/1.1
Host: s3-outposts.<Region>.amazonaws.com 
x-amz-outpost-id: op-01ac5d28a6a232904
x-amz-account-id:example-account-id
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteBucketReplication) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketReplication) 

# DeleteBucketTagging


**Note**  
This action deletes an Amazon S3 on Outposts bucket's tags. To delete an S3 bucket tags, see [DeleteBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_DeleteBucketTagging.html) in the *Amazon S3 API Reference*. 

Deletes the tags from the Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in *Amazon S3 User Guide*.

To use this action, you must have permission to perform the `PutBucketTagging` action. By default, the bucket owner has this permission and can grant this permission to others. 

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketTagging.html#API_control_DeleteBucketTagging_Examples) section.

The following actions are related to `DeleteBucketTagging`:
+  [GetBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketTagging.html) 
+  [PutBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketTagging.html) 

## Request Syntax


```
DELETE /v20180820/bucket/name/tagging HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketTagging-request-header-Bucket"></a>
The bucket ARN that has the tag set to be removed.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_DeleteBucketTagging-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket tag set to be removed.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Examples


### Sample request to delete tags for Amazon S3 on Outposts bucket


The following DELETE request deletes the tag set from the Outposts bucket `example-outpost-bucket`. 

```
            DELETE v20180820/bucket/example-outpost-bucket/tagging HTTP/1.1
            Host: s3-outposts.<Region>.amazonaws.com 
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Date: Wed, 14 Dec 2020 05:37:16 GMT
            Authorization: signatureValue
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteBucketTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteBucketTagging) 

# DeleteJobTagging


Removes the entire tag set from the specified S3 Batch Operations job.

Permissions  
To use the `DeleteJobTagging` operation, you must have permission to perform the `s3:DeleteJobTagging` action. For more information, see [Controlling access and labeling jobs using tags](https://docs.amazonaws.cn/AmazonS3/latest/dev/batch-ops-managing-jobs.html#batch-ops-job-tags) in the *Amazon S3 User Guide*.

Related actions include:
+  [CreateJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [GetJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetJobTagging.html) 
+  [PutJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutJobTagging.html) 

## Request Syntax


```
DELETE /v20180820/jobs/id/tagging HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DeleteJobTagging_RequestSyntax) **   <a name="AmazonS3-control_DeleteJobTagging-request-uri-uri-JobId"></a>
The ID for the S3 Batch Operations job whose tags you want to delete.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteJobTagging_RequestSyntax) **   <a name="AmazonS3-control_DeleteJobTagging-request-header-AccountId"></a>
The Amazon Web Services account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteJobTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteJobTagging) 

# DeleteMultiRegionAccessPoint


**Note**  
This operation is not supported by directory buckets.

Deletes a Multi-Region Access Point. This action does not delete the buckets associated with the Multi-Region Access Point, only the Multi-Region Access Point itself.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with `DescribeMultiRegionAccessPointOperation`.

The following actions are related to `DeleteMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [GetMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 
+  [ListMultiRegionAccessPoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
POST /v20180820/async-requests/mrap/delete HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<DeleteMultiRegionAccessPointRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <ClientToken>string</ClientToken>
   <Details>
      <Name>string</Name>
   </Details>
</DeleteMultiRegionAccessPointRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_DeleteMultiRegionAccessPoint-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [DeleteMultiRegionAccessPointRequest](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_DeleteMultiRegionAccessPoint-request-DeleteMultiRegionAccessPointRequest"></a>
Root level tag for the DeleteMultiRegionAccessPointRequest parameters.  
Required: Yes

 ** [ClientToken](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_DeleteMultiRegionAccessPoint-request-ClientToken"></a>
An idempotency token used to identify the request and guarantee that requests are unique.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `\S+`   
Required: Yes

 ** [Details](#API_control_DeleteMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_DeleteMultiRegionAccessPoint-request-Details"></a>
A container element containing details about the Multi-Region Access Point.  
Type: [DeleteMultiRegionAccessPointInput](API_control_DeleteMultiRegionAccessPointInput.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<DeleteMultiRegionAccessPointResult>
   <RequestTokenARN>string</RequestTokenARN>
</DeleteMultiRegionAccessPointResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [DeleteMultiRegionAccessPointResult](#API_control_DeleteMultiRegionAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_DeleteMultiRegionAccessPoint-response-DeleteMultiRegionAccessPointResult"></a>
Root level tag for the DeleteMultiRegionAccessPointResult parameters.  
Required: Yes

 ** [RequestTokenARN](#API_control_DeleteMultiRegionAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_DeleteMultiRegionAccessPoint-response-RequestTokenARN"></a>
The request token associated with the request. You can use this token with [DescribeMultiRegionAccessPointOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) to determine the status of asynchronous requests.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteMultiRegionAccessPoint) 

# DeletePublicAccessBlock


**Note**  
This operation is not supported by directory buckets.

Removes the `PublicAccessBlock` configuration for an Amazon Web Services account. This operation might be restricted when the account is managed by organization-level Block Public Access policies. You’ll get an Access Denied (403) error when the account is managed by organization-level Block Public Access policies. Organization-level policies override account-level settings, preventing direct account-level modifications. For more information, see [ Using Amazon S3 block public access](https://docs.amazonaws.cn/AmazonS3/latest/dev/access-control-block-public-access.html).

Related actions include:
+  [GetPublicAccessBlock](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetPublicAccessBlock.html) 
+  [PutPublicAccessBlock](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutPublicAccessBlock.html) 

## Request Syntax


```
DELETE /v20180820/configuration/publicAccessBlock HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DeletePublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_DeletePublicAccessBlock-request-header-AccountId"></a>
The account ID for the Amazon Web Services account whose `PublicAccessBlock` configuration you want to remove.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeletePublicAccessBlock) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeletePublicAccessBlock) 

# DeleteStorageLensConfiguration


**Note**  
This operation is not supported by directory buckets.

Deletes the Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:DeleteStorageLensConfiguration` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
DELETE /v20180820/storagelens/storagelensid HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_DeleteStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_DeleteStorageLensConfiguration-request-uri-uri-ConfigId"></a>
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_DeleteStorageLensConfiguration-request-header-AccountId"></a>
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteStorageLensConfiguration) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteStorageLensConfiguration) 

# DeleteStorageLensConfigurationTagging


**Note**  
This operation is not supported by directory buckets.

Deletes the Amazon S3 Storage Lens configuration tags. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:DeleteStorageLensConfigurationTagging` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
DELETE /v20180820/storagelens/storagelensid/tagging HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_DeleteStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_DeleteStorageLensConfigurationTagging-request-uri-uri-ConfigId"></a>
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_DeleteStorageLensConfigurationTagging-request-header-AccountId"></a>
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteStorageLensConfigurationTagging) 

# DeleteStorageLensGroup


 Deletes an existing S3 Storage Lens group.

To use this operation, you must have the permission to perform the `s3:DeleteStorageLensGroup` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
DELETE /v20180820/storagelensgroup/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_DeleteStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_DeleteStorageLensGroup-request-uri-uri-Name"></a>
 The name of the Storage Lens group that you're trying to delete.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DeleteStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_DeleteStorageLensGroup-request-header-AccountId"></a>
 The Amazon account ID used to create the Storage Lens group that you're trying to delete.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DeleteStorageLensGroup) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DeleteStorageLensGroup) 

# DescribeJob


Retrieves the configuration parameters and status for a Batch Operations job. For more information, see [S3 Batch Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `DescribeJob` operation, you must have permission to perform the `s3:DescribeJob` action.

Related actions include:
+  [CreateJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [ListJobs](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [UpdateJobPriority](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobPriority.html) 
+  [UpdateJobStatus](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
GET /v20180820/jobs/id HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_DescribeJob_RequestSyntax) **   <a name="AmazonS3-control_DescribeJob-request-uri-uri-JobId"></a>
The ID for the job whose information you want to retrieve.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DescribeJob_RequestSyntax) **   <a name="AmazonS3-control_DescribeJob-request-header-AccountId"></a>
The Amazon Web Services account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<DescribeJobResult>
   <Job>
      <ConfirmationRequired>boolean</ConfirmationRequired>
      <CreationTime>timestamp</CreationTime>
      <Description>string</Description>
      <FailureReasons>
         <JobFailure>
            <FailureCode>string</FailureCode>
            <FailureReason>string</FailureReason>
         </JobFailure>
      </FailureReasons>
      <GeneratedManifestDescriptor>
         <Format>string</Format>
         <Location>
            <ETag>string</ETag>
            <ObjectArn>string</ObjectArn>
            <ObjectVersionId>string</ObjectVersionId>
         </Location>
      </GeneratedManifestDescriptor>
      <JobArn>string</JobArn>
      <JobId>string</JobId>
      <Manifest>
         <Location>
            <ETag>string</ETag>
            <ObjectArn>string</ObjectArn>
            <ObjectVersionId>string</ObjectVersionId>
         </Location>
         <Spec>
            <Fields>
               <member>string</member>
            </Fields>
            <Format>string</Format>
         </Spec>
      </Manifest>
      <ManifestGenerator>
         <S3JobManifestGenerator>
            <EnableManifestOutput>boolean</EnableManifestOutput>
            <ExpectedBucketOwner>string</ExpectedBucketOwner>
            <Filter>
               <CreatedAfter>timestamp</CreatedAfter>
               <CreatedBefore>timestamp</CreatedBefore>
               <EligibleForReplication>boolean</EligibleForReplication>
               <KeyNameConstraint>
                  <MatchAnyPrefix>
                     <member>string</member>
                  </MatchAnyPrefix>
                  <MatchAnySubstring>
                     <member>string</member>
                  </MatchAnySubstring>
                  <MatchAnySuffix>
                     <member>string</member>
                  </MatchAnySuffix>
               </KeyNameConstraint>
               <MatchAnyObjectEncryption>
                  <ObjectEncryption>
                     <DSSE-KMS>
                        <KmsKeyArn>string</KmsKeyArn>
                     </DSSE-KMS>
                     <NOT-SSE>
                     </NOT-SSE>
                     <SSE-C>
                     </SSE-C>
                     <SSE-KMS>
                        <BucketKeyEnabled>boolean</BucketKeyEnabled>
                        <KmsKeyArn>string</KmsKeyArn>
                     </SSE-KMS>
                     <SSE-S3>
                     </SSE-S3>
                  </ObjectEncryption>
               </MatchAnyObjectEncryption>
               <MatchAnyStorageClass>
                  <member>string</member>
               </MatchAnyStorageClass>
               <ObjectReplicationStatuses>
                  <member>string</member>
               </ObjectReplicationStatuses>
               <ObjectSizeGreaterThanBytes>long</ObjectSizeGreaterThanBytes>
               <ObjectSizeLessThanBytes>long</ObjectSizeLessThanBytes>
            </Filter>
            <ManifestOutputLocation>
               <Bucket>string</Bucket>
               <ExpectedManifestBucketOwner>string</ExpectedManifestBucketOwner>
               <ManifestEncryption>
                  <SSE-KMS>
                     <KeyId>string</KeyId>
                  </SSE-KMS>
                  <SSE-S3>
                  </SSE-S3>
               </ManifestEncryption>
               <ManifestFormat>string</ManifestFormat>
               <ManifestPrefix>string</ManifestPrefix>
            </ManifestOutputLocation>
            <SourceBucket>string</SourceBucket>
         </S3JobManifestGenerator>
      </ManifestGenerator>
      <Operation>
         <LambdaInvoke>
            <FunctionArn>string</FunctionArn>
            <InvocationSchemaVersion>string</InvocationSchemaVersion>
            <UserArguments>
               <entry>
                  <key>string</key>
                  <value>string</value>
               </entry>
            </UserArguments>
         </LambdaInvoke>
         <S3ComputeObjectChecksum>
            <ChecksumAlgorithm>string</ChecksumAlgorithm>
            <ChecksumType>string</ChecksumType>
         </S3ComputeObjectChecksum>
         <S3DeleteObjectTagging>
         </S3DeleteObjectTagging>
         <S3InitiateRestoreObject>
            <ExpirationInDays>integer</ExpirationInDays>
            <GlacierJobTier>string</GlacierJobTier>
         </S3InitiateRestoreObject>
         <S3PutObjectAcl>
            <AccessControlPolicy>
               <AccessControlList>
                  <Grants>
                     <S3Grant>
                        <Grantee>
                           <DisplayName>string</DisplayName>
                           <Identifier>string</Identifier>
                           <TypeIdentifier>string</TypeIdentifier>
                        </Grantee>
                        <Permission>string</Permission>
                     </S3Grant>
                  </Grants>
                  <Owner>
                     <DisplayName>string</DisplayName>
                     <ID>string</ID>
                  </Owner>
               </AccessControlList>
               <CannedAccessControlList>string</CannedAccessControlList>
            </AccessControlPolicy>
         </S3PutObjectAcl>
         <S3PutObjectCopy>
            <AccessControlGrants>
               <S3Grant>
                  <Grantee>
                     <DisplayName>string</DisplayName>
                     <Identifier>string</Identifier>
                     <TypeIdentifier>string</TypeIdentifier>
                  </Grantee>
                  <Permission>string</Permission>
               </S3Grant>
            </AccessControlGrants>
            <BucketKeyEnabled>boolean</BucketKeyEnabled>
            <CannedAccessControlList>string</CannedAccessControlList>
            <ChecksumAlgorithm>string</ChecksumAlgorithm>
            <MetadataDirective>string</MetadataDirective>
            <ModifiedSinceConstraint>timestamp</ModifiedSinceConstraint>
            <NewObjectMetadata>
               <CacheControl>string</CacheControl>
               <ContentDisposition>string</ContentDisposition>
               <ContentEncoding>string</ContentEncoding>
               <ContentLanguage>string</ContentLanguage>
               <ContentLength>long</ContentLength>
               <ContentMD5>string</ContentMD5>
               <ContentType>string</ContentType>
               <HttpExpiresDate>timestamp</HttpExpiresDate>
               <RequesterCharged>boolean</RequesterCharged>
               <SSEAlgorithm>string</SSEAlgorithm>
               <UserMetadata>
                  <entry>
                     <key>string</key>
                     <value>string</value>
                  </entry>
               </UserMetadata>
            </NewObjectMetadata>
            <NewObjectTagging>
               <S3Tag>
                  <Key>string</Key>
                  <Value>string</Value>
               </S3Tag>
            </NewObjectTagging>
            <ObjectLockLegalHoldStatus>string</ObjectLockLegalHoldStatus>
            <ObjectLockMode>string</ObjectLockMode>
            <ObjectLockRetainUntilDate>timestamp</ObjectLockRetainUntilDate>
            <RedirectLocation>string</RedirectLocation>
            <RequesterPays>boolean</RequesterPays>
            <SSEAwsKmsKeyId>string</SSEAwsKmsKeyId>
            <StorageClass>string</StorageClass>
            <TargetKeyPrefix>string</TargetKeyPrefix>
            <TargetResource>string</TargetResource>
            <UnModifiedSinceConstraint>timestamp</UnModifiedSinceConstraint>
         </S3PutObjectCopy>
         <S3PutObjectLegalHold>
            <LegalHold>
               <Status>string</Status>
            </LegalHold>
         </S3PutObjectLegalHold>
         <S3PutObjectRetention>
            <BypassGovernanceRetention>boolean</BypassGovernanceRetention>
            <Retention>
               <Mode>string</Mode>
               <RetainUntilDate>timestamp</RetainUntilDate>
            </Retention>
         </S3PutObjectRetention>
         <S3PutObjectTagging>
            <TagSet>
               <S3Tag>
                  <Key>string</Key>
                  <Value>string</Value>
               </S3Tag>
            </TagSet>
         </S3PutObjectTagging>
         <S3ReplicateObject>
         </S3ReplicateObject>
         <S3UpdateObjectEncryption>
            <ObjectEncryption>
               <SSE-KMS>
                  <BucketKeyEnabled>boolean</BucketKeyEnabled>
                  <KMSKeyArn>string</KMSKeyArn>
               </SSE-KMS>
            </ObjectEncryption>
         </S3UpdateObjectEncryption>
      </Operation>
      <Priority>integer</Priority>
      <ProgressSummary>
         <NumberOfTasksFailed>long</NumberOfTasksFailed>
         <NumberOfTasksSucceeded>long</NumberOfTasksSucceeded>
         <Timers>
            <ElapsedTimeInActiveSeconds>long</ElapsedTimeInActiveSeconds>
         </Timers>
         <TotalNumberOfTasks>long</TotalNumberOfTasks>
      </ProgressSummary>
      <Report>
         <Bucket>string</Bucket>
         <Enabled>boolean</Enabled>
         <ExpectedBucketOwner>string</ExpectedBucketOwner>
         <Format>string</Format>
         <Prefix>string</Prefix>
         <ReportScope>string</ReportScope>
      </Report>
      <RoleArn>string</RoleArn>
      <Status>string</Status>
      <StatusUpdateReason>string</StatusUpdateReason>
      <SuspendedCause>string</SuspendedCause>
      <SuspendedDate>timestamp</SuspendedDate>
      <TerminationDate>timestamp</TerminationDate>
   </Job>
</DescribeJobResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [DescribeJobResult](#API_control_DescribeJob_ResponseSyntax) **   <a name="AmazonS3-control_DescribeJob-response-DescribeJobResult"></a>
Root level tag for the DescribeJobResult parameters.  
Required: Yes

 ** [Job](#API_control_DescribeJob_ResponseSyntax) **   <a name="AmazonS3-control_DescribeJob-response-Job"></a>
Contains the configuration parameters and status for the job specified in the `Describe Job` request.  
Type: [JobDescriptor](API_control_JobDescriptor.md) data type

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DescribeJob) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DescribeJob) 

# DescribeMultiRegionAccessPointOperation


**Note**  
This operation is not supported by directory buckets.

Retrieves the status of an asynchronous request to manage a Multi-Region Access Point. For more information about managing Multi-Region Access Points and how asynchronous requests work, see [Using Multi-Region Access Points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MrapOperations.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DeleteMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [GetMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 
+  [ListMultiRegionAccessPoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
GET /v20180820/async-requests/mrap/request_token+ HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [request\$1token](#API_control_DescribeMultiRegionAccessPointOperation_RequestSyntax) **   <a name="AmazonS3-control_DescribeMultiRegionAccessPointOperation-request-uri-uri-RequestTokenARN"></a>
The request token associated with the request you want to know about. This request token is returned as part of the response when you make an asynchronous request. You provide this token to query about the status of the asynchronous action.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+`   
Required: Yes

 ** [x-amz-account-id](#API_control_DescribeMultiRegionAccessPointOperation_RequestSyntax) **   <a name="AmazonS3-control_DescribeMultiRegionAccessPointOperation-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<DescribeMultiRegionAccessPointOperationResult>
   <AsyncOperation>
      <CreationTime>timestamp</CreationTime>
      <Operation>string</Operation>
      <RequestParameters>
         <CreateMultiRegionAccessPointRequest>
            <Name>string</Name>
            <PublicAccessBlock>
               <BlockPublicAcls>boolean</BlockPublicAcls>
               <BlockPublicPolicy>boolean</BlockPublicPolicy>
               <IgnorePublicAcls>boolean</IgnorePublicAcls>
               <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
            </PublicAccessBlock>
            <Regions>
               <Region>
                  <Bucket>string</Bucket>
                  <BucketAccountId>string</BucketAccountId>
               </Region>
            </Regions>
         </CreateMultiRegionAccessPointRequest>
         <DeleteMultiRegionAccessPointRequest>
            <Name>string</Name>
         </DeleteMultiRegionAccessPointRequest>
         <PutMultiRegionAccessPointPolicyRequest>
            <Name>string</Name>
            <Policy>string</Policy>
         </PutMultiRegionAccessPointPolicyRequest>
      </RequestParameters>
      <RequestStatus>string</RequestStatus>
      <RequestTokenARN>string</RequestTokenARN>
      <ResponseDetails>
         <ErrorDetails>
            <Code>string</Code>
            <Message>string</Message>
            <RequestId>string</RequestId>
            <Resource>string</Resource>
         </ErrorDetails>
         <MultiRegionAccessPointDetails>
            <Regions>
               <Region>
                  <Name>string</Name>
                  <RequestStatus>string</RequestStatus>
               </Region>
            </Regions>
         </MultiRegionAccessPointDetails>
      </ResponseDetails>
   </AsyncOperation>
</DescribeMultiRegionAccessPointOperationResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [DescribeMultiRegionAccessPointOperationResult](#API_control_DescribeMultiRegionAccessPointOperation_ResponseSyntax) **   <a name="AmazonS3-control_DescribeMultiRegionAccessPointOperation-response-DescribeMultiRegionAccessPointOperationResult"></a>
Root level tag for the DescribeMultiRegionAccessPointOperationResult parameters.  
Required: Yes

 ** [AsyncOperation](#API_control_DescribeMultiRegionAccessPointOperation_ResponseSyntax) **   <a name="AmazonS3-control_DescribeMultiRegionAccessPointOperation-response-AsyncOperation"></a>
A container element containing the details of the asynchronous operation.  
Type: [AsyncOperation](API_control_AsyncOperation.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DescribeMultiRegionAccessPointOperation) 

# DissociateAccessGrantsIdentityCenter


Dissociates the Amazon IAM Identity Center instance from the S3 Access Grants instance. 

Permissions  
You must have the `s3:DissociateAccessGrantsIdentityCenter` permission to use this operation. 

Additional Permissions  
You must have the `sso:DeleteApplication` permission to use this operation. 

## Request Syntax


```
DELETE /v20180820/accessgrantsinstance/identitycenter HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_DissociateAccessGrantsIdentityCenter_RequestSyntax) **   <a name="AmazonS3-control_DissociateAccessGrantsIdentityCenter-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/DissociateAccessGrantsIdentityCenter) 

# GetAccessGrant


Get the details of an access grant from your S3 Access Grants instance.

Permissions  
You must have the `s3:GetAccessGrant` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/grant/id HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_GetAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrant-request-uri-uri-AccessGrantId"></a>
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessGrant_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrant-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessGrantResult>
   <CreatedAt>timestamp</CreatedAt>
   <AccessGrantId>string</AccessGrantId>
   <AccessGrantArn>string</AccessGrantArn>
   <Grantee>
      <GranteeIdentifier>string</GranteeIdentifier>
      <GranteeType>string</GranteeType>
   </Grantee>
   <Permission>string</Permission>
   <AccessGrantsLocationId>string</AccessGrantsLocationId>
   <AccessGrantsLocationConfiguration>
      <S3SubPrefix>string</S3SubPrefix>
   </AccessGrantsLocationConfiguration>
   <GrantScope>string</GrantScope>
   <ApplicationArn>string</ApplicationArn>
</GetAccessGrantResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantResult](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-GetAccessGrantResult"></a>
Root level tag for the GetAccessGrantResult parameters.  
Required: Yes

 ** [AccessGrantArn](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-AccessGrantArn"></a>
The Amazon Resource Name (ARN) of the access grant.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/grant/[a-zA-Z0-9\-]+` 

 ** [AccessGrantId](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-AccessGrantId"></a>
The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationConfiguration](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-AccessGrantsLocationConfiguration"></a>
The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access.   
Type: [AccessGrantsLocationConfiguration](API_control_AccessGrantsLocationConfiguration.md) data type

 ** [AccessGrantsLocationId](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-AccessGrantsLocationId"></a>
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [ApplicationArn](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-ApplicationArn"></a>
The Amazon Resource Name (ARN) of an Amazon IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [CreatedAt](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-CreatedAt"></a>
The date and time when you created the access grant.   
Type: Timestamp

 ** [Grantee](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-Grantee"></a>
The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added a corporate directory to Amazon IAM Identity Center and associated this Identity Center instance with the S3 Access Grants instance, the grantee can also be a corporate directory user or group.  
Type: [Grantee](API_control_Grantee.md) data type

 ** [GrantScope](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-GrantScope"></a>
The S3 path of the data to which you are granting access. It is the result of appending the `Subprefix` to the location scope.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [Permission](#API_control_GetAccessGrant_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrant-response-Permission"></a>
The type of permission that was granted in the access grant. Can be one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Type: String  
Valid Values: `READ | WRITE | READWRITE` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessGrant) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrant) 

# GetAccessGrantsInstance


Retrieves the S3 Access Grants instance for a Region in your account. 

Permissions  
You must have the `s3:GetAccessGrantsInstance` permission to use this operation. 

**Note**  
 `GetAccessGrantsInstance` is not supported for cross-account access. You can only call the API from the account that owns the S3 Access Grants instance.

## Request Syntax


```
GET /v20180820/accessgrantsinstance HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_GetAccessGrantsInstance_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessGrantsInstanceResult>
   <AccessGrantsInstanceArn>string</AccessGrantsInstanceArn>
   <AccessGrantsInstanceId>string</AccessGrantsInstanceId>
   <IdentityCenterArn>string</IdentityCenterArn>
   <IdentityCenterInstanceArn>string</IdentityCenterInstanceArn>
   <IdentityCenterApplicationArn>string</IdentityCenterApplicationArn>
   <CreatedAt>timestamp</CreatedAt>
</GetAccessGrantsInstanceResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsInstanceResult](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-response-GetAccessGrantsInstanceResult"></a>
Root level tag for the GetAccessGrantsInstanceResult parameters.  
Required: Yes

 ** [AccessGrantsInstanceArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-response-AccessGrantsInstanceArn"></a>
The Amazon Resource Name (ARN) of the S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsInstanceId](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-response-AccessGrantsInstanceId"></a>
The ID of the S3 Access Grants instance. The ID is `default`. You can have one S3 Access Grants instance per Region per account.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-response-CreatedAt"></a>
The date and time when you created the S3 Access Grants instance.   
Type: Timestamp

 ** [IdentityCenterApplicationArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-response-IdentityCenterApplicationArn"></a>
If you associated your S3 Access Grants instance with an Amazon IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [IdentityCenterArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-response-IdentityCenterArn"></a>
 *This parameter has been deprecated.*   
If you associated your S3 Access Grants instance with an Amazon IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

 ** [IdentityCenterInstanceArn](#API_control_GetAccessGrantsInstance_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstance-response-IdentityCenterInstanceArn"></a>
The Amazon Resource Name (ARN) of the Amazon IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the [ListInstances](https://docs.amazonaws.cn/singlesignon/latest/APIReference/API_ListInstances.html) API operation to retrieve a list of your Identity Center instances and their ARNs.  
Type: String  
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessGrantsInstance) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsInstance) 

# GetAccessGrantsInstanceForPrefix


Retrieve the S3 Access Grants instance that contains a particular prefix. 

Permissions  
You must have the `s3:GetAccessGrantsInstanceForPrefix` permission for the caller account to use this operation. 

Additional Permissions  
The prefix owner account must grant you the following permissions to their S3 Access Grants instance: `s3:GetAccessGrantsInstanceForPrefix`. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/prefix?s3prefix=S3Prefix HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [s3prefix](#API_control_GetAccessGrantsInstanceForPrefix_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceForPrefix-request-uri-querystring-S3Prefix"></a>
The S3 prefix of the access grants that you would like to retrieve.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessGrantsInstanceForPrefix_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceForPrefix-request-header-AccountId"></a>
The ID of the Amazon account that is making this request.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessGrantsInstanceForPrefixResult>
   <AccessGrantsInstanceArn>string</AccessGrantsInstanceArn>
   <AccessGrantsInstanceId>string</AccessGrantsInstanceId>
</GetAccessGrantsInstanceForPrefixResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsInstanceForPrefixResult](#API_control_GetAccessGrantsInstanceForPrefix_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceForPrefix-response-GetAccessGrantsInstanceForPrefixResult"></a>
Root level tag for the GetAccessGrantsInstanceForPrefixResult parameters.  
Required: Yes

 ** [AccessGrantsInstanceArn](#API_control_GetAccessGrantsInstanceForPrefix_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceForPrefix-response-AccessGrantsInstanceArn"></a>
The Amazon Resource Name (ARN) of the S3 Access Grants instance.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsInstanceId](#API_control_GetAccessGrantsInstanceForPrefix_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceForPrefix-response-AccessGrantsInstanceId"></a>
The ID of the S3 Access Grants instance. The ID is `default`. You can have one S3 Access Grants instance per Region per account.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsInstanceForPrefix) 

# GetAccessGrantsInstanceResourcePolicy


Returns the resource policy of the S3 Access Grants instance. 

Permissions  
You must have the `s3:GetAccessGrantsInstanceResourcePolicy` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/resourcepolicy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_GetAccessGrantsInstanceResourcePolicy_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceResourcePolicy-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessGrantsInstanceResourcePolicyResult>
   <Policy>string</Policy>
   <Organization>string</Organization>
   <CreatedAt>timestamp</CreatedAt>
</GetAccessGrantsInstanceResourcePolicyResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsInstanceResourcePolicyResult](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceResourcePolicy-response-GetAccessGrantsInstanceResourcePolicyResult"></a>
Root level tag for the GetAccessGrantsInstanceResourcePolicyResult parameters.  
Required: Yes

 ** [CreatedAt](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceResourcePolicy-response-CreatedAt"></a>
The date and time when you created the S3 Access Grants instance resource policy.   
Type: Timestamp

 ** [Organization](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceResourcePolicy-response-Organization"></a>
The Organization of the resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 12. Maximum length of 34.  
Pattern: `^o-[a-z0-9]{10,32}$` 

 ** [Policy](#API_control_GetAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsInstanceResourcePolicy-response-Policy"></a>
The resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 350000.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicy) 

# GetAccessGrantsLocation


Retrieves the details of a particular location registered in your S3 Access Grants instance. 

Permissions  
You must have the `s3:GetAccessGrantsLocation` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/location/id HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_GetAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-request-uri-uri-AccessGrantsLocationId"></a>
The ID of the registered location that you are retrieving. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessGrantsLocationResult>
   <CreatedAt>timestamp</CreatedAt>
   <AccessGrantsLocationId>string</AccessGrantsLocationId>
   <AccessGrantsLocationArn>string</AccessGrantsLocationArn>
   <LocationScope>string</LocationScope>
   <IAMRoleArn>string</IAMRoleArn>
</GetAccessGrantsLocationResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessGrantsLocationResult](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-response-GetAccessGrantsLocationResult"></a>
Root level tag for the GetAccessGrantsLocationResult parameters.  
Required: Yes

 ** [AccessGrantsLocationArn](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-response-AccessGrantsLocationArn"></a>
The Amazon Resource Name (ARN) of the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/location/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationId](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-response-AccessGrantsLocationId"></a>
The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-response-CreatedAt"></a>
The date and time when you registered the location.   
Type: Timestamp

 ** [IAMRoleArn](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-response-IAMRoleArn"></a>
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*` 

 ** [LocationScope](#API_control_GetAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessGrantsLocation-response-LocationScope"></a>
The S3 URI path to the registered location. The location scope can be the default S3 location `s3://`, the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessGrantsLocation) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessGrantsLocation) 

# GetAccessPoint


Returns configuration information about the specified access point.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPoint.html#API_control_GetAccessPoint_Examples) section.

The following actions are related to `GetAccessPoint`:
+  [CreateAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [DeleteAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPoint.html) 
+  [ListAccessPoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPoints.html) 

## Request Syntax


```
GET /v20180820/accesspoint/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPoint-request-uri-uri-Name"></a>
The name of the access point whose configuration information you want to retrieve.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPoint-request-header-AccountId"></a>
The Amazon Web Services account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointResult>
   <Name>string</Name>
   <Bucket>string</Bucket>
   <NetworkOrigin>string</NetworkOrigin>
   <VpcConfiguration>
      <VpcId>string</VpcId>
   </VpcConfiguration>
   <PublicAccessBlockConfiguration>
      <BlockPublicAcls>boolean</BlockPublicAcls>
      <BlockPublicPolicy>boolean</BlockPublicPolicy>
      <IgnorePublicAcls>boolean</IgnorePublicAcls>
      <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
   </PublicAccessBlockConfiguration>
   <CreationDate>timestamp</CreationDate>
   <Alias>string</Alias>
   <AccessPointArn>string</AccessPointArn>
   <Endpoints>
      <entry>
         <key>string</key>
         <value>string</value>
      </entry>
   </Endpoints>
   <BucketAccountId>string</BucketAccountId>
   <DataSourceId>string</DataSourceId>
   <DataSourceType>string</DataSourceType>
</GetAccessPointResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointResult](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-GetAccessPointResult"></a>
Root level tag for the GetAccessPointResult parameters.  
Required: Yes

 ** [AccessPointArn](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-AccessPointArn"></a>
The ARN of the access point.  
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 128.

 ** [Alias](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-Alias"></a>
The name or alias of the access point.  
Type: String  
Length Constraints: Maximum length of 63.  
Pattern: `^[0-9a-z\\-]{63}` 

 ** [Bucket](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-Bucket"></a>
The name of the bucket associated with the specified access point.  
Type: String  
Length Constraints: Maximum length of 255.

 ** [BucketAccountId](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-BucketAccountId"></a>
The Amazon Web Services account ID associated with the S3 bucket associated with this access point.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$` 

 ** [CreationDate](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-CreationDate"></a>
The date and time when the specified access point was created.  
Type: Timestamp

 ** [DataSourceId](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-DataSourceId"></a>
The unique identifier for the data source of the access point.  
Type: String  
Length Constraints: Maximum length of 191.

 ** [DataSourceType](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-DataSourceType"></a>
The type of the data source that the access point is attached to.  
Type: String

 ** [Endpoints](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-Endpoints"></a>
The VPC endpoint for the access point.  
Type: String to string map  
Key Length Constraints: Minimum length of 1. Maximum length of 64.  
Value Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [Name](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-Name"></a>
The name of the specified access point.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [NetworkOrigin](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-NetworkOrigin"></a>
Indicates whether this access point allows access from the public internet. If `VpcConfiguration` is specified for this access point, then `NetworkOrigin` is `VPC`, and the access point doesn't allow access from the public internet. Otherwise, `NetworkOrigin` is `Internet`, and the access point allows access from the public internet, subject to the access point and bucket access policies.  
This will always be true for an Amazon S3 on Outposts access point  
Type: String  
Valid Values: `Internet | VPC` 

 ** [PublicAccessBlockConfiguration](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-PublicAccessBlockConfiguration"></a>
The `PublicAccessBlock` configuration that you want to apply to this Amazon S3 account. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of "Public"](https://docs.amazonaws.cn/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.  
This data type is not supported for Amazon S3 on Outposts.  
Type: [PublicAccessBlockConfiguration](API_control_PublicAccessBlockConfiguration.md) data type

 ** [VpcConfiguration](#API_control_GetAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPoint-response-VpcConfiguration"></a>
Contains the virtual private cloud (VPC) configuration for the specified access point.  
This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other Amazon Web Services services.
Type: [VpcConfiguration](API_control_VpcConfiguration.md) data type

## Examples


### Sample request syntax for getting an Amazon S3 on Outposts access point


The following request returns the access point of the specified S3 on Outposts access point.

```
           GET /v20180820/accesspoint/example-access-point HTTP/1.1
           Host: s3-outposts.<Region>.amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPoint) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPoint) 

# GetAccessPointConfigurationForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns configuration for an Object Lambda Access Point.

The following actions are related to `GetAccessPointConfigurationForObjectLambda`:
+  [PutAccessPointConfigurationForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutAccessPointConfigurationForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name/configuration HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointConfigurationForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointConfigurationForObjectLambda-request-uri-uri-Name"></a>
The name of the Object Lambda Access Point you want to return the configuration for.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointConfigurationForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointConfigurationForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointConfigurationForObjectLambdaResult>
   <Configuration>
      <AllowedFeatures>
         <AllowedFeature>string</AllowedFeature>
      </AllowedFeatures>
      <CloudWatchMetricsEnabled>boolean</CloudWatchMetricsEnabled>
      <SupportingAccessPoint>string</SupportingAccessPoint>
      <TransformationConfigurations>
         <TransformationConfiguration>
            <Actions>
               <Action>string</Action>
            </Actions>
            <ContentTransformation>
               <AwsLambda>
                  <FunctionArn>string</FunctionArn>
                  <FunctionPayload>string</FunctionPayload>
               </AwsLambda>
            </ContentTransformation>
         </TransformationConfiguration>
      </TransformationConfigurations>
   </Configuration>
</GetAccessPointConfigurationForObjectLambdaResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointConfigurationForObjectLambdaResult](#API_control_GetAccessPointConfigurationForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointConfigurationForObjectLambda-response-GetAccessPointConfigurationForObjectLambdaResult"></a>
Root level tag for the GetAccessPointConfigurationForObjectLambdaResult parameters.  
Required: Yes

 ** [Configuration](#API_control_GetAccessPointConfigurationForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointConfigurationForObjectLambda-response-Configuration"></a>
Object Lambda Access Point configuration document.  
Type: [ObjectLambdaConfiguration](API_control_ObjectLambdaConfiguration.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambda) 

# GetAccessPointForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns configuration information about the specified Object Lambda Access Point

The following actions are related to `GetAccessPointForObjectLambda`:
+  [CreateAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html) 
+  [DeleteAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html) 
+  [ListAccessPointsForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointForObjectLambda-request-uri-uri-Name"></a>
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointForObjectLambdaResult>
   <Name>string</Name>
   <PublicAccessBlockConfiguration>
      <BlockPublicAcls>boolean</BlockPublicAcls>
      <BlockPublicPolicy>boolean</BlockPublicPolicy>
      <IgnorePublicAcls>boolean</IgnorePublicAcls>
      <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
   </PublicAccessBlockConfiguration>
   <CreationDate>timestamp</CreationDate>
   <Alias>
      <Status>string</Status>
      <Value>string</Value>
   </Alias>
</GetAccessPointForObjectLambdaResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointForObjectLambdaResult](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointForObjectLambda-response-GetAccessPointForObjectLambdaResult"></a>
Root level tag for the GetAccessPointForObjectLambdaResult parameters.  
Required: Yes

 ** [Alias](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointForObjectLambda-response-Alias"></a>
The alias of the Object Lambda Access Point.  
Type: [ObjectLambdaAccessPointAlias](API_control_ObjectLambdaAccessPointAlias.md) data type

 ** [CreationDate](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointForObjectLambda-response-CreationDate"></a>
The date and time when the specified Object Lambda Access Point was created.  
Type: Timestamp

 ** [Name](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointForObjectLambda-response-Name"></a>
The name of the Object Lambda Access Point.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$` 

 ** [PublicAccessBlockConfiguration](#API_control_GetAccessPointForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointForObjectLambda-response-PublicAccessBlockConfiguration"></a>
Configuration to block all public access. This setting is turned on and can not be edited.   
Type: [PublicAccessBlockConfiguration](API_control_PublicAccessBlockConfiguration.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPointForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointForObjectLambda) 

# GetAccessPointPolicy


Returns the access point policy associated with the specified access point.

The following actions are related to `GetAccessPointPolicy`:
+  [PutAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html) 
+  [DeleteAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html) 

## Request Syntax


```
GET /v20180820/accesspoint/name/policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicy-request-uri-uri-Name"></a>
The name of the access point whose policy you want to retrieve.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicy-request-header-AccountId"></a>
The account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointPolicyResult>
   <Policy>string</Policy>
</GetAccessPointPolicyResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyResult](#API_control_GetAccessPointPolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicy-response-GetAccessPointPolicyResult"></a>
Root level tag for the GetAccessPointPolicyResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetAccessPointPolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicy-response-Policy"></a>
The access point policy associated with the specified access point.  
Type: String

## Examples


### Sample request


The following request returns the access point of the specified Amazon S3 on Outposts.

```
           GET /v20180820/accesspoint/example-access-point/policy  HTTP/1.1
           Host: s3-outposts.<Region>.amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: 123456789012
           x-amz-outpost-id: op-123456
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPointPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicy) 

# GetAccessPointPolicyForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns the resource policy for an Object Lambda Access Point.

The following actions are related to `GetAccessPointPolicyForObjectLambda`:
+  [DeleteAccessPointPolicyForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointPolicyForObjectLambda.html) 
+  [PutAccessPointPolicyForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutAccessPointPolicyForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name/policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyForObjectLambda-request-uri-uri-Name"></a>
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointPolicyForObjectLambdaResult>
   <Policy>string</Policy>
</GetAccessPointPolicyForObjectLambdaResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyForObjectLambdaResult](#API_control_GetAccessPointPolicyForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyForObjectLambda-response-GetAccessPointPolicyForObjectLambdaResult"></a>
Root level tag for the GetAccessPointPolicyForObjectLambdaResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetAccessPointPolicyForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyForObjectLambda-response-Policy"></a>
Object Lambda Access Point resource policy document.  
Type: String

## Examples


### Sample resource policy


The following illustrates a sample resource policy.

```
{
    "Version" : "2008-10-17",		 	 	 
    "Statement":[{
        "Sid": "Grant account 123456789012 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::123456789012:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        },
        {
        "Sid": "Grant account 444455556666 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::444455556666:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        }
    ]
}
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicyForObjectLambda) 

# GetAccessPointPolicyStatus


**Note**  
This operation is not supported by directory buckets.

Indicates whether the specified access point currently has a policy that allows public access. For more information about public access through access points, see [Managing Data Access with Amazon S3 access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/accesspoint/name/policyStatus HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicyStatus_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatus-request-uri-uri-Name"></a>
The name of the access point whose policy status you want to retrieve.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicyStatus_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatus-request-header-AccountId"></a>
The account ID for the account that owns the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointPolicyStatusResult>
   <PolicyStatus>
      <IsPublic>boolean</IsPublic>
   </PolicyStatus>
</GetAccessPointPolicyStatusResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyStatusResult](#API_control_GetAccessPointPolicyStatus_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatus-response-GetAccessPointPolicyStatusResult"></a>
Root level tag for the GetAccessPointPolicyStatusResult parameters.  
Required: Yes

 ** [PolicyStatus](#API_control_GetAccessPointPolicyStatus_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatus-response-PolicyStatus"></a>
Indicates the current policy status of the specified access point.  
Type: [PolicyStatus](API_control_PolicyStatus.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPointPolicyStatus) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicyStatus) 

# GetAccessPointPolicyStatusForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns the status of the resource policy associated with an Object Lambda Access Point.

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda/name/policyStatus HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointPolicyStatusForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatusForObjectLambda-request-uri-uri-Name"></a>
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointPolicyStatusForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatusForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointPolicyStatusForObjectLambdaResult>
   <PolicyStatus>
      <IsPublic>boolean</IsPublic>
   </PolicyStatus>
</GetAccessPointPolicyStatusForObjectLambdaResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointPolicyStatusForObjectLambdaResult](#API_control_GetAccessPointPolicyStatusForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatusForObjectLambda-response-GetAccessPointPolicyStatusForObjectLambdaResult"></a>
Root level tag for the GetAccessPointPolicyStatusForObjectLambdaResult parameters.  
Required: Yes

 ** [PolicyStatus](#API_control_GetAccessPointPolicyStatusForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointPolicyStatusForObjectLambda-response-PolicyStatus"></a>
Indicates whether this access point policy is public. For more information about how Amazon S3 evaluates policies to determine whether they are public, see [The Meaning of "Public"](https://docs.amazonaws.cn/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.   
Type: [PolicyStatus](API_control_PolicyStatus.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambda) 

# GetAccessPointScope


 Returns the access point scope for a directory bucket.

To use this operation, you must have the permission to perform the `s3express:GetAccessPointScope` action.

For information about REST API errors, see [REST error responses](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
GET /v20180820/accesspoint/name/scope HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointScope-request-uri-uri-Name"></a>
The name of the access point with the scope you want to retrieve.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_GetAccessPointScope-request-header-AccountId"></a>
 The Amazon account ID that owns the access point with the scope that you want to retrieve.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetAccessPointScopeResult>
   <Scope>
      <Permissions>
         <Permission>string</Permission>
      </Permissions>
      <Prefixes>
         <Prefix>string</Prefix>
      </Prefixes>
   </Scope>
</GetAccessPointScopeResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetAccessPointScopeResult](#API_control_GetAccessPointScope_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointScope-response-GetAccessPointScopeResult"></a>
Root level tag for the GetAccessPointScopeResult parameters.  
Required: Yes

 ** [Scope](#API_control_GetAccessPointScope_ResponseSyntax) **   <a name="AmazonS3-control_GetAccessPointScope-response-Scope"></a>
The contents of the access point scope.  
Type: [Scope](API_control_Scope.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetAccessPointScope) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetAccessPointScope) 

# GetBucket


Gets an Amazon S3 on Outposts bucket. For more information, see [ Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the `s3-outposts:GetBucket` permissions on the specified Outposts bucket and belong to the Outposts bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. 

If you don't have `s3-outposts:GetBucket` permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `403 Access Denied` error.

The following actions are related to `GetBucket` for Amazon S3 on Outposts:

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucket.html#API_control_GetBucket_Examples) section.
+  [PutObject](https://docs.amazonaws.cn/AmazonS3/latest/API/API_PutObject.html) 
+  [CreateBucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateBucket.html) 
+  [DeleteBucket](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucket.html) 

## Request Syntax


```
GET /v20180820/bucket/name HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucket_RequestSyntax) **   <a name="AmazonS3-control_GetBucket-request-header-Bucket"></a>
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucket_RequestSyntax) **   <a name="AmazonS3-control_GetBucket-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetBucketResult>
   <Bucket>string</Bucket>
   <PublicAccessBlockEnabled>boolean</PublicAccessBlockEnabled>
   <CreationDate>timestamp</CreationDate>
</GetBucketResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketResult](#API_control_GetBucket_ResponseSyntax) **   <a name="AmazonS3-control_GetBucket-response-GetBucketResult"></a>
Root level tag for the GetBucketResult parameters.  
Required: Yes

 ** [Bucket](#API_control_GetBucket_ResponseSyntax) **   <a name="AmazonS3-control_GetBucket-response-Bucket"></a>
The Outposts bucket requested.  
Type: String  
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [CreationDate](#API_control_GetBucket_ResponseSyntax) **   <a name="AmazonS3-control_GetBucket-response-CreationDate"></a>
The creation date of the Outposts bucket.  
Type: Timestamp

 ** [PublicAccessBlockEnabled](#API_control_GetBucket_ResponseSyntax) **   <a name="AmazonS3-control_GetBucket-response-PublicAccessBlockEnabled"></a>
  
Type: Boolean

## Examples


### Sample request for getting Amazon S3 on Outposts bucket


This example illustrates one usage of GetBucket.

```
GET /v20180820/bucket/example-outpost-bucket/ HTTP/1.1
Host: s3-outposts.<Region>.amazonaws.com  
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-Date: 20200928T203757Z
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetBucket) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetBucket) 

# GetBucketLifecycleConfiguration


**Note**  
This action gets an Amazon S3 on Outposts bucket's lifecycle configuration. To get an S3 bucket's lifecycle configuration, see [GetBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) in the *Amazon S3 API Reference*. 

Returns the lifecycle configuration information set on the Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) and for information about lifecycle configuration, see [ Object Lifecycle Management](https://docs.amazonaws.cn/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in *Amazon S3 User Guide*.

To use this action, you must have permission to perform the `s3-outposts:GetLifecycleConfiguration` action. The Outposts bucket owner has this permission, by default. The bucket owner can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing Access Permissions to Your Amazon S3 Resources](https://docs.amazonaws.cn/AmazonS3/latest/userguide/s3-access-control.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html#API_control_GetBucketLifecycleConfiguration_Examples) section.

 `GetBucketLifecycleConfiguration` has the following special error:
+ Error code: `NoSuchLifecycleConfiguration` 
  + Description: The lifecycle configuration does not exist.
  + HTTP Status Code: 404 Not Found
  + SOAP Fault Code Prefix: Client

The following actions are related to `GetBucketLifecycleConfiguration`:
+  [PutBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [DeleteBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketLifecycleConfiguration.html) 

## Request Syntax


```
GET /v20180820/bucket/name/lifecycleconfiguration HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_GetBucketLifecycleConfiguration-request-header-Bucket"></a>
The Amazon Resource Name (ARN) of the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_GetBucketLifecycleConfiguration-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetBucketLifecycleConfigurationResult>
   <Rules>
      <Rule>
         <AbortIncompleteMultipartUpload>
            <DaysAfterInitiation>integer</DaysAfterInitiation>
         </AbortIncompleteMultipartUpload>
         <Expiration>
            <Date>timestamp</Date>
            <Days>integer</Days>
            <ExpiredObjectDeleteMarker>boolean</ExpiredObjectDeleteMarker>
         </Expiration>
         <Filter>
            <And>
               <ObjectSizeGreaterThan>long</ObjectSizeGreaterThan>
               <ObjectSizeLessThan>long</ObjectSizeLessThan>
               <Prefix>string</Prefix>
               <Tags>
                  <S3Tag>
                     <Key>string</Key>
                     <Value>string</Value>
                  </S3Tag>
               </Tags>
            </And>
            <ObjectSizeGreaterThan>long</ObjectSizeGreaterThan>
            <ObjectSizeLessThan>long</ObjectSizeLessThan>
            <Prefix>string</Prefix>
            <Tag>
               <Key>string</Key>
               <Value>string</Value>
            </Tag>
         </Filter>
         <ID>string</ID>
         <NoncurrentVersionExpiration>
            <NewerNoncurrentVersions>integer</NewerNoncurrentVersions>
            <NoncurrentDays>integer</NoncurrentDays>
         </NoncurrentVersionExpiration>
         <NoncurrentVersionTransitions>
            <NoncurrentVersionTransition>
               <NoncurrentDays>integer</NoncurrentDays>
               <StorageClass>string</StorageClass>
            </NoncurrentVersionTransition>
         </NoncurrentVersionTransitions>
         <Status>string</Status>
         <Transitions>
            <Transition>
               <Date>timestamp</Date>
               <Days>integer</Days>
               <StorageClass>string</StorageClass>
            </Transition>
         </Transitions>
      </Rule>
   </Rules>
</GetBucketLifecycleConfigurationResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketLifecycleConfigurationResult](#API_control_GetBucketLifecycleConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketLifecycleConfiguration-response-GetBucketLifecycleConfigurationResult"></a>
Root level tag for the GetBucketLifecycleConfigurationResult parameters.  
Required: Yes

 ** [Rules](#API_control_GetBucketLifecycleConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketLifecycleConfiguration-response-Rules"></a>
Container for the lifecycle rule of the Outposts bucket.  
Type: Array of [LifecycleRule](API_control_LifecycleRule.md) data types

## Examples


### Sample request to get the lifecycle configuration of the Amazon S3 on Outposts bucket


The following example shows how to get the lifecycle configuration of the Outposts bucket.

```
            GET /v20180820/bucket/example-outpost-bucket/lifecycleconfiguration HTTP/1.1
            Host: s3-outposts.<Region>.amazonaws.com 
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-date: Thu, 15 Nov 2012 00:17:21 GMT
            Authorization: signatureValue
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketLifecycleConfiguration) 

# GetBucketPolicy


**Note**  
This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see [GetBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_GetBucketPolicy.html) in the *Amazon S3 API Reference*. 

Returns the policy of a specified Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the `GetBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this action.

Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. If you don't have `s3-outposts:GetBucketPolicy` permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `403 Access Denied` error.

**Important**  
As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see [Using Bucket Policies and User Policies](https://docs.amazonaws.cn/AmazonS3/latest/dev/using-iam-policies.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketPolicy.html#API_control_GetBucketPolicy_Examples) section.

The following actions are related to `GetBucketPolicy`:
+  [GetObject](https://docs.amazonaws.cn/AmazonS3/latest/API/API_GetObject.html) 
+  [PutBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketPolicy.html) 
+  [DeleteBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html) 

## Request Syntax


```
GET /v20180820/bucket/name/policy HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_GetBucketPolicy-request-header-Bucket"></a>
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_GetBucketPolicy-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetBucketPolicyResult>
   <Policy>string</Policy>
</GetBucketPolicyResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketPolicyResult](#API_control_GetBucketPolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketPolicy-response-GetBucketPolicyResult"></a>
Root level tag for the GetBucketPolicyResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetBucketPolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketPolicy-response-Policy"></a>
The policy of the Outposts bucket.  
Type: String

## Examples


### Sample GetBucketPolicy request for an Amazon S3 on Outposts bucket


The following request gets the policy of the specified Outposts bucket `example-outpost-bucket`.

```
           GET /v20180820/bucket/example-outpost-bucket/policy HTTP/1.1
           Host: s3-outposts.<Region>.amazonaws.com
           Date: Wed, 28 Oct 2009 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetBucketPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketPolicy) 

# GetBucketReplication


**Note**  
This operation gets an Amazon S3 on Outposts bucket's replication configuration. To get an S3 bucket's replication configuration, see [GetBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_GetBucketReplication.html) in the *Amazon S3 API Reference*. 

Returns the replication configuration of an S3 on Outposts bucket. For more information about S3 on Outposts, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*. For information about S3 replication on Outposts configuration, see [Replicating objects for S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsReplication.html) in the *Amazon S3 User Guide*.

**Note**  
It can take a while to propagate `PUT` or `DELETE` requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a `GET` request soon after a `PUT` or `DELETE` request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.

This action requires permissions for the `s3-outposts:GetReplicationConfiguration` action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see [Setting up IAM with S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsIAM.html) and [Managing access to S3 on Outposts bucket](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsBucketPolicy.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketReplication.html#API_control_GetBucketReplication_Examples) section.

If you include the `Filter` element in a replication configuration, you must also include the `DeleteMarkerReplication`, `Status`, and `Priority` elements. The response also returns those elements.

For information about S3 on Outposts replication failure reasons, see [Replication failure reasons](https://docs.amazonaws.cn/AmazonS3/latest/userguide/outposts-replication-eventbridge.html#outposts-replication-failure-codes) in the *Amazon S3 User Guide*.

The following operations are related to `GetBucketReplication`:
+  [PutBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketReplication.html) 
+  [DeleteBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketReplication.html) 

## Request Syntax


```
GET /v20180820/bucket/name/replication HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_GetBucketReplication-request-header-Bucket"></a>
Specifies the bucket to get the replication information for.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_GetBucketReplication-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetBucketReplicationResult>
   <ReplicationConfiguration>
      <Role>string</Role>
      <Rules>
         <Rule>
            <Bucket>string</Bucket>
            <DeleteMarkerReplication>
               <Status>string</Status>
            </DeleteMarkerReplication>
            <Destination>
               <AccessControlTranslation>
                  <Owner>string</Owner>
               </AccessControlTranslation>
               <Account>string</Account>
               <Bucket>string</Bucket>
               <EncryptionConfiguration>
                  <ReplicaKmsKeyID>string</ReplicaKmsKeyID>
               </EncryptionConfiguration>
               <Metrics>
                  <EventThreshold>
                     <Minutes>integer</Minutes>
                  </EventThreshold>
                  <Status>string</Status>
               </Metrics>
               <ReplicationTime>
                  <Status>string</Status>
                  <Time>
                     <Minutes>integer</Minutes>
                  </Time>
               </ReplicationTime>
               <StorageClass>string</StorageClass>
            </Destination>
            <ExistingObjectReplication>
               <Status>string</Status>
            </ExistingObjectReplication>
            <Filter>
               <And>
                  <Prefix>string</Prefix>
                  <Tags>
                     <S3Tag>
                        <Key>string</Key>
                        <Value>string</Value>
                     </S3Tag>
                  </Tags>
               </And>
               <Prefix>string</Prefix>
               <Tag>
                  <Key>string</Key>
                  <Value>string</Value>
               </Tag>
            </Filter>
            <ID>string</ID>
            <Prefix>string</Prefix>
            <Priority>integer</Priority>
            <SourceSelectionCriteria>
               <ReplicaModifications>
                  <Status>string</Status>
               </ReplicaModifications>
               <SseKmsEncryptedObjects>
                  <Status>string</Status>
               </SseKmsEncryptedObjects>
            </SourceSelectionCriteria>
            <Status>string</Status>
         </Rule>
      </Rules>
   </ReplicationConfiguration>
</GetBucketReplicationResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketReplicationResult](#API_control_GetBucketReplication_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketReplication-response-GetBucketReplicationResult"></a>
Root level tag for the GetBucketReplicationResult parameters.  
Required: Yes

 ** [ReplicationConfiguration](#API_control_GetBucketReplication_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketReplication-response-ReplicationConfiguration"></a>
A container for one or more replication rules. A replication configuration must have at least one rule and you can add up to 100 rules. The maximum size of a replication configuration is 128 KB.  
Type: [ReplicationConfiguration](API_control_ReplicationConfiguration.md) data type

## Examples


### Sample request to get the replication configuration of an Amazon S3 on Outposts bucket


The following example shows how to get the replication configuration of an Outposts bucket.

```
GET /v20180820/bucket/example-outpost-bucket/replication HTTP/1.1
Host: s3-outposts.<Region>.amazonaws.com 
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
Authorization: signatureValue
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetBucketReplication) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketReplication) 

# GetBucketTagging


**Note**  
This action gets an Amazon S3 on Outposts bucket's tags. To get an S3 bucket tags, see [GetBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_GetBucketTagging.html) in the *Amazon S3 API Reference*. 

Returns the tag set associated with the Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

To use this action, you must have permission to perform the `GetBucketTagging` action. By default, the bucket owner has this permission and can grant this permission to others.

 `GetBucketTagging` has the following special error:
+ Error code: `NoSuchTagSetError` 
  + Description: There is no tag set associated with the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketTagging.html#API_control_GetBucketTagging_Examples) section.

The following actions are related to `GetBucketTagging`:
+  [PutBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketTagging.html) 
+  [DeleteBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketTagging.html) 

## Request Syntax


```
GET /v20180820/bucket/name/tagging HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_GetBucketTagging-request-header-Bucket"></a>
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_GetBucketTagging-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetBucketTaggingResult>
   <TagSet>
      <S3Tag>
         <Key>string</Key>
         <Value>string</Value>
      </S3Tag>
   </TagSet>
</GetBucketTaggingResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketTaggingResult](#API_control_GetBucketTagging_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketTagging-response-GetBucketTaggingResult"></a>
Root level tag for the GetBucketTaggingResult parameters.  
Required: Yes

 ** [TagSet](#API_control_GetBucketTagging_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketTagging-response-TagSet"></a>
The tags set of the Outposts bucket.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types

## Examples


### Amazon S3 on Outposts request example for getting a tag set for an Outposts bucket


The following request gets the tag set of the specified Outposts bucket `example-outpost-bucket`.

```
            GET /v20180820/bucket/example-outpost-bucket/tagging HTTP/1.1
            Host: s3-outposts.<Region>.amazonaws.com
            x-amz-date: Wed, 28 Oct 2020 22:32:00 GMT
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetBucketTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketTagging) 

# GetBucketVersioning


**Note**  
This operation returns the versioning state for S3 on Outposts buckets only. To return the versioning state for an S3 bucket, see [GetBucketVersioning](https://docs.amazonaws.cn/AmazonS3/latest/API/API_GetBucketVersioning.html) in the *Amazon S3 API Reference*. 

Returns the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures.

If you've never set versioning on your bucket, it has no versioning state. In that case, the `GetBucketVersioning` request does not return a versioning state value.

For more information about versioning, see [Versioning](https://docs.amazonaws.cn/AmazonS3/latest/userguide/Versioning.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketVersioning.html#API_control_GetBucketVersioning_Examples) section.

The following operations are related to `GetBucketVersioning` for S3 on Outposts.
+  [PutBucketVersioning](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketVersioning.html) 
+  [PutBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [GetBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 

## Request Syntax


```
GET /v20180820/bucket/name/versioning HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_GetBucketVersioning-request-header-Bucket"></a>
The S3 on Outposts bucket to return the versioning state for.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_GetBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_GetBucketVersioning-request-header-AccountId"></a>
The Amazon Web Services account ID of the S3 on Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetBucketVersioningResult>
   <Status>string</Status>
   <MfaDelete>string</MfaDelete>
</GetBucketVersioningResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetBucketVersioningResult](#API_control_GetBucketVersioning_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketVersioning-response-GetBucketVersioningResult"></a>
Root level tag for the GetBucketVersioningResult parameters.  
Required: Yes

 ** [MFADelete](#API_control_GetBucketVersioning_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketVersioning-response-MFADelete"></a>
Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is returned only if the bucket has been configured with MFA delete. If MFA delete has never been configured for the bucket, this element is not returned.  
Type: String  
Valid Values: `Enabled | Disabled` 

 ** [Status](#API_control_GetBucketVersioning_ResponseSyntax) **   <a name="AmazonS3-control_GetBucketVersioning-response-Status"></a>
The versioning state of the S3 on Outposts bucket.  
Type: String  
Valid Values: `Enabled | Suspended` 

## Examples


### Sample GetBucketVersioning request on an S3 on Outposts bucket


This request returns the versioning state for an S3 on Outposts bucket that's named `example-outpost-bucket`.

```
            GET /v20180820/bucket/example-outpost-bucket/?versioning HTTP/1.1
            Host:s3-outposts.region-code.amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-date: Wed, 25 May  2022 00:14:21 GMT
            Authorization: signatureValue
```

### Sample GetBucketVersioning response on a versioning-enabled S3 on Outposts bucket


If you enabled versioning on a bucket, the response is:

```
     <VersioningConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
        <Status>Enabled</Status>
     </VersioningConfiguration>
```

### Sample GetBucketVersioning response on a versioning-suspended bucket


If you suspended versioning on a bucket, the response is:

```
     <VersioningConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
        <Status>Suspended</Status>
     </VersioningConfiguration>
```

### Sample GetBucketVersioning response if you have never enabled versioning.


If you have never enabled versioning on a bucket, the response is:

```
     <VersioningConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetBucketVersioning) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetBucketVersioning) 

# GetDataAccess


Returns a temporary access credential from S3 Access Grants to the grantee or client application. The [temporary credential](https://docs.amazonaws.cn/STS/latest/APIReference/API_Credentials.html) is an Amazon STS token that grants them access to the S3 data. 

Permissions  
You must have the `s3:GetDataAccess` permission to use this operation. 

Additional Permissions  
The IAM role that S3 Access Grants assumes must have the following permissions specified in the trust policy when registering the location: `sts:AssumeRole`, for directory users or groups `sts:SetContext`, and for IAM users or roles `sts:SetSourceIdentity`. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/dataaccess?auditContext=AuditContext&durationSeconds=DurationSeconds&permission=Permission&privilege=Privilege&target=Target&targetType=TargetType HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [auditContext](#API_control_GetDataAccess_RequestSyntax) **   <a name="AmazonS3-control_GetDataAccess-request-uri-querystring-AuditContext"></a>
The context to identify the job or query associated with the credential request. This information will be displayed in CloudTrail log in your account.  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\t]*` 

 ** [durationSeconds](#API_control_GetDataAccess_RequestSyntax) **   <a name="AmazonS3-control_GetDataAccess-request-uri-querystring-DurationSeconds"></a>
The session duration, in seconds, of the temporary access credential that S3 Access Grants vends to the grantee or client application. The default value is 1 hour, but the grantee can specify a range from 900 seconds (15 minutes) up to 43200 seconds (12 hours). If the grantee requests a value higher than this maximum, the operation fails.   
Valid Range: Minimum value of 900. Maximum value of 43200.

 ** [permission](#API_control_GetDataAccess_RequestSyntax) **   <a name="AmazonS3-control_GetDataAccess-request-uri-querystring-Permission"></a>
The type of permission granted to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Valid Values: `READ | WRITE | READWRITE`   
Required: Yes

 ** [privilege](#API_control_GetDataAccess_RequestSyntax) **   <a name="AmazonS3-control_GetDataAccess-request-uri-querystring-Privilege"></a>
The scope of the temporary access credential that S3 Access Grants vends to the grantee or client application.   
+  `Default` – The scope of the returned temporary access token is the scope of the grant that is closest to the target scope.
+  `Minimal` – The scope of the returned temporary access token is the same as the requested target scope as long as the requested scope is the same as or a subset of the grant scope. 
Valid Values: `Minimal | Default` 

 ** [target](#API_control_GetDataAccess_RequestSyntax) **   <a name="AmazonS3-control_GetDataAccess-request-uri-querystring-Target"></a>
The S3 URI path of the data to which you are requesting temporary access credentials. If the requesting account has an access grant for this data, S3 Access Grants vends temporary access credentials in the response.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$`   
Required: Yes

 ** [targetType](#API_control_GetDataAccess_RequestSyntax) **   <a name="AmazonS3-control_GetDataAccess-request-uri-querystring-TargetType"></a>
The type of `Target`. The only possible value is `Object`. Pass this value if the target data that you would like to access is a path to an object. Do not pass this value if the target data is a bucket or a bucket and a prefix.   
Valid Values: `Object` 

 ** [x-amz-account-id](#API_control_GetDataAccess_RequestSyntax) **   <a name="AmazonS3-control_GetDataAccess-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetDataAccessResult>
   <Credentials>
      <AccessKeyId>string</AccessKeyId>
      <Expiration>timestamp</Expiration>
      <SecretAccessKey>string</SecretAccessKey>
      <SessionToken>string</SessionToken>
   </Credentials>
   <MatchedGrantTarget>string</MatchedGrantTarget>
   <Grantee>
      <GranteeIdentifier>string</GranteeIdentifier>
      <GranteeType>string</GranteeType>
   </Grantee>
</GetDataAccessResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetDataAccessResult](#API_control_GetDataAccess_ResponseSyntax) **   <a name="AmazonS3-control_GetDataAccess-response-GetDataAccessResult"></a>
Root level tag for the GetDataAccessResult parameters.  
Required: Yes

 ** [Credentials](#API_control_GetDataAccess_ResponseSyntax) **   <a name="AmazonS3-control_GetDataAccess-response-Credentials"></a>
The temporary credential token that S3 Access Grants vends.  
Type: [Credentials](API_control_Credentials.md) data type

 ** [Grantee](#API_control_GetDataAccess_ResponseSyntax) **   <a name="AmazonS3-control_GetDataAccess-response-Grantee"></a>
The user, group, or role that was granted access to the S3 location scope. For directory identities, this API also returns the grants of the IAM role used for the identity-aware request. For more information on identity-aware sessions, see [Granting permissions to use identity-aware console sessions](https://docs.amazonaws.cn/IAM/latest/UserGuide/id_credentials_temp_control-access_sts-setcontext.html).   
Type: [Grantee](API_control_Grantee.md) data type

 ** [MatchedGrantTarget](#API_control_GetDataAccess_ResponseSyntax) **   <a name="AmazonS3-control_GetDataAccess-response-MatchedGrantTarget"></a>
The S3 URI path of the data to which you are being granted temporary access credentials.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetDataAccess) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetDataAccess) 

# GetJobTagging


Returns the tags on an S3 Batch Operations job. 

Permissions  
To use the `GetJobTagging` operation, you must have permission to perform the `s3:GetJobTagging` action. For more information, see [Controlling access and labeling jobs using tags](https://docs.amazonaws.cn/AmazonS3/latest/dev/batch-ops-managing-jobs.html#batch-ops-job-tags) in the *Amazon S3 User Guide*.

Related actions include:
+  [CreateJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [PutJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutJobTagging.html) 
+  [DeleteJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteJobTagging.html) 

## Request Syntax


```
GET /v20180820/jobs/id/tagging HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_GetJobTagging_RequestSyntax) **   <a name="AmazonS3-control_GetJobTagging-request-uri-uri-JobId"></a>
The ID for the S3 Batch Operations job whose tags you want to retrieve.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetJobTagging_RequestSyntax) **   <a name="AmazonS3-control_GetJobTagging-request-header-AccountId"></a>
The Amazon Web Services account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetJobTaggingResult>
   <Tags>
      <S3Tag>
         <Key>string</Key>
         <Value>string</Value>
      </S3Tag>
   </Tags>
</GetJobTaggingResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetJobTaggingResult](#API_control_GetJobTagging_ResponseSyntax) **   <a name="AmazonS3-control_GetJobTagging-response-GetJobTaggingResult"></a>
Root level tag for the GetJobTaggingResult parameters.  
Required: Yes

 ** [Tags](#API_control_GetJobTagging_ResponseSyntax) **   <a name="AmazonS3-control_GetJobTagging-response-Tags"></a>
The set of tags associated with the S3 Batch Operations job.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetJobTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetJobTagging) 

# GetMultiRegionAccessPoint


**Note**  
This operation is not supported by directory buckets.

Returns configuration information about the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DeleteMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [ListMultiRegionAccessPoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html) 

## Request Syntax


```
GET /v20180820/mrap/instances/name+ HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPoint-request-uri-uri-Name"></a>
The name of the Multi-Region Access Point whose configuration information you want to receive. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see [Rules for naming Amazon S3 Multi-Region Access Points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html#multi-region-access-point-naming) in the *Amazon S3 User Guide*.  
Length Constraints: Maximum length of 50.  
Pattern: `^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPoint_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPoint-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetMultiRegionAccessPointResult>
   <AccessPoint>
      <Alias>string</Alias>
      <CreatedAt>timestamp</CreatedAt>
      <Name>string</Name>
      <PublicAccessBlock>
         <BlockPublicAcls>boolean</BlockPublicAcls>
         <BlockPublicPolicy>boolean</BlockPublicPolicy>
         <IgnorePublicAcls>boolean</IgnorePublicAcls>
         <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
      </PublicAccessBlock>
      <Regions>
         <Region>
            <Bucket>string</Bucket>
            <BucketAccountId>string</BucketAccountId>
            <Region>string</Region>
         </Region>
      </Regions>
      <Status>string</Status>
   </AccessPoint>
</GetMultiRegionAccessPointResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointResult](#API_control_GetMultiRegionAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPoint-response-GetMultiRegionAccessPointResult"></a>
Root level tag for the GetMultiRegionAccessPointResult parameters.  
Required: Yes

 ** [AccessPoint](#API_control_GetMultiRegionAccessPoint_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPoint-response-AccessPoint"></a>
A container element containing the details of the requested Multi-Region Access Point.  
Type: [MultiRegionAccessPointReport](API_control_MultiRegionAccessPointReport.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPoint) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPoint) 

# GetMultiRegionAccessPointPolicy


**Note**  
This operation is not supported by directory buckets.

Returns the access control policy of the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPointPolicy`:
+  [GetMultiRegionAccessPointPolicyStatus](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicyStatus.html) 
+  [PutMultiRegionAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutMultiRegionAccessPointPolicy.html) 

## Request Syntax


```
GET /v20180820/mrap/instances/name+/policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetMultiRegionAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicy-request-uri-uri-Name"></a>
Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see [Rules for naming Amazon S3 Multi-Region Access Points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html#multi-region-access-point-naming) in the *Amazon S3 User Guide*.  
Length Constraints: Maximum length of 50.  
Pattern: `^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicy-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetMultiRegionAccessPointPolicyResult>
   <Policy>
      <Established>
         <Policy>string</Policy>
      </Established>
      <Proposed>
         <Policy>string</Policy>
      </Proposed>
   </Policy>
</GetMultiRegionAccessPointPolicyResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointPolicyResult](#API_control_GetMultiRegionAccessPointPolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicy-response-GetMultiRegionAccessPointPolicyResult"></a>
Root level tag for the GetMultiRegionAccessPointPolicyResult parameters.  
Required: Yes

 ** [Policy](#API_control_GetMultiRegionAccessPointPolicy_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicy-response-Policy"></a>
The policy associated with the specified Multi-Region Access Point.  
Type: [MultiRegionAccessPointPolicyDocument](API_control_MultiRegionAccessPointPolicyDocument.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicy) 

# GetMultiRegionAccessPointPolicyStatus


**Note**  
This operation is not supported by directory buckets.

Indicates whether the specified Multi-Region Access Point has an access control policy that allows public access.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `GetMultiRegionAccessPointPolicyStatus`:
+  [GetMultiRegionAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicy.html) 
+  [PutMultiRegionAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutMultiRegionAccessPointPolicy.html) 

## Request Syntax


```
GET /v20180820/mrap/instances/name+/policystatus HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetMultiRegionAccessPointPolicyStatus_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicyStatus-request-uri-uri-Name"></a>
Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see [Rules for naming Amazon S3 Multi-Region Access Points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/CreatingMultiRegionAccessPoints.html#multi-region-access-point-naming) in the *Amazon S3 User Guide*.  
Length Constraints: Maximum length of 50.  
Pattern: `^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPointPolicyStatus_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicyStatus-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetMultiRegionAccessPointPolicyStatusResult>
   <Established>
      <IsPublic>boolean</IsPublic>
   </Established>
</GetMultiRegionAccessPointPolicyStatusResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointPolicyStatusResult](#API_control_GetMultiRegionAccessPointPolicyStatus_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicyStatus-response-GetMultiRegionAccessPointPolicyStatusResult"></a>
Root level tag for the GetMultiRegionAccessPointPolicyStatusResult parameters.  
Required: Yes

 ** [Established](#API_control_GetMultiRegionAccessPointPolicyStatus_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointPolicyStatus-response-Established"></a>
Indicates whether this access point policy is public. For more information about how Amazon S3 evaluates policies to determine whether they are public, see [The Meaning of "Public"](https://docs.amazonaws.cn/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.   
Type: [PolicyStatus](API_control_PolicyStatus.md) data type

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPointPolicyStatus) 

# GetMultiRegionAccessPointRoutes


**Note**  
This operation is not supported by directory buckets.

Returns the routing configuration for a Multi-Region Access Point, indicating which Regions are active or passive.

To obtain routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:
+  `us-east-1` 
+  `us-west-2` 
+  `ap-southeast-2` 
+  `ap-northeast-1` 
+  `eu-west-1` 

## Request Syntax


```
GET /v20180820/mrap/instances/mrap+/routes HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [mrap](#API_control_GetMultiRegionAccessPointRoutes_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointRoutes-request-uri-uri-Mrap"></a>
The Multi-Region Access Point ARN.  
Length Constraints: Maximum length of 200.  
Pattern: `^[a-zA-Z0-9\:.-]{3,200}$`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetMultiRegionAccessPointRoutes_RequestSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointRoutes-request-header-AccountId"></a>
The Amazon Web Services account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetMultiRegionAccessPointRoutesResult>
   <Mrap>string</Mrap>
   <Routes>
      <Route>
         <Bucket>string</Bucket>
         <Region>string</Region>
         <TrafficDialPercentage>integer</TrafficDialPercentage>
      </Route>
   </Routes>
</GetMultiRegionAccessPointRoutesResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetMultiRegionAccessPointRoutesResult](#API_control_GetMultiRegionAccessPointRoutes_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointRoutes-response-GetMultiRegionAccessPointRoutesResult"></a>
Root level tag for the GetMultiRegionAccessPointRoutesResult parameters.  
Required: Yes

 ** [Mrap](#API_control_GetMultiRegionAccessPointRoutes_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointRoutes-response-Mrap"></a>
The Multi-Region Access Point ARN.  
Type: String  
Length Constraints: Maximum length of 200.  
Pattern: `^[a-zA-Z0-9\:.-]{3,200}$` 

 ** [Routes](#API_control_GetMultiRegionAccessPointRoutes_ResponseSyntax) **   <a name="AmazonS3-control_GetMultiRegionAccessPointRoutes-response-Routes"></a>
The different routes that make up the route configuration. Active routes return a value of `100`, and passive routes return a value of `0`.  
Type: Array of [MultiRegionAccessPointRoute](API_control_MultiRegionAccessPointRoute.md) data types

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetMultiRegionAccessPointRoutes) 

# GetPublicAccessBlock


**Note**  
This operation is not supported by directory buckets.

Retrieves the `PublicAccessBlock` configuration for an Amazon Web Services account. This operation returns the effective account-level configuration, which may inherit from organization-level policies. For more information, see [ Using Amazon S3 block public access](https://docs.amazonaws.cn/AmazonS3/latest/dev/access-control-block-public-access.html).

Related actions include:
+  [DeletePublicAccessBlock](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeletePublicAccessBlock.html) 
+  [PutPublicAccessBlock](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutPublicAccessBlock.html) 

## Request Syntax


```
GET /v20180820/configuration/publicAccessBlock HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_GetPublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_GetPublicAccessBlock-request-header-AccountId"></a>
The account ID for the Amazon Web Services account whose `PublicAccessBlock` configuration you want to retrieve.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<PublicAccessBlockConfiguration>
   <BlockPublicAcls>boolean</BlockPublicAcls>
   <IgnorePublicAcls>boolean</IgnorePublicAcls>
   <BlockPublicPolicy>boolean</BlockPublicPolicy>
   <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
</PublicAccessBlockConfiguration>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [PublicAccessBlockConfiguration](#API_control_GetPublicAccessBlock_ResponseSyntax) **   <a name="AmazonS3-control_GetPublicAccessBlock-response-PublicAccessBlockConfiguration"></a>
Root level tag for the PublicAccessBlockConfiguration parameters.  
Required: Yes

 ** [BlockPublicAcls](#API_control_GetPublicAccessBlock_ResponseSyntax) **   <a name="AmazonS3-control_GetPublicAccessBlock-response-BlockPublicAcls"></a>
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:  
+  `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.
+ PUT Object calls fail if the request includes a public ACL.
+ PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

 ** [BlockPublicPolicy](#API_control_GetPublicAccessBlock_ResponseSyntax) **   <a name="AmazonS3-control_GetPublicAccessBlock-response-BlockPublicPolicy"></a>
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.   
Enabling this setting doesn't affect existing bucket policies.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

 ** [IgnorePublicAcls](#API_control_GetPublicAccessBlock_ResponseSyntax) **   <a name="AmazonS3-control_GetPublicAccessBlock-response-IgnorePublicAcls"></a>
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.   
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

 ** [RestrictPublicBuckets](#API_control_GetPublicAccessBlock_ResponseSyntax) **   <a name="AmazonS3-control_GetPublicAccessBlock-response-RestrictPublicBuckets"></a>
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only Amazon Web Services service principals and authorized users within this account.  
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean

## Errors


 ** NoSuchPublicAccessBlockConfiguration **   
Amazon S3 throws this exception if you make a `GetPublicAccessBlock` request against an account that doesn't have a `PublicAccessBlockConfiguration` set.  
HTTP Status Code: 404

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetPublicAccessBlock) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetPublicAccessBlock) 

# GetStorageLensConfiguration


**Note**  
This operation is not supported by directory buckets.

Gets the Amazon S3 Storage Lens configuration. For more information, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*. For a complete list of S3 Storage Lens metrics, see [S3 Storage Lens metrics glossary](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage_lens_metrics_glossary.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:GetStorageLensConfiguration` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/storagelens/storagelensid HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_GetStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-request-uri-uri-ConfigId"></a>
The ID of the Amazon S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-request-header-AccountId"></a>
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<StorageLensConfiguration>
   <Id>string</Id>
   <AccountLevel>
      <ActivityMetrics>
         <IsEnabled>boolean</IsEnabled>
      </ActivityMetrics>
      <AdvancedCostOptimizationMetrics>
         <IsEnabled>boolean</IsEnabled>
      </AdvancedCostOptimizationMetrics>
      <AdvancedDataProtectionMetrics>
         <IsEnabled>boolean</IsEnabled>
      </AdvancedDataProtectionMetrics>
      <AdvancedPerformanceMetrics>
         <IsEnabled>boolean</IsEnabled>
      </AdvancedPerformanceMetrics>
      <BucketLevel>
         <ActivityMetrics>
            <IsEnabled>boolean</IsEnabled>
         </ActivityMetrics>
         <AdvancedCostOptimizationMetrics>
            <IsEnabled>boolean</IsEnabled>
         </AdvancedCostOptimizationMetrics>
         <AdvancedDataProtectionMetrics>
            <IsEnabled>boolean</IsEnabled>
         </AdvancedDataProtectionMetrics>
         <AdvancedPerformanceMetrics>
            <IsEnabled>boolean</IsEnabled>
         </AdvancedPerformanceMetrics>
         <DetailedStatusCodesMetrics>
            <IsEnabled>boolean</IsEnabled>
         </DetailedStatusCodesMetrics>
         <PrefixLevel>
            <StorageMetrics>
               <IsEnabled>boolean</IsEnabled>
               <SelectionCriteria>
                  <Delimiter>string</Delimiter>
                  <MaxDepth>integer</MaxDepth>
                  <MinStorageBytesPercentage>double</MinStorageBytesPercentage>
               </SelectionCriteria>
            </StorageMetrics>
         </PrefixLevel>
      </BucketLevel>
      <DetailedStatusCodesMetrics>
         <IsEnabled>boolean</IsEnabled>
      </DetailedStatusCodesMetrics>
      <StorageLensGroupLevel>
         <SelectionCriteria>
            <Exclude>
               <Arn>string</Arn>
            </Exclude>
            <Include>
               <Arn>string</Arn>
            </Include>
         </SelectionCriteria>
      </StorageLensGroupLevel>
   </AccountLevel>
   <Include>
      <Buckets>
         <Arn>string</Arn>
      </Buckets>
      <Regions>
         <Region>string</Region>
      </Regions>
   </Include>
   <Exclude>
      <Buckets>
         <Arn>string</Arn>
      </Buckets>
      <Regions>
         <Region>string</Region>
      </Regions>
   </Exclude>
   <DataExport>
      <CloudWatchMetrics>
         <IsEnabled>boolean</IsEnabled>
      </CloudWatchMetrics>
      <S3BucketDestination>
         <AccountId>string</AccountId>
         <Arn>string</Arn>
         <Encryption>
            <SSE-KMS>
               <KeyId>string</KeyId>
            </SSE-KMS>
            <SSE-S3>
            </SSE-S3>
         </Encryption>
         <Format>string</Format>
         <OutputSchemaVersion>string</OutputSchemaVersion>
         <Prefix>string</Prefix>
      </S3BucketDestination>
      <StorageLensTableDestination>
         <Encryption>
            <SSE-KMS>
               <KeyId>string</KeyId>
            </SSE-KMS>
            <SSE-S3>
            </SSE-S3>
         </Encryption>
         <IsEnabled>boolean</IsEnabled>
      </StorageLensTableDestination>
   </DataExport>
   <ExpandedPrefixesDataExport>
      <S3BucketDestination>
         <AccountId>string</AccountId>
         <Arn>string</Arn>
         <Encryption>
            <SSE-KMS>
               <KeyId>string</KeyId>
            </SSE-KMS>
            <SSE-S3>
            </SSE-S3>
         </Encryption>
         <Format>string</Format>
         <OutputSchemaVersion>string</OutputSchemaVersion>
         <Prefix>string</Prefix>
      </S3BucketDestination>
      <StorageLensTableDestination>
         <Encryption>
            <SSE-KMS>
               <KeyId>string</KeyId>
            </SSE-KMS>
            <SSE-S3>
            </SSE-S3>
         </Encryption>
         <IsEnabled>boolean</IsEnabled>
      </StorageLensTableDestination>
   </ExpandedPrefixesDataExport>
   <IsEnabled>boolean</IsEnabled>
   <AwsOrg>
      <Arn>string</Arn>
   </AwsOrg>
   <StorageLensArn>string</StorageLensArn>
   <PrefixDelimiter>string</PrefixDelimiter>
</StorageLensConfiguration>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [StorageLensConfiguration](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-StorageLensConfiguration"></a>
Root level tag for the StorageLensConfiguration parameters.  
Required: Yes

 ** [AccountLevel](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-AccountLevel"></a>
A container for all the account-level configurations of your S3 Storage Lens configuration.  
Type: [AccountLevel](API_control_AccountLevel.md) data type

 ** [AwsOrg](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-AwsOrg"></a>
A container for the Amazon organization for this S3 Storage Lens configuration.  
Type: [StorageLensAwsOrg](API_control_StorageLensAwsOrg.md) data type

 ** [DataExport](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-DataExport"></a>
A container to specify the properties of your S3 Storage Lens metrics export including, the destination, schema and format.  
Type: [StorageLensDataExport](API_control_StorageLensDataExport.md) data type

 ** [Exclude](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-Exclude"></a>
A container for what is excluded in this configuration. This container can only be valid if there is no `Include` container submitted, and it's not empty.   
Type: [Exclude](API_control_Exclude.md) data type

 ** [ExpandedPrefixesDataExport](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-ExpandedPrefixesDataExport"></a>
A container that configures your S3 Storage Lens expanded prefixes metrics report.   
Type: [StorageLensExpandedPrefixesDataExport](API_control_StorageLensExpandedPrefixesDataExport.md) data type

 ** [Id](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-Id"></a>
A container for the Amazon S3 Storage Lens configuration ID.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+` 

 ** [Include](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-Include"></a>
A container for what is included in this configuration. This container can only be valid if there is no `Exclude` container submitted, and it's not empty.   
Type: [Include](API_control_Include.md) data type

 ** [IsEnabled](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-IsEnabled"></a>
A container for whether the S3 Storage Lens configuration is enabled.  
Type: Boolean

 ** [PrefixDelimiter](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-PrefixDelimiter"></a>
A container for all prefix delimiters that are used for object keys in this S3 Storage Lens configuration. The prefix delimiters determine how S3 Storage Lens counts prefix depth, by separating the hierarchical levels in object keys.  
+ If either a prefix delimiter or existing delimiter is undefined, Amazon S3 uses the delimiter that’s defined.
+ If both the prefix delimiter and existing delimiter are undefined, S3 uses `/` as the default delimiter.
+ When custom delimiters are used, both the prefix delimiter and existing delimiter must specify the same special character. Otherwise, your request results in an error.
Type: String  
Length Constraints: Maximum length of 1.

 ** [StorageLensArn](#API_control_GetStorageLensConfiguration_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfiguration-response-StorageLensArn"></a>
The Amazon Resource Name (ARN) of the S3 Storage Lens configuration. This property is read-only and follows the following format: ` arn:aws:s3:us-east-1:example-account-id:storage-lens/your-dashboard-name `   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:storage\-lens\/.*` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetStorageLensConfiguration) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetStorageLensConfiguration) 

# GetStorageLensConfigurationTagging


**Note**  
This operation is not supported by directory buckets.

Gets the tags of Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:GetStorageLensConfigurationTagging` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/storagelens/storagelensid/tagging HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_GetStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_GetStorageLensConfigurationTagging-request-uri-uri-ConfigId"></a>
The ID of the Amazon S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_GetStorageLensConfigurationTagging-request-header-AccountId"></a>
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<GetStorageLensConfigurationTaggingResult>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</GetStorageLensConfigurationTaggingResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [GetStorageLensConfigurationTaggingResult](#API_control_GetStorageLensConfigurationTagging_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfigurationTagging-response-GetStorageLensConfigurationTaggingResult"></a>
Root level tag for the GetStorageLensConfigurationTaggingResult parameters.  
Required: Yes

 ** [Tags](#API_control_GetStorageLensConfigurationTagging_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensConfigurationTagging-response-Tags"></a>
The tags of S3 Storage Lens configuration requested.  
Type: Array of [StorageLensTag](API_control_StorageLensTag.md) data types

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetStorageLensConfigurationTagging) 

# GetStorageLensGroup


 Retrieves the Storage Lens group configuration details.

To use this operation, you must have the permission to perform the `s3:GetStorageLensGroup` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
GET /v20180820/storagelensgroup/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_GetStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_GetStorageLensGroup-request-uri-uri-Name"></a>
 The name of the Storage Lens group that you're trying to retrieve the configuration details for.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_GetStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_GetStorageLensGroup-request-header-AccountId"></a>
 The Amazon account ID associated with the Storage Lens group that you're trying to retrieve the details for.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<StorageLensGroup>
   <Name>string</Name>
   <Filter>
      <And>
         <MatchAnyPrefix>
            <Prefix>string</Prefix>
         </MatchAnyPrefix>
         <MatchAnySuffix>
            <Suffix>string</Suffix>
         </MatchAnySuffix>
         <MatchAnyTag>
            <Tag>
               <Key>string</Key>
               <Value>string</Value>
            </Tag>
         </MatchAnyTag>
         <MatchObjectAge>
            <DaysGreaterThan>integer</DaysGreaterThan>
            <DaysLessThan>integer</DaysLessThan>
         </MatchObjectAge>
         <MatchObjectSize>
            <BytesGreaterThan>long</BytesGreaterThan>
            <BytesLessThan>long</BytesLessThan>
         </MatchObjectSize>
      </And>
      <MatchAnyPrefix>
         <Prefix>string</Prefix>
      </MatchAnyPrefix>
      <MatchAnySuffix>
         <Suffix>string</Suffix>
      </MatchAnySuffix>
      <MatchAnyTag>
         <Tag>
            <Key>string</Key>
            <Value>string</Value>
         </Tag>
      </MatchAnyTag>
      <MatchObjectAge>
         <DaysGreaterThan>integer</DaysGreaterThan>
         <DaysLessThan>integer</DaysLessThan>
      </MatchObjectAge>
      <MatchObjectSize>
         <BytesGreaterThan>long</BytesGreaterThan>
         <BytesLessThan>long</BytesLessThan>
      </MatchObjectSize>
      <Or>
         <MatchAnyPrefix>
            <Prefix>string</Prefix>
         </MatchAnyPrefix>
         <MatchAnySuffix>
            <Suffix>string</Suffix>
         </MatchAnySuffix>
         <MatchAnyTag>
            <Tag>
               <Key>string</Key>
               <Value>string</Value>
            </Tag>
         </MatchAnyTag>
         <MatchObjectAge>
            <DaysGreaterThan>integer</DaysGreaterThan>
            <DaysLessThan>integer</DaysLessThan>
         </MatchObjectAge>
         <MatchObjectSize>
            <BytesGreaterThan>long</BytesGreaterThan>
            <BytesLessThan>long</BytesLessThan>
         </MatchObjectSize>
      </Or>
   </Filter>
   <StorageLensGroupArn>string</StorageLensGroupArn>
</StorageLensGroup>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [StorageLensGroup](#API_control_GetStorageLensGroup_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensGroup-response-StorageLensGroup"></a>
Root level tag for the StorageLensGroup parameters.  
Required: Yes

 ** [Filter](#API_control_GetStorageLensGroup_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensGroup-response-Filter"></a>
Sets the criteria for the Storage Lens group data that is displayed. For multiple filter conditions, the `AND` or `OR` logical operator is used.  
Type: [StorageLensGroupFilter](API_control_StorageLensGroupFilter.md) data type

 ** [Name](#API_control_GetStorageLensGroup_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensGroup-response-Name"></a>
 Contains the name of the Storage Lens group.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+` 

 ** [StorageLensGroupArn](#API_control_GetStorageLensGroup_ResponseSyntax) **   <a name="AmazonS3-control_GetStorageLensGroup-response-StorageLensGroupArn"></a>
 Contains the Amazon Resource Name (ARN) of the Storage Lens group. This property is read-only.   
Type: String  
Length Constraints: Minimum length of 4. Maximum length of 1024.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:storage\-lens\-group\/.*` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/GetStorageLensGroup) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/GetStorageLensGroup) 

# ListAccessGrants


Returns the list of access grants in your S3 Access Grants instance.

Permissions  
You must have the `s3:ListAccessGrants` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/grants?application_arn=ApplicationArn&granteeidentifier=GranteeIdentifier&granteetype=GranteeType&grantscope=GrantScope&maxResults=MaxResults&nextToken=NextToken&permission=Permission HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [application\$1arn](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-uri-querystring-ApplicationArn"></a>
The Amazon Resource Name (ARN) of an Amazon IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.   
Length Constraints: Minimum length of 10. Maximum length of 1224.  
Pattern: `arn:[^:]+:sso::\d{12}:application/.*$` 

 ** [granteeidentifier](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-uri-querystring-GranteeIdentifier"></a>
The unique identifer of the `Grantee`. If the grantee type is `IAM`, the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`. You can obtain this UUID from your Amazon IAM Identity Center instance.

 ** [granteetype](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-uri-querystring-GranteeType"></a>
The type of the grantee to which access has been granted. It can be one of the following values:  
+  `IAM` - An IAM user or role.
+  `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
+  `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
Valid Values: `DIRECTORY_USER | DIRECTORY_GROUP | IAM` 

 ** [grantscope](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-uri-querystring-GrantScope"></a>
The S3 path of the data to which you are granting access. It is the result of appending the `Subprefix` to the location scope.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [maxResults](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-uri-querystring-MaxResults"></a>
The maximum number of access grants that you would like returned in the `List Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-uri-querystring-NextToken"></a>
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants` request in order to retrieve the next page of results.

 ** [permission](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-uri-querystring-Permission"></a>
The type of permission granted to your S3 data, which can be set to one of the following values:  
+  `READ` – Grant read-only access to the S3 data.
+  `WRITE` – Grant write-only access to the S3 data.
+  `READWRITE` – Grant both read and write access to the S3 data.
Valid Values: `READ | WRITE | READWRITE` 

 ** [x-amz-account-id](#API_control_ListAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrants-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListAccessGrantsResult>
   <NextToken>string</NextToken>
   <AccessGrantsList>
      <AccessGrant>
         <AccessGrantArn>string</AccessGrantArn>
         <AccessGrantId>string</AccessGrantId>
         <AccessGrantsLocationConfiguration>
            <S3SubPrefix>string</S3SubPrefix>
         </AccessGrantsLocationConfiguration>
         <AccessGrantsLocationId>string</AccessGrantsLocationId>
         <ApplicationArn>string</ApplicationArn>
         <CreatedAt>timestamp</CreatedAt>
         <Grantee>
            <GranteeIdentifier>string</GranteeIdentifier>
            <GranteeType>string</GranteeType>
         </Grantee>
         <GrantScope>string</GrantScope>
         <Permission>string</Permission>
      </AccessGrant>
   </AccessGrantsList>
</ListAccessGrantsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessGrantsResult](#API_control_ListAccessGrants_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrants-response-ListAccessGrantsResult"></a>
Root level tag for the ListAccessGrantsResult parameters.  
Required: Yes

 ** [AccessGrantsList](#API_control_ListAccessGrants_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrants-response-AccessGrantsList"></a>
A container for a list of grants in an S3 Access Grants instance.  
Type: Array of [ListAccessGrantEntry](API_control_ListAccessGrantEntry.md) data types

 ** [NextToken](#API_control_ListAccessGrants_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrants-response-NextToken"></a>
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListAccessGrants) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessGrants) 

# ListAccessGrantsInstances


Returns a list of S3 Access Grants instances. An S3 Access Grants instance serves as a logical grouping for your individual access grants. You can only have one S3 Access Grants instance per Region per account.

Permissions  
You must have the `s3:ListAccessGrantsInstances` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstances?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListAccessGrantsInstances_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrantsInstances-request-uri-querystring-MaxResults"></a>
The maximum number of access grants that you would like returned in the `List Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessGrantsInstances_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrantsInstances-request-uri-querystring-NextToken"></a>
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Instances` request in order to retrieve the next page of results.

 ** [x-amz-account-id](#API_control_ListAccessGrantsInstances_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrantsInstances-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListAccessGrantsInstancesResult>
   <NextToken>string</NextToken>
   <AccessGrantsInstancesList>
      <AccessGrantsInstance>
         <AccessGrantsInstanceArn>string</AccessGrantsInstanceArn>
         <AccessGrantsInstanceId>string</AccessGrantsInstanceId>
         <CreatedAt>timestamp</CreatedAt>
         <IdentityCenterApplicationArn>string</IdentityCenterApplicationArn>
         <IdentityCenterArn>string</IdentityCenterArn>
         <IdentityCenterInstanceArn>string</IdentityCenterInstanceArn>
      </AccessGrantsInstance>
   </AccessGrantsInstancesList>
</ListAccessGrantsInstancesResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessGrantsInstancesResult](#API_control_ListAccessGrantsInstances_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrantsInstances-response-ListAccessGrantsInstancesResult"></a>
Root level tag for the ListAccessGrantsInstancesResult parameters.  
Required: Yes

 ** [AccessGrantsInstancesList](#API_control_ListAccessGrantsInstances_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrantsInstances-response-AccessGrantsInstancesList"></a>
A container for a list of S3 Access Grants instances.  
Type: Array of [ListAccessGrantsInstanceEntry](API_control_ListAccessGrantsInstanceEntry.md) data types

 ** [NextToken](#API_control_ListAccessGrantsInstances_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrantsInstances-response-NextToken"></a>
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Instances` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListAccessGrantsInstances) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessGrantsInstances) 

# ListAccessGrantsLocations


Returns a list of the locations registered in your S3 Access Grants instance.

Permissions  
You must have the `s3:ListAccessGrantsLocations` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/locations?locationscope=LocationScope&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [locationscope](#API_control_ListAccessGrantsLocations_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrantsLocations-request-uri-querystring-LocationScope"></a>
The S3 path to the location that you are registering. The location scope can be the default S3 location `s3://`, the S3 path to a bucket `s3://<bucket>`, or the S3 path to a bucket and prefix `s3://<bucket>/<prefix>`. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [maxResults](#API_control_ListAccessGrantsLocations_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrantsLocations-request-uri-querystring-MaxResults"></a>
The maximum number of access grants that you would like returned in the `List Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessGrantsLocations_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrantsLocations-request-uri-querystring-NextToken"></a>
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Locations` request in order to retrieve the next page of results.

 ** [x-amz-account-id](#API_control_ListAccessGrantsLocations_RequestSyntax) **   <a name="AmazonS3-control_ListAccessGrantsLocations-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListAccessGrantsLocationsResult>
   <NextToken>string</NextToken>
   <AccessGrantsLocationsList>
      <AccessGrantsLocation>
         <AccessGrantsLocationArn>string</AccessGrantsLocationArn>
         <AccessGrantsLocationId>string</AccessGrantsLocationId>
         <CreatedAt>timestamp</CreatedAt>
         <IAMRoleArn>string</IAMRoleArn>
         <LocationScope>string</LocationScope>
      </AccessGrantsLocation>
   </AccessGrantsLocationsList>
</ListAccessGrantsLocationsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessGrantsLocationsResult](#API_control_ListAccessGrantsLocations_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrantsLocations-response-ListAccessGrantsLocationsResult"></a>
Root level tag for the ListAccessGrantsLocationsResult parameters.  
Required: Yes

 ** [AccessGrantsLocationsList](#API_control_ListAccessGrantsLocations_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrantsLocations-response-AccessGrantsLocationsList"></a>
A container for a list of registered locations in an S3 Access Grants instance.  
Type: Array of [ListAccessGrantsLocationsEntry](API_control_ListAccessGrantsLocationsEntry.md) data types

 ** [NextToken](#API_control_ListAccessGrantsLocations_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessGrantsLocations-response-NextToken"></a>
A pagination token to request the next page of results. Pass this value into a subsequent `List Access Grants Locations` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListAccessGrantsLocations) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessGrantsLocations) 

# ListAccessPoints


**Note**  
This operation is not supported by directory buckets.

Returns a list of the access points. You can retrieve up to 1,000 access points per call. If the call returns more than 1,000 access points (or the number specified in `maxResults`, whichever is less), the response will include a continuation token that you can use to list the additional access points.

Returns only access points attached to S3 buckets by default. To return all access points specify `DataSourceType` as `ALL`.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPoint.html#API_control_GetAccessPoint_Examples) section.

The following actions are related to `ListAccessPoints`:
+  [CreateAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPoint.html) 
+  [DeleteAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPoint.html) 
+  [GetAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPoint.html) 

## Request Syntax


```
GET /v20180820/accesspoint?bucket=Bucket&dataSourceId=DataSourceId&dataSourceType=DataSourceType&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [bucket](#API_control_ListAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPoints-request-uri-querystring-Bucket"></a>
The name of the bucket whose associated access points you want to list.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [dataSourceId](#API_control_ListAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPoints-request-uri-querystring-DataSourceId"></a>
The unique identifier for the data source of the access point.  
Length Constraints: Maximum length of 191.

 ** [dataSourceType](#API_control_ListAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPoints-request-uri-querystring-DataSourceType"></a>
The type of the data source that the access point is attached to. Returns only access points attached to S3 buckets by default. To return all access points specify `DataSourceType` as `ALL`.

 ** [maxResults](#API_control_ListAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPoints-request-uri-querystring-MaxResults"></a>
The maximum number of access points that you want to include in the list. If the specified bucket has more than this number of access points, then the response will include a continuation token in the `NextToken` field that you can use to retrieve the next page of access points.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPoints-request-uri-querystring-NextToken"></a>
A continuation token. If a previous call to `ListAccessPoints` returned a continuation token in the `NextToken` field, then providing that value here causes Amazon S3 to retrieve the next page of results.  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPoints-request-header-AccountId"></a>
The Amazon Web Services account ID for the account that owns the specified access points.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListAccessPointsResult>
   <AccessPointList>
      <AccessPoint>
         <AccessPointArn>string</AccessPointArn>
         <Alias>string</Alias>
         <Bucket>string</Bucket>
         <BucketAccountId>string</BucketAccountId>
         <DataSourceId>string</DataSourceId>
         <DataSourceType>string</DataSourceType>
         <Name>string</Name>
         <NetworkOrigin>string</NetworkOrigin>
         <VpcConfiguration>
            <VpcId>string</VpcId>
         </VpcConfiguration>
      </AccessPoint>
   </AccessPointList>
   <NextToken>string</NextToken>
</ListAccessPointsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessPointsResult](#API_control_ListAccessPoints_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPoints-response-ListAccessPointsResult"></a>
Root level tag for the ListAccessPointsResult parameters.  
Required: Yes

 ** [AccessPointList](#API_control_ListAccessPoints_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPoints-response-AccessPointList"></a>
Contains identification and configuration information for one or more access points associated with the specified bucket.  
Type: Array of [AccessPoint](API_control_AccessPoint.md) data types

 ** [NextToken](#API_control_ListAccessPoints_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPoints-response-NextToken"></a>
If the specified bucket has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

## Examples


### Sample request syntax for ListAccessPoints for Amazon S3 on Outposts


The following request returns a list access points of the specified Amazon S3 on Outposts bucket `example-outpost-bucket`.

```
           GET /v20180820/accesspoint?Bucket=example-outpost-bucket&MaxResults=MaxResults&NextToken=NextToken HTTP/1.1
           Host: s3-outposts.<Region>.amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListAccessPoints) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessPoints) 

# ListAccessPointsForDirectoryBuckets


Returns a list of the access points that are owned by the Amazon account and that are associated with the specified directory bucket.

To list access points for general purpose buckets, see [ListAccesspoints](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListAccessPoints.html).

To use this operation, you must have the permission to perform the `s3express:ListAccessPointsForDirectoryBuckets` action.

For information about REST API errors, see [REST error responses](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
GET /v20180820/accesspointfordirectory?directoryBucket=DirectoryBucket&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [directoryBucket](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPointsForDirectoryBuckets-request-uri-querystring-DirectoryBucket"></a>
The name of the directory bucket associated with the access points you want to list.  
Length Constraints: Minimum length of 3. Maximum length of 255.

 ** [maxResults](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPointsForDirectoryBuckets-request-uri-querystring-MaxResults"></a>
The maximum number of access points that you would like returned in the `ListAccessPointsForDirectoryBuckets` response. If the directory bucket is associated with more than this number of access points, the results include the pagination token `NextToken`. Make another call using the `NextToken` to retrieve more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPointsForDirectoryBuckets-request-uri-querystring-NextToken"></a>
 If `NextToken` is returned, there are more access points available than requested in the `maxResults` value. The value of `NextToken` is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.   
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListAccessPointsForDirectoryBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPointsForDirectoryBuckets-request-header-AccountId"></a>
The Amazon account ID that owns the access points.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListAccessPointsForDirectoryBucketsResult>
   <AccessPointList>
      <AccessPoint>
         <AccessPointArn>string</AccessPointArn>
         <Alias>string</Alias>
         <Bucket>string</Bucket>
         <BucketAccountId>string</BucketAccountId>
         <DataSourceId>string</DataSourceId>
         <DataSourceType>string</DataSourceType>
         <Name>string</Name>
         <NetworkOrigin>string</NetworkOrigin>
         <VpcConfiguration>
            <VpcId>string</VpcId>
         </VpcConfiguration>
      </AccessPoint>
   </AccessPointList>
   <NextToken>string</NextToken>
</ListAccessPointsForDirectoryBucketsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessPointsForDirectoryBucketsResult](#API_control_ListAccessPointsForDirectoryBuckets_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPointsForDirectoryBuckets-response-ListAccessPointsForDirectoryBucketsResult"></a>
Root level tag for the ListAccessPointsForDirectoryBucketsResult parameters.  
Required: Yes

 ** [AccessPointList](#API_control_ListAccessPointsForDirectoryBuckets_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPointsForDirectoryBuckets-response-AccessPointList"></a>
Contains identification and configuration information for one or more access points associated with the directory bucket.  
Type: Array of [AccessPoint](API_control_AccessPoint.md) data types

 ** [NextToken](#API_control_ListAccessPointsForDirectoryBuckets_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPointsForDirectoryBuckets-response-NextToken"></a>
 If `NextToken` is returned, there are more access points available than requested in the `maxResults` value. The value of `NextToken` is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessPointsForDirectoryBuckets) 

# ListAccessPointsForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Returns some or all (up to 1,000) access points associated with the Object Lambda Access Point per call. If there are more access points than what can be returned in one call, the response will include a continuation token that you can use to list the additional access points.

The following actions are related to `ListAccessPointsForObjectLambda`:
+  [CreateAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html) 
+  [DeleteAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html) 
+  [GetAccessPointForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html) 

## Request Syntax


```
GET /v20180820/accesspointforobjectlambda?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListAccessPointsForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPointsForObjectLambda-request-uri-querystring-MaxResults"></a>
The maximum number of access points that you want to include in the list. The response may contain fewer access points but will never contain more. If there are more than this number of access points, then the response will include a continuation token in the `NextToken` field that you can use to retrieve the next page of access points.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListAccessPointsForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPointsForObjectLambda-request-uri-querystring-NextToken"></a>
If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListAccessPointsForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_ListAccessPointsForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListAccessPointsForObjectLambdaResult>
   <ObjectLambdaAccessPointList>
      <ObjectLambdaAccessPoint>
         <Alias>
            <Status>string</Status>
            <Value>string</Value>
         </Alias>
         <Name>string</Name>
         <ObjectLambdaAccessPointArn>string</ObjectLambdaAccessPointArn>
      </ObjectLambdaAccessPoint>
   </ObjectLambdaAccessPointList>
   <NextToken>string</NextToken>
</ListAccessPointsForObjectLambdaResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListAccessPointsForObjectLambdaResult](#API_control_ListAccessPointsForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPointsForObjectLambda-response-ListAccessPointsForObjectLambdaResult"></a>
Root level tag for the ListAccessPointsForObjectLambdaResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListAccessPointsForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPointsForObjectLambda-response-NextToken"></a>
If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [ObjectLambdaAccessPointList](#API_control_ListAccessPointsForObjectLambda_ResponseSyntax) **   <a name="AmazonS3-control_ListAccessPointsForObjectLambda-response-ObjectLambdaAccessPointList"></a>
Returns list of Object Lambda Access Points.  
Type: Array of [ObjectLambdaAccessPoint](API_control_ObjectLambdaAccessPoint.md) data types

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListAccessPointsForObjectLambda) 

# ListCallerAccessGrants


Use this API to list the access grants that grant the caller access to Amazon S3 data through S3 Access Grants. The caller (grantee) can be an Amazon Identity and Access Management (IAM) identity or Amazon Identity Center corporate directory identity. You must pass the Amazon Web Services account of the S3 data owner (grantor) in the request. You can, optionally, narrow the results by `GrantScope`, using a fragment of the data's S3 path, and S3 Access Grants will return only the grants with a path that contains the path fragment. You can also pass the `AllowedByApplication` filter in the request, which returns only the grants authorized for applications, whether the application is the caller's Identity Center application or any other application (`ALL`). For more information, see [List the caller's access grants](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-grants-list-grants.html) in the *Amazon S3 User Guide*.

Permissions  
You must have the `s3:ListCallerAccessGrants` permission to use this operation. 

## Request Syntax


```
GET /v20180820/accessgrantsinstance/caller/grants?allowedByApplication=AllowedByApplication&grantscope=GrantScope&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [allowedByApplication](#API_control_ListCallerAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-request-uri-querystring-AllowedByApplication"></a>
If this optional parameter is passed in the request, a filter is applied to the results. The results will include only the access grants for the caller's Identity Center application or for any other applications (`ALL`).

 ** [grantscope](#API_control_ListCallerAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-request-uri-querystring-GrantScope"></a>
The S3 path of the data that you would like to access. Must start with `s3://`. You can optionally pass only the beginning characters of a path, and S3 Access Grants will search for all applicable grants for the path fragment.   
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

 ** [maxResults](#API_control_ListCallerAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-request-uri-querystring-MaxResults"></a>
The maximum number of access grants that you would like returned in the `List Caller Access Grants` response. If the results include the pagination token `NextToken`, make another call using the `NextToken` to determine if there are more results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListCallerAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-request-uri-querystring-NextToken"></a>
A pagination token to request the next page of results. Pass this value into a subsequent `List Caller Access Grants` request in order to retrieve the next page of results.

 ** [x-amz-account-id](#API_control_ListCallerAccessGrants_RequestSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-request-header-AccountId"></a>
The Amazon Web Services account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListCallerAccessGrantsResult>
   <NextToken>string</NextToken>
   <CallerAccessGrantsList>
      <AccessGrant>
         <ApplicationArn>string</ApplicationArn>
         <GrantScope>string</GrantScope>
         <Permission>string</Permission>
      </AccessGrant>
   </CallerAccessGrantsList>
</ListCallerAccessGrantsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListCallerAccessGrantsResult](#API_control_ListCallerAccessGrants_ResponseSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-response-ListCallerAccessGrantsResult"></a>
Root level tag for the ListCallerAccessGrantsResult parameters.  
Required: Yes

 ** [CallerAccessGrantsList](#API_control_ListCallerAccessGrants_ResponseSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-response-CallerAccessGrantsList"></a>
A list of the caller's access grants that were created using S3 Access Grants and that grant the caller access to the S3 data of the Amazon Web Services account ID that was specified in the request.   
Type: Array of [ListCallerAccessGrantsEntry](API_control_ListCallerAccessGrantsEntry.md) data types

 ** [NextToken](#API_control_ListCallerAccessGrants_ResponseSyntax) **   <a name="AmazonS3-control_ListCallerAccessGrants-response-NextToken"></a>
A pagination token that you can use to request the next page of results. Pass this value into a subsequent `List Caller Access Grants` request in order to retrieve the next page of results.  
Type: String

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListCallerAccessGrants) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListCallerAccessGrants) 

# ListJobs


Lists current S3 Batch Operations jobs as well as the jobs that have ended within the last 90 days for the Amazon Web Services account making the request. For more information, see [S3 Batch Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `ListJobs` operation, you must have permission to perform the `s3:ListJobs` action.

Related actions include:


+  [CreateJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [DescribeJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [UpdateJobPriority](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobPriority.html) 
+  [UpdateJobStatus](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
GET /v20180820/jobs?jobStatuses=JobStatuses&maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [jobStatuses](#API_control_ListJobs_RequestSyntax) **   <a name="AmazonS3-control_ListJobs-request-uri-querystring-JobStatuses"></a>
The `List Jobs` request returns jobs that match the statuses listed in this element.  
Valid Values: `Active | Cancelled | Cancelling | Complete | Completing | Failed | Failing | New | Paused | Pausing | Preparing | Ready | Suspended` 

 ** [maxResults](#API_control_ListJobs_RequestSyntax) **   <a name="AmazonS3-control_ListJobs-request-uri-querystring-MaxResults"></a>
The maximum number of jobs that Amazon S3 will include in the `List Jobs` response. If there are more jobs than this number, the response will include a pagination token in the `NextToken` field to enable you to retrieve the next page of results.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListJobs_RequestSyntax) **   <a name="AmazonS3-control_ListJobs-request-uri-querystring-NextToken"></a>
A pagination token to request the next page of results. Use the token that Amazon S3 returned in the `NextToken` element of the `ListJobsResult` from the previous `List Jobs` request.  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

 ** [x-amz-account-id](#API_control_ListJobs_RequestSyntax) **   <a name="AmazonS3-control_ListJobs-request-header-AccountId"></a>
The Amazon Web Services account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListJobsResult>
   <NextToken>string</NextToken>
   <Jobs>
      <JobListDescriptor>
         <CreationTime>timestamp</CreationTime>
         <Description>string</Description>
         <JobId>string</JobId>
         <Operation>string</Operation>
         <Priority>integer</Priority>
         <ProgressSummary>
            <NumberOfTasksFailed>long</NumberOfTasksFailed>
            <NumberOfTasksSucceeded>long</NumberOfTasksSucceeded>
            <Timers>
               <ElapsedTimeInActiveSeconds>long</ElapsedTimeInActiveSeconds>
            </Timers>
            <TotalNumberOfTasks>long</TotalNumberOfTasks>
         </ProgressSummary>
         <Status>string</Status>
         <TerminationDate>timestamp</TerminationDate>
      </JobListDescriptor>
   </Jobs>
</ListJobsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListJobsResult](#API_control_ListJobs_ResponseSyntax) **   <a name="AmazonS3-control_ListJobs-response-ListJobsResult"></a>
Root level tag for the ListJobsResult parameters.  
Required: Yes

 ** [Jobs](#API_control_ListJobs_ResponseSyntax) **   <a name="AmazonS3-control_ListJobs-response-Jobs"></a>
The list of current jobs and jobs that have ended within the last 30 days.  
Type: Array of [JobListDescriptor](API_control_JobListDescriptor.md) data types

 ** [NextToken](#API_control_ListJobs_ResponseSyntax) **   <a name="AmazonS3-control_ListJobs-response-NextToken"></a>
If the `List Jobs` request produced more than the maximum number of results, you can pass this value into a subsequent `List Jobs` request in order to retrieve the next page of results.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `^[A-Za-z0-9\+\:\/\=\?\#-_]+$` 

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** InvalidNextTokenException **   
  
HTTP Status Code: 400

 ** InvalidRequestException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListJobs) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListJobs) 

# ListMultiRegionAccessPoints


**Note**  
This operation is not supported by directory buckets.

Returns a list of the Multi-Region Access Points currently associated with the specified Amazon account. Each call can return up to 100 Multi-Region Access Points, the maximum number of Multi-Region Access Points that can be associated with a single account.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `ListMultiRegionAccessPoint`:
+  [CreateMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html) 
+  [DeleteMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html) 
+  [DescribeMultiRegionAccessPointOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) 
+  [GetMultiRegionAccessPoint](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html) 

## Request Syntax


```
GET /v20180820/mrap/instances?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListMultiRegionAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListMultiRegionAccessPoints-request-uri-querystring-MaxResults"></a>
Not currently used. Do not use this parameter.  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListMultiRegionAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListMultiRegionAccessPoints-request-uri-querystring-NextToken"></a>
Not currently used. Do not use this parameter.  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListMultiRegionAccessPoints_RequestSyntax) **   <a name="AmazonS3-control_ListMultiRegionAccessPoints-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListMultiRegionAccessPointsResult>
   <AccessPoints>
      <AccessPoint>
         <Alias>string</Alias>
         <CreatedAt>timestamp</CreatedAt>
         <Name>string</Name>
         <PublicAccessBlock>
            <BlockPublicAcls>boolean</BlockPublicAcls>
            <BlockPublicPolicy>boolean</BlockPublicPolicy>
            <IgnorePublicAcls>boolean</IgnorePublicAcls>
            <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
         </PublicAccessBlock>
         <Regions>
            <Region>
               <Bucket>string</Bucket>
               <BucketAccountId>string</BucketAccountId>
               <Region>string</Region>
            </Region>
         </Regions>
         <Status>string</Status>
      </AccessPoint>
   </AccessPoints>
   <NextToken>string</NextToken>
</ListMultiRegionAccessPointsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListMultiRegionAccessPointsResult](#API_control_ListMultiRegionAccessPoints_ResponseSyntax) **   <a name="AmazonS3-control_ListMultiRegionAccessPoints-response-ListMultiRegionAccessPointsResult"></a>
Root level tag for the ListMultiRegionAccessPointsResult parameters.  
Required: Yes

 ** [AccessPoints](#API_control_ListMultiRegionAccessPoints_ResponseSyntax) **   <a name="AmazonS3-control_ListMultiRegionAccessPoints-response-AccessPoints"></a>
The list of Multi-Region Access Points associated with the user.  
Type: Array of [MultiRegionAccessPointReport](API_control_MultiRegionAccessPointReport.md) data types

 ** [NextToken](#API_control_ListMultiRegionAccessPoints_ResponseSyntax) **   <a name="AmazonS3-control_ListMultiRegionAccessPoints-response-NextToken"></a>
If the specified bucket has more Multi-Region Access Points than can be returned in one call to this action, this field contains a continuation token. You can use this token tin subsequent calls to this action to retrieve additional Multi-Region Access Points.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListMultiRegionAccessPoints) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListMultiRegionAccessPoints) 

# ListRegionalBuckets


**Note**  
This operation is not supported by directory buckets.

Returns a list of all Outposts buckets in an Outpost that are owned by the authenticated sender of the request. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and `x-amz-outpost-id` in your request, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListRegionalBuckets.html#API_control_ListRegionalBuckets_Examples) section.

## Request Syntax


```
GET /v20180820/bucket?maxResults=MaxResults&nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
x-amz-outpost-id: OutpostId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [maxResults](#API_control_ListRegionalBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListRegionalBuckets-request-uri-querystring-MaxResults"></a>
  
Valid Range: Minimum value of 0. Maximum value of 1000.

 ** [nextToken](#API_control_ListRegionalBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListRegionalBuckets-request-uri-querystring-NextToken"></a>
  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [x-amz-account-id](#API_control_ListRegionalBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListRegionalBuckets-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

 ** [x-amz-outpost-id](#API_control_ListRegionalBuckets_RequestSyntax) **   <a name="AmazonS3-control_ListRegionalBuckets-request-header-OutpostId"></a>
The ID of the Amazon Outposts resource.  
This ID is required by Amazon S3 on Outposts buckets.
Length Constraints: Minimum length of 1. Maximum length of 64.

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListRegionalBucketsResult>
   <RegionalBucketList>
      <RegionalBucket>
         <Bucket>string</Bucket>
         <BucketArn>string</BucketArn>
         <CreationDate>timestamp</CreationDate>
         <OutpostId>string</OutpostId>
         <PublicAccessBlockEnabled>boolean</PublicAccessBlockEnabled>
      </RegionalBucket>
   </RegionalBucketList>
   <NextToken>string</NextToken>
</ListRegionalBucketsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListRegionalBucketsResult](#API_control_ListRegionalBuckets_ResponseSyntax) **   <a name="AmazonS3-control_ListRegionalBuckets-response-ListRegionalBucketsResult"></a>
Root level tag for the ListRegionalBucketsResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListRegionalBuckets_ResponseSyntax) **   <a name="AmazonS3-control_ListRegionalBuckets-response-NextToken"></a>
 `NextToken` is sent when `isTruncated` is true, which means there are more buckets that can be listed. The next list requests to Amazon S3 can be continued with this `NextToken`. `NextToken` is obfuscated and is not a real key.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.

 ** [RegionalBucketList](#API_control_ListRegionalBuckets_ResponseSyntax) **   <a name="AmazonS3-control_ListRegionalBuckets-response-RegionalBucketList"></a>
  
Type: Array of [RegionalBucket](API_control_RegionalBucket.md) data types

## Examples


### Sample request to list an account's Outposts buckets


This request lists regional buckets.

```
            GET /v20180820/bucket HTTP /1.1            
            Host:s3-outposts.us-west-2.amazonaws.com
            Content-Length: 0
            x-amz-outpost-id: op-01ac5d28a6a232904
            x-amz-account-id: example-account-id
            Date: Wed, 01 Mar  2006 12:00:00 GMT
            Authorization: authorization string
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListRegionalBuckets) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListRegionalBuckets) 

# ListStorageLensConfigurations


**Note**  
This operation is not supported by directory buckets.

Gets a list of Amazon S3 Storage Lens configurations. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:ListStorageLensConfigurations` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
GET /v20180820/storagelens?nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [nextToken](#API_control_ListStorageLensConfigurations_RequestSyntax) **   <a name="AmazonS3-control_ListStorageLensConfigurations-request-uri-querystring-NextToken"></a>
A pagination token to request the next page of results.

 ** [x-amz-account-id](#API_control_ListStorageLensConfigurations_RequestSyntax) **   <a name="AmazonS3-control_ListStorageLensConfigurations-request-header-AccountId"></a>
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListStorageLensConfigurationsResult>
   <NextToken>string</NextToken>
   <StorageLensConfiguration>
      <HomeRegion>string</HomeRegion>
      <Id>string</Id>
      <IsEnabled>boolean</IsEnabled>
      <StorageLensArn>string</StorageLensArn>
   </StorageLensConfiguration>
   ...
</ListStorageLensConfigurationsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListStorageLensConfigurationsResult](#API_control_ListStorageLensConfigurations_ResponseSyntax) **   <a name="AmazonS3-control_ListStorageLensConfigurations-response-ListStorageLensConfigurationsResult"></a>
Root level tag for the ListStorageLensConfigurationsResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListStorageLensConfigurations_ResponseSyntax) **   <a name="AmazonS3-control_ListStorageLensConfigurations-response-NextToken"></a>
If the request produced more than the maximum number of S3 Storage Lens configuration results, you can pass this value into a subsequent request to retrieve the next page of results.  
Type: String

 ** [StorageLensConfiguration](#API_control_ListStorageLensConfigurations_ResponseSyntax) **   <a name="AmazonS3-control_ListStorageLensConfigurations-response-StorageLensConfigurationList"></a>
A list of S3 Storage Lens configurations.  
Type: Array of [ListStorageLensConfigurationEntry](API_control_ListStorageLensConfigurationEntry.md) data types

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListStorageLensConfigurations) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListStorageLensConfigurations) 

# ListStorageLensGroups


 Lists all the Storage Lens groups in the specified home Region. 

To use this operation, you must have the permission to perform the `s3:ListStorageLensGroups` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
GET /v20180820/storagelensgroup?nextToken=NextToken HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [nextToken](#API_control_ListStorageLensGroups_RequestSyntax) **   <a name="AmazonS3-control_ListStorageLensGroups-request-uri-querystring-NextToken"></a>
The token for the next set of results, or `null` if there are no more results. 

 ** [x-amz-account-id](#API_control_ListStorageLensGroups_RequestSyntax) **   <a name="AmazonS3-control_ListStorageLensGroups-request-header-AccountId"></a>
 The Amazon account ID that owns the Storage Lens groups.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListStorageLensGroupsResult>
   <NextToken>string</NextToken>
   <StorageLensGroup>
      <HomeRegion>string</HomeRegion>
      <Name>string</Name>
      <StorageLensGroupArn>string</StorageLensGroupArn>
   </StorageLensGroup>
   ...
</ListStorageLensGroupsResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListStorageLensGroupsResult](#API_control_ListStorageLensGroups_ResponseSyntax) **   <a name="AmazonS3-control_ListStorageLensGroups-response-ListStorageLensGroupsResult"></a>
Root level tag for the ListStorageLensGroupsResult parameters.  
Required: Yes

 ** [NextToken](#API_control_ListStorageLensGroups_ResponseSyntax) **   <a name="AmazonS3-control_ListStorageLensGroups-response-NextToken"></a>
 If `NextToken` is returned, there are more Storage Lens groups results available. The value of `NextToken` is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.   
Type: String

 ** [StorageLensGroup](#API_control_ListStorageLensGroups_ResponseSyntax) **   <a name="AmazonS3-control_ListStorageLensGroups-response-StorageLensGroupList"></a>
 The list of Storage Lens groups that exist in the specified home Region.   
Type: Array of [ListStorageLensGroupEntry](API_control_ListStorageLensGroupEntry.md) data types

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListStorageLensGroups) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListStorageLensGroups) 

# ListTagsForResource


This operation allows you to list all of the tags for a specified resource. Each tag is a label consisting of a key and value. Tags can help you organize, track costs for, and control access to resources. 

**Note**  
This operation is only supported for the following Amazon S3 resources:  
 [General purpose buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/buckets-tagging.html) 
 [Access Points for directory buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-db-tagging.html) 
 [Access Points for general purpose buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-tagging.html) 
 [Directory buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/directory-buckets-tagging.html) 
 [S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage-lens-groups.html) 
 [S3 Access Grants instances, registered locations, and grants](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-grants-tagging.html).

Permissions  
For general purpose buckets, access points for general purpose buckets, Storage Lens groups, and S3 Access Grants, you must have the `s3:ListTagsForResource` permission to use this operation. 

Directory bucket permissions  
For directory buckets, you must have the `s3express:ListTagsForResource` permission to use this operation. For more information about directory buckets policies and permissions, see [Identity and Access Management (IAM) for S3 Express One Zone](https://docs.amazonaws.cn/AmazonS3/latest/userguide/s3-express-permissions.html) in the *Amazon S3 User Guide*.

HTTP Host header syntax  
 **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`.

For information about S3 Tagging errors, see [List of Amazon S3 Tagging error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3TaggingErrorCodeList).

## Request Syntax


```
GET /v20180820/tags/resourceArn+ HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_control_ListTagsForResource_RequestSyntax) **   <a name="AmazonS3-control_ListTagsForResource-request-uri-uri-ResourceArn"></a>
 The Amazon Resource Name (ARN) of the S3 resource that you want to list tags for. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.   
Length Constraints: Maximum length of 1011.  
Pattern: `arn:[^:]+:s3(express)?:[^:].*`   
Required: Yes

 ** [x-amz-account-id](#API_control_ListTagsForResource_RequestSyntax) **   <a name="AmazonS3-control_ListTagsForResource-request-header-AccountId"></a>
 The Amazon Web Services account ID of the resource owner.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<ListTagsForResourceResult>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</ListTagsForResourceResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [ListTagsForResourceResult](#API_control_ListTagsForResource_ResponseSyntax) **   <a name="AmazonS3-control_ListTagsForResource-response-ListTagsForResourceResult"></a>
Root level tag for the ListTagsForResourceResult parameters.  
Required: Yes

 ** [Tags](#API_control_ListTagsForResource_ResponseSyntax) **   <a name="AmazonS3-control_ListTagsForResource-response-Tags"></a>
 The Amazon resource tags that are associated with the resource.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/ListTagsForResource) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/ListTagsForResource) 

# PutAccessGrantsInstanceResourcePolicy


Updates the resource policy of the S3 Access Grants instance. 

Permissions  
You must have the `s3:PutAccessGrantsInstanceResourcePolicy` permission to use this operation. 

## Request Syntax


```
PUT /v20180820/accessgrantsinstance/resourcepolicy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutAccessGrantsInstanceResourcePolicyRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Policy>string</Policy>
   <Organization>string</Organization>
</PutAccessGrantsInstanceResourcePolicyRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessGrantsInstanceResourcePolicyRequest](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-request-PutAccessGrantsInstanceResourcePolicyRequest"></a>
Root level tag for the PutAccessGrantsInstanceResourcePolicyRequest parameters.  
Required: Yes

 ** [Organization](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-request-Organization"></a>
The Organization of the resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 12. Maximum length of 34.  
Pattern: `^o-[a-z0-9]{10,32}$`   
Required: No

 ** [Policy](#API_control_PutAccessGrantsInstanceResourcePolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-request-Policy"></a>
The resource policy of the S3 Access Grants instance that you are updating.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 350000.  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<PutAccessGrantsInstanceResourcePolicyResult>
   <Policy>string</Policy>
   <Organization>string</Organization>
   <CreatedAt>timestamp</CreatedAt>
</PutAccessGrantsInstanceResourcePolicyResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [PutAccessGrantsInstanceResourcePolicyResult](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-response-PutAccessGrantsInstanceResourcePolicyResult"></a>
Root level tag for the PutAccessGrantsInstanceResourcePolicyResult parameters.  
Required: Yes

 ** [CreatedAt](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-response-CreatedAt"></a>
The date and time when you created the S3 Access Grants instance resource policy.   
Type: Timestamp

 ** [Organization](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-response-Organization"></a>
The Organization of the resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 12. Maximum length of 34.  
Pattern: `^o-[a-z0-9]{10,32}$` 

 ** [Policy](#API_control_PutAccessGrantsInstanceResourcePolicy_ResponseSyntax) **   <a name="AmazonS3-control_PutAccessGrantsInstanceResourcePolicy-response-Policy"></a>
The updated resource policy of the S3 Access Grants instance.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 350000.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicy) 

# PutAccessPointConfigurationForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Replaces configuration for an Object Lambda Access Point.

The following actions are related to `PutAccessPointConfigurationForObjectLambda`:
+  [GetAccessPointConfigurationForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointConfigurationForObjectLambda.html) 

## Request Syntax


```
PUT /v20180820/accesspointforobjectlambda/name/configuration HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutAccessPointConfigurationForObjectLambdaRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Configuration>
      <AllowedFeatures>
         <AllowedFeature>string</AllowedFeature>
      </AllowedFeatures>
      <CloudWatchMetricsEnabled>boolean</CloudWatchMetricsEnabled>
      <SupportingAccessPoint>string</SupportingAccessPoint>
      <TransformationConfigurations>
         <TransformationConfiguration>
            <Actions>
               <Action>string</Action>
            </Actions>
            <ContentTransformation>
               <AwsLambda>
                  <FunctionArn>string</FunctionArn>
                  <FunctionPayload>string</FunctionPayload>
               </AwsLambda>
            </ContentTransformation>
         </TransformationConfiguration>
      </TransformationConfigurations>
   </Configuration>
</PutAccessPointConfigurationForObjectLambdaRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointConfigurationForObjectLambda-request-uri-uri-Name"></a>
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointConfigurationForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointConfigurationForObjectLambdaRequest](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointConfigurationForObjectLambda-request-PutAccessPointConfigurationForObjectLambdaRequest"></a>
Root level tag for the PutAccessPointConfigurationForObjectLambdaRequest parameters.  
Required: Yes

 ** [Configuration](#API_control_PutAccessPointConfigurationForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointConfigurationForObjectLambda-request-Configuration"></a>
Object Lambda Access Point configuration document.  
Type: [ObjectLambdaConfiguration](API_control_ObjectLambdaConfiguration.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambda) 

# PutAccessPointPolicy


Associates an access policy with the specified access point. Each access point can have only one policy, so a request made to this API replaces any existing policy associated with the specified access point.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html#API_control_PutAccessPointPolicy_Examples) section.

The following actions are related to `PutAccessPointPolicy`:
+  [GetAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html) 
+  [DeleteAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html) 

## Request Syntax


```
PUT /v20180820/accesspoint/name/policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutAccessPointPolicyRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Policy>string</Policy>
</PutAccessPointPolicyRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicy-request-uri-uri-Name"></a>
The name of the access point that you want to associate with the specified policy.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the access point accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>`. For example, to access the access point `reports-ap` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicy-request-header-AccountId"></a>
The Amazon Web Services account ID for owner of the bucket associated with the specified access point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointPolicyRequest](#API_control_PutAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicy-request-PutAccessPointPolicyRequest"></a>
Root level tag for the PutAccessPointPolicyRequest parameters.  
Required: Yes

 ** [Policy](#API_control_PutAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicy-request-Policy"></a>
The policy that you want to apply to the specified access point. For more information about access point policies, see [Managing data access with Amazon S3 access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points.html) or [Managing access to shared datasets in directory buckets with access points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-directory-buckets.html) in the *Amazon S3 User Guide*.  
Type: String  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request syntax for the PutAccessPointPolicy action for Amazon S3 on Outposts access point


This example illustrates one usage of PutAccessPointPolicy.

```
           PUT /v20180820/accesspoint/example-access-point/policy HTTP/1.1
           Host: s3-outposts.<Region>.amazonaws.com
           Date: Wed, 28 Oct 2020 22:32:00 GMT
           Authorization: authorization string
           x-amz-account-id: example-account-id
           x-amz-outpost-id: op-01ac5d28a6a232904
           <?xml version="1.0" encoding="UTF-8"?>
               <PutAccessPointPolicyRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
                  <Policy>
{
   "Version":"2012-10-17",		 	 	 
   "Id":"AccessPointPolicy-for-example-access-point",
   "Statement":[
      {
         "Sid":"st1",
         "Effect":"Allow",
         "Principal":{
            "AWS":"example-account-id"
         },
         "Action":"s3-outposts:*",
         "Resource":"arn:aws:s3-outposts:your-Region:example-account-id:outpost/op-01ac5d28a6a232904/accesspoint/example-access-point
      }
   ]
}
                  </Policy>
               </PutAccessPointPolicyRequest>
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutAccessPointPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointPolicy) 

# PutAccessPointPolicyForObjectLambda


**Note**  
This operation is not supported by directory buckets.

Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see [Creating Object Lambda Access Points](https://docs.amazonaws.cn/AmazonS3/latest/userguide/olap-create.html#olap-create-cli) in the *Amazon S3 User Guide*.

The following actions are related to `PutAccessPointPolicyForObjectLambda`:
+  [DeleteAccessPointPolicyForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteAccessPointPolicyForObjectLambda.html) 
+  [GetAccessPointPolicyForObjectLambda](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetAccessPointPolicyForObjectLambda.html) 

## Request Syntax


```
PUT /v20180820/accesspointforobjectlambda/name/policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutAccessPointPolicyForObjectLambdaRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Policy>string</Policy>
</PutAccessPointPolicyForObjectLambdaRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicyForObjectLambda-request-uri-uri-Name"></a>
The name of the Object Lambda Access Point.  
Length Constraints: Minimum length of 3. Maximum length of 45.  
Pattern: `^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicyForObjectLambda-request-header-AccountId"></a>
The account ID for the account that owns the specified Object Lambda Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointPolicyForObjectLambdaRequest](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicyForObjectLambda-request-PutAccessPointPolicyForObjectLambdaRequest"></a>
Root level tag for the PutAccessPointPolicyForObjectLambdaRequest parameters.  
Required: Yes

 ** [Policy](#API_control_PutAccessPointPolicyForObjectLambda_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointPolicyForObjectLambda-request-Policy"></a>
Object Lambda Access Point resource policy document.  
Type: String  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample resource policy


The following illustrates a sample resource policy.

```
{
    "Version" : "2008-10-17",		 	 	 
    "Statement":[{
        "Sid": "Grant account 123456789012 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::123456789012:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        },
        {
        "Sid": "Grant account 444455556666 GetObject access",
        "Effect":"Allow",
        "Principal" : {
            "AWS": "arn:aws:iam::444455556666:root"
        },
        "Action":["s3-object-lambda:GetObject"],
        "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"]
        }
    ]
}
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointPolicyForObjectLambda) 

# PutAccessPointScope


Creates or replaces the access point scope for a directory bucket. You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.

**Note**  
You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.

To use this operation, you must have the permission to perform the `s3express:PutAccessPointScope` action.

For information about REST API errors, see [REST error responses](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses).

## Request Syntax


```
PUT /v20180820/accesspoint/name/scope HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutAccessPointScopeRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Scope>
      <Permissions>
         <Permission>string</Permission>
      </Permissions>
      <Prefixes>
         <Prefix>string</Prefix>
      </Prefixes>
   </Scope>
</PutAccessPointScopeRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointScope-request-uri-uri-Name"></a>
The name of the access point with the scope that you want to create or replace.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointScope-request-header-AccountId"></a>
 The Amazon account ID that owns the access point with scope that you want to create or replace.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutAccessPointScopeRequest](#API_control_PutAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointScope-request-PutAccessPointScopeRequest"></a>
Root level tag for the PutAccessPointScopeRequest parameters.  
Required: Yes

 ** [Scope](#API_control_PutAccessPointScope_RequestSyntax) **   <a name="AmazonS3-control_PutAccessPointScope-request-Scope"></a>
Object prefixes, API operations, or a combination of both.  
Type: [Scope](API_control_Scope.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutAccessPointScope) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutAccessPointScope) 

# PutBucketLifecycleConfiguration


**Note**  
This action puts a lifecycle configuration to an Amazon S3 on Outposts bucket. To put a lifecycle configuration to an S3 bucket, see [PutBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) in the *Amazon S3 API Reference*. 

Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.



All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html#API_control_PutBucketLifecycleConfiguration_Examples) section.

The following actions are related to `PutBucketLifecycleConfiguration`:
+  [GetBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 
+  [DeleteBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketLifecycleConfiguration.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/lifecycleconfiguration HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<LifecycleConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Rules>
      <Rule>
         <AbortIncompleteMultipartUpload>
            <DaysAfterInitiation>integer</DaysAfterInitiation>
         </AbortIncompleteMultipartUpload>
         <Expiration>
            <Date>timestamp</Date>
            <Days>integer</Days>
            <ExpiredObjectDeleteMarker>boolean</ExpiredObjectDeleteMarker>
         </Expiration>
         <Filter>
            <And>
               <ObjectSizeGreaterThan>long</ObjectSizeGreaterThan>
               <ObjectSizeLessThan>long</ObjectSizeLessThan>
               <Prefix>string</Prefix>
               <Tags>
                  <S3Tag>
                     <Key>string</Key>
                     <Value>string</Value>
                  </S3Tag>
               </Tags>
            </And>
            <ObjectSizeGreaterThan>long</ObjectSizeGreaterThan>
            <ObjectSizeLessThan>long</ObjectSizeLessThan>
            <Prefix>string</Prefix>
            <Tag>
               <Key>string</Key>
               <Value>string</Value>
            </Tag>
         </Filter>
         <ID>string</ID>
         <NoncurrentVersionExpiration>
            <NewerNoncurrentVersions>integer</NewerNoncurrentVersions>
            <NoncurrentDays>integer</NoncurrentDays>
         </NoncurrentVersionExpiration>
         <NoncurrentVersionTransitions>
            <NoncurrentVersionTransition>
               <NoncurrentDays>integer</NoncurrentDays>
               <StorageClass>string</StorageClass>
            </NoncurrentVersionTransition>
         </NoncurrentVersionTransitions>
         <Status>string</Status>
         <Transitions>
            <Transition>
               <Date>timestamp</Date>
               <Days>integer</Days>
               <StorageClass>string</StorageClass>
            </Transition>
         </Transitions>
      </Rule>
   </Rules>
</LifecycleConfiguration>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutBucketLifecycleConfiguration-request-header-Bucket"></a>
The name of the bucket for which to set the configuration.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutBucketLifecycleConfiguration-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [LifecycleConfiguration](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutBucketLifecycleConfiguration-request-LifecycleConfiguration"></a>
Root level tag for the LifecycleConfiguration parameters.  
Required: Yes

 ** [Rules](#API_control_PutBucketLifecycleConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutBucketLifecycleConfiguration-request-Rules"></a>
A lifecycle rule for individual objects in an Outposts bucket.   
Type: Array of [LifecycleRule](API_control_LifecycleRule.md) data types  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample PutBucketLifecycleConfiguration request on an Amazon S3 on Outposts bucket


This request puts a lifecycle configuration on an Outposts bucket named `example-outpost-bucket`.

```
            PUT /v20180820/bucket/example-outpost-bucket/lifecycleconfiguration HTTP/1.1
            Host:s3-outposts.<Region>.amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Content-Length: 0
            Date: Wed, 01 Mar  2006 12:00:00 GMT
            Content-MD5: q6yJDlIkcBaGGfb3QLY69A==
            Authorization: authorization string
            Content-Length: 214
            
            <LifecycleConfiguration>
              <Rule>
                <ID>id2</ID>
                <Filter>
                   <Prefix>logs/</Prefix>
                </Filter>
                <Status>Enabled</Status>
                <Expiration>
                  <Days>365</Days>
                </Expiration>
              </Rule>
            </LifecycleConfiguration>
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketLifecycleConfiguration) 

# PutBucketPolicy


**Note**  
This action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see [PutBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_PutBucketPolicy.html) in the *Amazon S3 API Reference*. 

Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the `PutBucketPolicy` permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this action.

If you don't have `PutBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error.

**Important**  
 As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action. 

For more information about bucket policies, see [Using Bucket Policies and User Policies](https://docs.amazonaws.cn/AmazonS3/latest/dev/using-iam-policies.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketPolicy.html#API_control_PutBucketPolicy_Examples) section.

The following actions are related to `PutBucketPolicy`:
+  [GetBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketPolicy.html) 
+  [DeleteBucketPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/policy HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
x-amz-confirm-remove-self-bucket-access: ConfirmRemoveSelfBucketAccess
<?xml version="1.0" encoding="UTF-8"?>
<PutBucketPolicyRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Policy>string</Policy>
</PutBucketPolicyRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutBucketPolicy-request-header-Bucket"></a>
Specifies the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutBucketPolicy-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

 ** [x-amz-confirm-remove-self-bucket-access](#API_control_PutBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutBucketPolicy-request-header-ConfirmRemoveSelfBucketAccess"></a>
Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future.  
This is not supported by Amazon S3 on Outposts buckets.

## Request Body


The request accepts the following data in XML format.

 ** [PutBucketPolicyRequest](#API_control_PutBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutBucketPolicy-request-PutBucketPolicyRequest"></a>
Root level tag for the PutBucketPolicyRequest parameters.  
Required: Yes

 ** [Policy](#API_control_PutBucketPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutBucketPolicy-request-Policy"></a>
The bucket policy as a JSON document.  
Type: String  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request for putting a bucket policy in an Amazon S3 on Outposts bucket


The following request shows the PUT an individual policy request for the Outposts bucket `example-outpost-bucket`.

```
PUT v20180820/bucket/example-outpost-bucket/policy HTTP/1.1
Host: s3-outposts.<Region>.amazonaws.com  
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Authorization: authorization string
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
{
   "Version":"2012-10-17",		 	 	 
   "Id":"exampleS3OnOutpostBucketPolicy",
   "Statement":[
      {
         "Sid":"st1",
         "Effect":"Allow",
         "Principal":{
            "AWS":"example-account-id"
         },
         "Action":"s3-outposts:*",
         "Resource":"arn:aws:s3-outposts:<your-region>:example-account-id:outpost/op-01ac5d28a6a232904/bucket/example-outpost-bucket"
      }
   ]
}
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutBucketPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketPolicy) 

# PutBucketReplication


**Note**  
This action creates an Amazon S3 on Outposts bucket's replication configuration. To create an S3 bucket's replication configuration, see [PutBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_PutBucketReplication.html) in the *Amazon S3 API Reference*. 

Creates a replication configuration or replaces an existing one. For information about S3 replication on Outposts configuration, see [Replicating objects for S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsReplication.html) in the *Amazon S3 User Guide*.

**Note**  
It can take a while to propagate `PUT` or `DELETE` requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a `GET` request soon after a `PUT` or `DELETE` request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.

Specify the replication configuration in the request body. In the replication configuration, you provide the following information:
+ The name of the destination bucket or buckets where you want S3 on Outposts to replicate objects
+ The Amazon Identity and Access Management (IAM) role that S3 on Outposts can assume to replicate objects on your behalf
+ Other relevant information, such as replication rules

A replication configuration must include at least one rule and can contain a maximum of 100. Each rule identifies a subset of objects to replicate by filtering the objects in the source Outposts bucket. To choose additional subsets of objects to replicate, add a rule for each subset.

To specify a subset of the objects in the source Outposts bucket to apply a replication rule to, add the `Filter` element as a child of the `Rule` element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add the `Filter` element in the configuration, you must also add the following elements: `DeleteMarkerReplication`, `Status`, and `Priority`.

Using `PutBucketReplication` on Outposts requires that both the source and destination buckets must have versioning enabled. For information about enabling versioning on a bucket, see [Managing S3 Versioning for your S3 on Outposts bucket](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsManagingVersioning.html).

For information about S3 on Outposts replication failure reasons, see [Replication failure reasons](https://docs.amazonaws.cn/AmazonS3/latest/userguide/outposts-replication-eventbridge.html#outposts-replication-failure-codes) in the *Amazon S3 User Guide*.

 **Handling Replication of Encrypted Objects** 

Outposts buckets are encrypted at all times. All the objects in the source Outposts bucket are encrypted and can be replicated. Also, all the replicas in the destination Outposts bucket are encrypted with the same encryption key as the objects in the source Outposts bucket.

 **Permissions** 

To create a `PutBucketReplication` request, you must have `s3-outposts:PutReplicationConfiguration` permissions for the bucket. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see [Setting up IAM with S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsIAM.html) and [Managing access to S3 on Outposts buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsBucketPolicy.html). 

**Note**  
To perform this operation, the user or role must also have the `iam:CreateRole` and `iam:PassRole` permissions. For more information, see [Granting a user permissions to pass a role to an Amazon service](https://docs.amazonaws.cn/IAM/latest/UserGuide/id_roles_use_passrole.html).

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketReplication.html#API_control_PutBucketReplication_Examples) section.

The following operations are related to `PutBucketReplication`:
+  [GetBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketReplication.html) 
+  [DeleteBucketReplication](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketReplication.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/replication HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<ReplicationConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Role>string</Role>
   <Rules>
      <Rule>
         <Bucket>string</Bucket>
         <DeleteMarkerReplication>
            <Status>string</Status>
         </DeleteMarkerReplication>
         <Destination>
            <AccessControlTranslation>
               <Owner>string</Owner>
            </AccessControlTranslation>
            <Account>string</Account>
            <Bucket>string</Bucket>
            <EncryptionConfiguration>
               <ReplicaKmsKeyID>string</ReplicaKmsKeyID>
            </EncryptionConfiguration>
            <Metrics>
               <EventThreshold>
                  <Minutes>integer</Minutes>
               </EventThreshold>
               <Status>string</Status>
            </Metrics>
            <ReplicationTime>
               <Status>string</Status>
               <Time>
                  <Minutes>integer</Minutes>
               </Time>
            </ReplicationTime>
            <StorageClass>string</StorageClass>
         </Destination>
         <ExistingObjectReplication>
            <Status>string</Status>
         </ExistingObjectReplication>
         <Filter>
            <And>
               <Prefix>string</Prefix>
               <Tags>
                  <S3Tag>
                     <Key>string</Key>
                     <Value>string</Value>
                  </S3Tag>
               </Tags>
            </And>
            <Prefix>string</Prefix>
            <Tag>
               <Key>string</Key>
               <Value>string</Value>
            </Tag>
         </Filter>
         <ID>string</ID>
         <Prefix>string</Prefix>
         <Priority>integer</Priority>
         <SourceSelectionCriteria>
            <ReplicaModifications>
               <Status>string</Status>
            </ReplicaModifications>
            <SseKmsEncryptedObjects>
               <Status>string</Status>
            </SseKmsEncryptedObjects>
         </SourceSelectionCriteria>
         <Status>string</Status>
      </Rule>
   </Rules>
</ReplicationConfiguration>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_PutBucketReplication-request-header-Bucket"></a>
Specifies the S3 on Outposts bucket to set the configuration for.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_PutBucketReplication-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [ReplicationConfiguration](#API_control_PutBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_PutBucketReplication-request-ReplicationConfiguration"></a>
Root level tag for the ReplicationConfiguration parameters.  
Required: Yes

 ** [Role](#API_control_PutBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_PutBucketReplication-request-Role"></a>
The Amazon Resource Name (ARN) of the Amazon Identity and Access Management (IAM) role that S3 on Outposts assumes when replicating objects. For information about S3 replication on Outposts configuration, see [Setting up replication](https://docs.amazonaws.cn/AmazonS3/latest/userguide/outposts-replication-how-setup.html) in the *Amazon S3 User Guide*.  
Type: String  
Required: Yes

 ** [Rules](#API_control_PutBucketReplication_RequestSyntax) **   <a name="AmazonS3-control_PutBucketReplication-request-Rules"></a>
A container for one or more replication rules. A replication configuration must have at least one rule and can contain an array of 100 rules at the most.   
Type: Array of [ReplicationRule](API_control_ReplicationRule.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample Request: Add a replication configuration to an Amazon S3 on Outposts bucket


The following sample `PUT` request creates a replication subresource on the specified Outposts bucket named `example-outpost-bucket` and saves the replication configuration in it. The replication configuration specifies a rule to replicate objects to the `example-outpost-bucket` bucket. The rule includes a filter to replicate only the objects that are created with the key name prefix `TaxDocs` and that have two specific tags.

After you add a replication configuration to your Outposts bucket, S3 on Outposts assumes the Amazon Identity and Access Management (IAM) role that's specified in the configuration to replicate objects on behalf of the Outposts bucket owner. The bucket owner is the Amazon Web Services account that created the Outposts bucket.

Filtering by using the `Filter` element is supported in the latest XML configuration. The earlier version of the XML configuration isn't supported.

For more examples of S3 replication on Outposts configuration, see [Creating replication rules on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/replication-between-outposts.html) in the *Amazon S3 User Guide*.

```
PUT /v20180820/bucket/example-outpost-bucket/replication HTTP/1.1
Host:s3-outposts.<Region>.amazonaws.com
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
Authorization: authorization string


<ReplicationConfiguration>
  <Role>arn:aws:iam::35667example:role/ReplicationRoleForS3Outposts</Role>
  <Rules>
   <Rule>
      <Bucket>arn:aws:s3-outposts:us-east-1:example-account-id:outpost/SOURCE-OUTPOST-ID/accesspoint/SOURCE-OUTPOSTS-BUCKET-ACCESS-POINT</Bucket>
      <ID>rule1</ID>
      <Status>Enabled</Status>
      <Priority>1</Priority>
      <DeleteMarkerReplication>
         <Status>Disabled</Status>
      </DeleteMarkerReplication>
      <Filter>
         <And>
            <Prefix>TaxDocs</Prefix>
            <Tag>
               <Key>key1</Key>
               <Value>value1</Value>
            </Tag>
            <Tag>
               <Key>key2</Key>
               <Value>value2</Value>
            </Tag>
         </And>
      </Filter>
      <Destination>
         <Bucket>arn:aws:s3-outposts:us-east-1:example-account-id:outpost/DESTINATION-OUTPOST-ID/accesspoint/DESTINATION-OUTPOSTS-BUCKET-ACCESS-POINT</Bucket>
      </Destination>
   </Rule>
  </Rules> 
</ReplicationConfiguration>
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutBucketReplication) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketReplication) 

# PutBucketTagging


**Note**  
This action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see [PutBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_PutBucketTagging.html) in the *Amazon S3 API Reference*. 

Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3onOutposts.html) in the *Amazon S3 User Guide*.

Use tags to organize your Amazon bill to reflect your own cost structure. To do this, sign up to get your Amazon Web Services account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tagging](https://docs.amazonaws.cn/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html).

**Note**  
Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [ Using cost allocation in Amazon S3 bucket tags](https://docs.amazonaws.cn/AmazonS3/latest/userguide/CostAllocTagging.html).

To use this action, you must have permissions to perform the `s3-outposts:PutBucketTagging` action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [ Permissions Related to Bucket Subresource Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.amazonaws.cn/AmazonS3/latest/userguide/s3-access-control.html).

 `PutBucketTagging` has the following special errors:
+ Error code: `InvalidTagError` 
  + Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For information about tag restrictions, see [ User-Defined Tag Restrictions](https://docs.amazonaws.cn/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) and [Amazon-Generated Cost Allocation Tag Restrictions](https://docs.amazonaws.cn/awsaccountbilling/latest/aboutv2/aws-tag-restrictions.html).
+ Error code: `MalformedXMLError` 
  + Description: The XML provided does not match the schema.
+ Error code: `OperationAbortedError ` 
  + Description: A conflicting conditional action is currently in progress against this resource. Try again.
+ Error code: `InternalError` 
  + Description: The service was unable to apply the provided tag to the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketTagging.html#API_control_PutBucketTagging_Examples) section.

The following actions are related to `PutBucketTagging`:
+  [GetBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketTagging.html) 
+  [DeleteBucketTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteBucketTagging.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/tagging HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<Tagging xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <TagSet>
      <S3Tag>
         <Key>string</Key>
         <Value>string</Value>
      </S3Tag>
   </TagSet>
</Tagging>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_PutBucketTagging-request-header-Bucket"></a>
The Amazon Resource Name (ARN) of the bucket.  
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.  
For using this parameter with S3 on Outposts with the Amazon SDK and CLI, you must specify the ARN of the bucket accessed in the format `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>`. For example, to access the bucket `reports` through Outpost `my-outpost` owned by account `123456789012` in Region `us-west-2`, use the URL encoding of `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports`. The value must be URL encoded.   
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_PutBucketTagging-request-header-AccountId"></a>
The Amazon Web Services account ID of the Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [Tagging](#API_control_PutBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_PutBucketTagging-request-Tagging"></a>
Root level tag for the Tagging parameters.  
Required: Yes

 ** [TagSet](#API_control_PutBucketTagging_RequestSyntax) **   <a name="AmazonS3-control_PutBucketTagging-request-TagSet"></a>
A collection for a set of tags.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request: Add tag set to an Amazon S3 on Outposts bucket


The following request adds a tag set to the existing `example-outpost-bucket` bucket.

```
PUT v20180820/bucket/example-outpost-bucket/tagging HTTP/1.1
Host: s3-outposts.<Region>.amazonaws.com
Content-Length: 1660
x-amz-date: Thu, 12 Nov 2020 20:04:21 GMT
x-amz-account-id: example-account-id
x-amz-outpost-id: op-01ac5d28a6a232904
Authorization: authorization string

<Tagging>
  <TagSet>
    <Tag>
      <Key>Project</Key>
      <Value>Project One</Value>
    </Tag>
    <Tag>
      <Key>User</Key>
      <Value>jsmith</Value>
    </Tag>
  </TagSet>
</Tagging>
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutBucketTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketTagging) 

# PutBucketVersioning


**Note**  
This operation sets the versioning state for S3 on Outposts buckets only. To set the versioning state for an S3 bucket, see [PutBucketVersioning](https://docs.amazonaws.cn/AmazonS3/latest/API/API_PutBucketVersioning.html) in the *Amazon S3 API Reference*. 

Sets the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures.

You can set the versioning state to one of the following:
+  **Enabled** - Enables versioning for the objects in the bucket. All objects added to the bucket receive a unique version ID.
+  **Suspended** - Suspends versioning for the objects in the bucket. All objects added to the bucket receive the version ID `null`.

If you've never set versioning on your bucket, it has no versioning state. In that case, a [ GetBucketVersioning](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketVersioning.html) request does not return a versioning state value.

When you enable S3 Versioning, for each object in your bucket, you have a current version and zero or more noncurrent versions. You can configure your bucket S3 Lifecycle rules to expire noncurrent versions after a specified time period. For more information, see [ Creating and managing a lifecycle configuration for your S3 on Outposts bucket](https://docs.amazonaws.cn/AmazonS3/latest/userguide/S3OutpostsLifecycleManaging.html) in the *Amazon S3 User Guide*.

If you have an object expiration lifecycle configuration in your non-versioned bucket and you want to maintain the same permanent delete behavior when you enable versioning, you must add a noncurrent expiration policy. The noncurrent expiration lifecycle configuration will manage the deletes of the noncurrent object versions in the version-enabled bucket. For more information, see [Versioning](https://docs.amazonaws.cn/AmazonS3/latest/userguide/Versioning.html) in the *Amazon S3 User Guide*.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of `x-amz-outpost-id` to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of `s3-control`. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the `x-amz-outpost-id` derived by using the access point ARN, see the [Examples](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketVersioning.html#API_control_PutBucketVersioning_Examples) section.

The following operations are related to `PutBucketVersioning` for S3 on Outposts.
+  [GetBucketVersioning](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketVersioning.html) 
+  [PutBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html) 
+  [GetBucketLifecycleConfiguration](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html) 

## Request Syntax


```
PUT /v20180820/bucket/name/versioning HTTP/1.1
Host: Bucket.s3-control.amazonaws.com
x-amz-account-id: AccountId
x-amz-mfa: MFA
<?xml version="1.0" encoding="UTF-8"?>
<VersioningConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <MfaDelete>string</MfaDelete>
   <Status>string</Status>
</VersioningConfiguration>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_PutBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_PutBucketVersioning-request-header-Bucket"></a>
The S3 on Outposts bucket to set the versioning state for.  
Length Constraints: Minimum length of 3. Maximum length of 255.  
Required: Yes

 ** [x-amz-account-id](#API_control_PutBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_PutBucketVersioning-request-header-AccountId"></a>
The Amazon Web Services account ID of the S3 on Outposts bucket.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

 ** [x-amz-mfa](#API_control_PutBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_PutBucketVersioning-request-header-MFA"></a>
The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.

## Request Body


The request accepts the following data in XML format.

 ** [VersioningConfiguration](#API_control_PutBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_PutBucketVersioning-request-VersioningConfiguration"></a>
Root level tag for the VersioningConfiguration parameters.  
Required: Yes

 ** [MFADelete](#API_control_PutBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_PutBucketVersioning-request-MFADelete"></a>
Specifies whether MFA delete is enabled or disabled in the bucket versioning configuration for the S3 on Outposts bucket.  
Type: String  
Valid Values: `Enabled | Disabled`   
Required: No

 ** [Status](#API_control_PutBucketVersioning_RequestSyntax) **   <a name="AmazonS3-control_PutBucketVersioning-request-Status"></a>
Sets the versioning state of the S3 on Outposts bucket.  
Type: String  
Valid Values: `Enabled | Suspended`   
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample PutBucketVersioning request on an Amazon S3 on Outposts bucket


This request sets the versioning state on an S3 on Outposts bucket that's named `example-outpost-bucket`.

```
            PUT /v20180820/bucket/example-outpost-bucket/?versioning HTTP/1.1
            Host:s3-outposts.region-code.amazonaws.com
            x-amz-account-id: example-account-id
            x-amz-outpost-id: op-01ac5d28a6a232904
            Content-Length: 0
            Date: Wed, 25 May  2022 12:00:00 GMT
            Content-MD5: q6yJDlIkcBaGGfb3QLY69A==
            Authorization: authorization string
            Content-Length: 214
            
           <VersioningConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> 
            <Status>Enabled</Status> 
           </VersioningConfiguration>
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutBucketVersioning) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutBucketVersioning) 

# PutJobTagging


Sets the supplied tag-set on an S3 Batch Operations job.

A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using [GetJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetJobTagging.html), modify that tag set, and use this operation to replace the tag set with the one you modified. For more information, see [Controlling access and labeling jobs using tags](https://docs.amazonaws.cn/AmazonS3/latest/dev/batch-ops-managing-jobs.html#batch-ops-job-tags) in the *Amazon S3 User Guide*. 

**Note**  
If you send this request with an empty tag set, Amazon S3 deletes the existing tag set on the Batch Operations job. If you use this method, you are charged for a Tier 1 Request (PUT). For more information, see [Amazon S3 pricing](http://www.amazonaws.cn/s3/pricing/).
For deleting existing tags for your Batch Operations job, a [DeleteJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteJobTagging.html) request is preferred because it achieves the same result without incurring charges.
A few things to consider about using tags:  
Amazon S3 limits the maximum number of tags to 50 tags per job.
You can associate up to 50 tags with a job as long as they have unique tag keys.
A tag key can be up to 128 Unicode characters in length, and tag values can be up to 256 Unicode characters in length.
The key and values are case sensitive.
For tagging-related restrictions related to characters and encodings, see [User-Defined Tag Restrictions](https://docs.amazonaws.cn/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) in the * Amazon Billing and Cost Management User Guide*.

Permissions  
To use the `PutJobTagging` operation, you must have permission to perform the `s3:PutJobTagging` action.

Related actions include:
+  [CreateJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [GetJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetJobTagging.html) 
+  [DeleteJobTagging](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeleteJobTagging.html) 

## Request Syntax


```
PUT /v20180820/jobs/id/tagging HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutJobTaggingRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Tags>
      <S3Tag>
         <Key>string</Key>
         <Value>string</Value>
      </S3Tag>
   </Tags>
</PutJobTaggingRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_PutJobTagging_RequestSyntax) **   <a name="AmazonS3-control_PutJobTagging-request-uri-uri-JobId"></a>
The ID for the S3 Batch Operations job whose tags you want to replace.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutJobTagging_RequestSyntax) **   <a name="AmazonS3-control_PutJobTagging-request-header-AccountId"></a>
The Amazon Web Services account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutJobTaggingRequest](#API_control_PutJobTagging_RequestSyntax) **   <a name="AmazonS3-control_PutJobTagging-request-PutJobTaggingRequest"></a>
Root level tag for the PutJobTaggingRequest parameters.  
Required: Yes

 ** [Tags](#API_control_PutJobTagging_RequestSyntax) **   <a name="AmazonS3-control_PutJobTagging-request-Tags"></a>
The set of tags to associate with the S3 Batch Operations job.  
Type: Array of [S3Tag](API_control_S3Tag.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors


 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

 ** TooManyTagsException **   
Amazon S3 throws this exception if you have too many tags in your tag set.  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutJobTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutJobTagging) 

# PutMultiRegionAccessPointPolicy


**Note**  
This operation is not supported by directory buckets.

Associates an access control policy with the specified Multi-Region Access Point. Each Multi-Region Access Point can have only one policy, so a request made to this action replaces any existing policy that is associated with the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see [Multi-Region Access Point restrictions and limitations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/MultiRegionAccessPointRestrictions.html) in the *Amazon S3 User Guide*.

The following actions are related to `PutMultiRegionAccessPointPolicy`:
+  [GetMultiRegionAccessPointPolicy](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicy.html) 
+  [GetMultiRegionAccessPointPolicyStatus](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicyStatus.html) 

## Request Syntax


```
POST /v20180820/async-requests/mrap/put-policy HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutMultiRegionAccessPointPolicyRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <ClientToken>string</ClientToken>
   <Details>
      <Name>string</Name>
      <Policy>string</Policy>
   </Details>
</PutMultiRegionAccessPointPolicyRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutMultiRegionAccessPointPolicy-request-header-AccountId"></a>
The Amazon account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutMultiRegionAccessPointPolicyRequest](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutMultiRegionAccessPointPolicy-request-PutMultiRegionAccessPointPolicyRequest"></a>
Root level tag for the PutMultiRegionAccessPointPolicyRequest parameters.  
Required: Yes

 ** [ClientToken](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutMultiRegionAccessPointPolicy-request-ClientToken"></a>
An idempotency token used to identify the request and guarantee that requests are unique.  
Type: String  
Length Constraints: Maximum length of 64.  
Pattern: `\S+`   
Required: Yes

 ** [Details](#API_control_PutMultiRegionAccessPointPolicy_RequestSyntax) **   <a name="AmazonS3-control_PutMultiRegionAccessPointPolicy-request-Details"></a>
A container element containing the details of the policy for the Multi-Region Access Point.  
Type: [PutMultiRegionAccessPointPolicyInput](API_control_PutMultiRegionAccessPointPolicyInput.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<PutMultiRegionAccessPointPolicyResult>
   <RequestTokenARN>string</RequestTokenARN>
</PutMultiRegionAccessPointPolicyResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [PutMultiRegionAccessPointPolicyResult](#API_control_PutMultiRegionAccessPointPolicy_ResponseSyntax) **   <a name="AmazonS3-control_PutMultiRegionAccessPointPolicy-response-PutMultiRegionAccessPointPolicyResult"></a>
Root level tag for the PutMultiRegionAccessPointPolicyResult parameters.  
Required: Yes

 ** [RequestTokenARN](#API_control_PutMultiRegionAccessPointPolicy_ResponseSyntax) **   <a name="AmazonS3-control_PutMultiRegionAccessPointPolicy-response-RequestTokenARN"></a>
The request token associated with the request. You can use this token with [DescribeMultiRegionAccessPointOperation](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html) to determine the status of asynchronous requests.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 1024.  
Pattern: `arn:.+` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutMultiRegionAccessPointPolicy) 

# PutPublicAccessBlock


**Note**  
This operation is not supported by directory buckets.

Creates or modifies the `PublicAccessBlock` configuration for an Amazon Web Services account. This operation may be restricted when the account is managed by organization-level Block Public Access policies. You might get an Access Denied (403) error when the account is managed by organization-level Block Public Access policies. Organization-level policies override account-level settings, preventing direct account-level modifications. For this operation, users must have the `s3:PutAccountPublicAccessBlock` permission. For more information, see [ Using Amazon S3 block public access](https://docs.amazonaws.cn/AmazonS3/latest/dev/access-control-block-public-access.html).

Related actions include:
+  [GetPublicAccessBlock](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_GetPublicAccessBlock.html) 
+  [DeletePublicAccessBlock](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DeletePublicAccessBlock.html) 

## Request Syntax


```
PUT /v20180820/configuration/publicAccessBlock HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PublicAccessBlockConfiguration xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <BlockPublicAcls>boolean</BlockPublicAcls>
   <IgnorePublicAcls>boolean</IgnorePublicAcls>
   <BlockPublicPolicy>boolean</BlockPublicPolicy>
   <RestrictPublicBuckets>boolean</RestrictPublicBuckets>
</PublicAccessBlockConfiguration>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [x-amz-account-id](#API_control_PutPublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_PutPublicAccessBlock-request-header-AccountId"></a>
The account ID for the Amazon Web Services account whose `PublicAccessBlock` configuration you want to set.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PublicAccessBlockConfiguration](#API_control_PutPublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_PutPublicAccessBlock-request-PublicAccessBlockConfiguration"></a>
Root level tag for the PublicAccessBlockConfiguration parameters.  
Required: Yes

 ** [BlockPublicAcls](#API_control_PutPublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_PutPublicAccessBlock-request-BlockPublicAcls"></a>
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:  
+  `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.
+ PUT Object calls fail if the request includes a public ACL.
+ PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

 ** [BlockPublicPolicy](#API_control_PutPublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_PutPublicAccessBlock-request-BlockPublicPolicy"></a>
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.   
Enabling this setting doesn't affect existing bucket policies.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

 ** [IgnorePublicAcls](#API_control_PutPublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_PutPublicAccessBlock-request-IgnorePublicAcls"></a>
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.   
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

 ** [RestrictPublicBuckets](#API_control_PutPublicAccessBlock_RequestSyntax) **   <a name="AmazonS3-control_PutPublicAccessBlock-request-RestrictPublicBuckets"></a>
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only Amazon Web Services service principals and authorized users within this account.  
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.  
This property is not supported for Amazon S3 on Outposts.  
Type: Boolean  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutPublicAccessBlock) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutPublicAccessBlock) 

# PutStorageLensConfiguration


**Note**  
This operation is not supported by directory buckets.

Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Working with Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*. For a complete list of S3 Storage Lens metrics, see [S3 Storage Lens metrics glossary](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage_lens_metrics_glossary.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:PutStorageLensConfiguration` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
PUT /v20180820/storagelens/storagelensid HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutStorageLensConfigurationRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <StorageLensConfiguration>
      <AccountLevel>
         <ActivityMetrics>
            <IsEnabled>boolean</IsEnabled>
         </ActivityMetrics>
         <AdvancedCostOptimizationMetrics>
            <IsEnabled>boolean</IsEnabled>
         </AdvancedCostOptimizationMetrics>
         <AdvancedDataProtectionMetrics>
            <IsEnabled>boolean</IsEnabled>
         </AdvancedDataProtectionMetrics>
         <AdvancedPerformanceMetrics>
            <IsEnabled>boolean</IsEnabled>
         </AdvancedPerformanceMetrics>
         <BucketLevel>
            <ActivityMetrics>
               <IsEnabled>boolean</IsEnabled>
            </ActivityMetrics>
            <AdvancedCostOptimizationMetrics>
               <IsEnabled>boolean</IsEnabled>
            </AdvancedCostOptimizationMetrics>
            <AdvancedDataProtectionMetrics>
               <IsEnabled>boolean</IsEnabled>
            </AdvancedDataProtectionMetrics>
            <AdvancedPerformanceMetrics>
               <IsEnabled>boolean</IsEnabled>
            </AdvancedPerformanceMetrics>
            <DetailedStatusCodesMetrics>
               <IsEnabled>boolean</IsEnabled>
            </DetailedStatusCodesMetrics>
            <PrefixLevel>
               <StorageMetrics>
                  <IsEnabled>boolean</IsEnabled>
                  <SelectionCriteria>
                     <Delimiter>string</Delimiter>
                     <MaxDepth>integer</MaxDepth>
                     <MinStorageBytesPercentage>double</MinStorageBytesPercentage>
                  </SelectionCriteria>
               </StorageMetrics>
            </PrefixLevel>
         </BucketLevel>
         <DetailedStatusCodesMetrics>
            <IsEnabled>boolean</IsEnabled>
         </DetailedStatusCodesMetrics>
         <StorageLensGroupLevel>
            <SelectionCriteria>
               <Exclude>
                  <Arn>string</Arn>
               </Exclude>
               <Include>
                  <Arn>string</Arn>
               </Include>
            </SelectionCriteria>
         </StorageLensGroupLevel>
      </AccountLevel>
      <AwsOrg>
         <Arn>string</Arn>
      </AwsOrg>
      <DataExport>
         <CloudWatchMetrics>
            <IsEnabled>boolean</IsEnabled>
         </CloudWatchMetrics>
         <S3BucketDestination>
            <AccountId>string</AccountId>
            <Arn>string</Arn>
            <Encryption>
               <SSE-KMS>
                  <KeyId>string</KeyId>
               </SSE-KMS>
               <SSE-S3>
               </SSE-S3>
            </Encryption>
            <Format>string</Format>
            <OutputSchemaVersion>string</OutputSchemaVersion>
            <Prefix>string</Prefix>
         </S3BucketDestination>
         <StorageLensTableDestination>
            <Encryption>
               <SSE-KMS>
                  <KeyId>string</KeyId>
               </SSE-KMS>
               <SSE-S3>
               </SSE-S3>
            </Encryption>
            <IsEnabled>boolean</IsEnabled>
         </StorageLensTableDestination>
      </DataExport>
      <Exclude>
         <Buckets>
            <Arn>string</Arn>
         </Buckets>
         <Regions>
            <Region>string</Region>
         </Regions>
      </Exclude>
      <ExpandedPrefixesDataExport>
         <S3BucketDestination>
            <AccountId>string</AccountId>
            <Arn>string</Arn>
            <Encryption>
               <SSE-KMS>
                  <KeyId>string</KeyId>
               </SSE-KMS>
               <SSE-S3>
               </SSE-S3>
            </Encryption>
            <Format>string</Format>
            <OutputSchemaVersion>string</OutputSchemaVersion>
            <Prefix>string</Prefix>
         </S3BucketDestination>
         <StorageLensTableDestination>
            <Encryption>
               <SSE-KMS>
                  <KeyId>string</KeyId>
               </SSE-KMS>
               <SSE-S3>
               </SSE-S3>
            </Encryption>
            <IsEnabled>boolean</IsEnabled>
         </StorageLensTableDestination>
      </ExpandedPrefixesDataExport>
      <Id>string</Id>
      <Include>
         <Buckets>
            <Arn>string</Arn>
         </Buckets>
         <Regions>
            <Region>string</Region>
         </Regions>
      </Include>
      <IsEnabled>boolean</IsEnabled>
      <PrefixDelimiter>string</PrefixDelimiter>
      <StorageLensArn>string</StorageLensArn>
   </StorageLensConfiguration>
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</PutStorageLensConfigurationRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_PutStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfiguration-request-uri-uri-ConfigId"></a>
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfiguration-request-header-AccountId"></a>
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutStorageLensConfigurationRequest](#API_control_PutStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfiguration-request-PutStorageLensConfigurationRequest"></a>
Root level tag for the PutStorageLensConfigurationRequest parameters.  
Required: Yes

 ** [StorageLensConfiguration](#API_control_PutStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfiguration-request-StorageLensConfiguration"></a>
The S3 Storage Lens configuration.  
Type: [StorageLensConfiguration](API_control_StorageLensConfiguration.md) data type  
Required: Yes

 ** [Tags](#API_control_PutStorageLensConfiguration_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfiguration-request-Tags"></a>
The tag set of the S3 Storage Lens configuration.  
You can set up to a maximum of 50 tags.
Type: Array of [StorageLensTag](API_control_StorageLensTag.md) data types  
Required: No

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutStorageLensConfiguration) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutStorageLensConfiguration) 

# PutStorageLensConfigurationTagging


**Note**  
This operation is not supported by directory buckets.

Put or replace tags on an existing Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see [Assessing your storage activity and usage with Amazon S3 Storage Lens ](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens.html) in the *Amazon S3 User Guide*.

**Note**  
To use this action, you must have permission to perform the `s3:PutStorageLensConfigurationTagging` action. For more information, see [Setting permissions to use Amazon S3 Storage Lens](https://docs.amazonaws.cn/AmazonS3/latest/dev/storage_lens_iam_permissions.html) in the *Amazon S3 User Guide*.

## Request Syntax


```
PUT /v20180820/storagelens/storagelensid/tagging HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<PutStorageLensConfigurationTaggingRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</PutStorageLensConfigurationTaggingRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [storagelensid](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfigurationTagging-request-uri-uri-ConfigId"></a>
The ID of the S3 Storage Lens configuration.  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_\.]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfigurationTagging-request-header-AccountId"></a>
The account ID of the requester.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [PutStorageLensConfigurationTaggingRequest](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfigurationTagging-request-PutStorageLensConfigurationTaggingRequest"></a>
Root level tag for the PutStorageLensConfigurationTaggingRequest parameters.  
Required: Yes

 ** [Tags](#API_control_PutStorageLensConfigurationTagging_RequestSyntax) **   <a name="AmazonS3-control_PutStorageLensConfigurationTagging-request-Tags"></a>
The tag set of the S3 Storage Lens configuration.  
You can set up to a maximum of 50 tags.
Type: Array of [StorageLensTag](API_control_StorageLensTag.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/PutStorageLensConfigurationTagging) 

# SubmitMultiRegionAccessPointRoutes


**Note**  
This operation is not supported by directory buckets.

Submits an updated route configuration for a Multi-Region Access Point. This API operation updates the routing status for the specified Regions from active to passive, or from passive to active. A value of `0` indicates a passive status, which means that traffic won't be routed to the specified Region. A value of `100` indicates an active status, which means that traffic will be routed to the specified Region. At least one Region must be active at all times.

When the routing configuration is changed, any in-progress operations (uploads, copies, deletes, and so on) to formerly active Regions will continue to run to their final completion state (success or failure). The routing configurations of any Regions that aren’t specified remain unchanged.

**Note**  
Updated routing configurations might not be immediately applied. It can take up to 2 minutes for your changes to take effect.

To submit routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:
+  `us-east-1` 
+  `us-west-2` 
+  `ap-southeast-2` 
+  `ap-northeast-1` 
+  `eu-west-1` 

## Request Syntax


```
PATCH /v20180820/mrap/instances/mrap+/routes HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<SubmitMultiRegionAccessPointRoutesRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <RouteUpdates>
      <Route>
         <Bucket>string</Bucket>
         <Region>string</Region>
         <TrafficDialPercentage>integer</TrafficDialPercentage>
      </Route>
   </RouteUpdates>
</SubmitMultiRegionAccessPointRoutesRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [mrap](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   <a name="AmazonS3-control_SubmitMultiRegionAccessPointRoutes-request-uri-uri-Mrap"></a>
The Multi-Region Access Point ARN.  
Length Constraints: Maximum length of 200.  
Pattern: `^[a-zA-Z0-9\:.-]{3,200}$`   
Required: Yes

 ** [x-amz-account-id](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   <a name="AmazonS3-control_SubmitMultiRegionAccessPointRoutes-request-header-AccountId"></a>
The Amazon Web Services account ID for the owner of the Multi-Region Access Point.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [SubmitMultiRegionAccessPointRoutesRequest](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   <a name="AmazonS3-control_SubmitMultiRegionAccessPointRoutes-request-SubmitMultiRegionAccessPointRoutesRequest"></a>
Root level tag for the SubmitMultiRegionAccessPointRoutesRequest parameters.  
Required: Yes

 ** [RouteUpdates](#API_control_SubmitMultiRegionAccessPointRoutes_RequestSyntax) **   <a name="AmazonS3-control_SubmitMultiRegionAccessPointRoutes-request-RouteUpdates"></a>
The different routes that make up the new route configuration. Active routes return a value of `100`, and passive routes return a value of `0`.  
Type: Array of [MultiRegionAccessPointRoute](API_control_MultiRegionAccessPointRoute.md) data types  
Required: Yes

## Response Syntax


```
HTTP/1.1 200
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Examples


### Sample request for initiating failover


In the following example, the request to submit these routing changes to initiate a failover is sent to the failover control infrastructure in the `us-east-1` Region. In this example, the `eu-north-1` Region is set to active, and the `ap-northeast-3` Region is set to passive. In other words, the `ap-northeast-3` Region is failed over to the `eu-north-1` Region.

```
PATCH /v20180820/mrap/instances/<Multi-Region Access Point>/routes HTTP/1.1
Host: example-account-id.s3-control.us-east-1.amazonaws.com
            
<SubmitMultiRegionAccessPointRoutesRequest>
  <RouteUpdates>
     <Route>
      <Region>eu-north-1</Region>
      <Bucket>example-bucket-eu-north-1</Bucket>
      <TrafficDialPercentage>100</TrafficDialPercentage>
     </Route>
     <Route>
      <Region>ap-northeast-3</Region>
      <Bucket>example-bucket-ap-northeast-3</Bucket>
      <TrafficDialPercentage>0</TrafficDialPercentage>
     </Route>
  </RouteUpdates>
</SubmitMultiRegionAccessPointRoutesRequest>
```

### Sample request for setting a Region to active status


The following request updates the route configuration of the `eu-north-1` Region to active. The request is sent to the failover control infrastructure in the `eu-west-1` Region.

```
PATCH /v20180820/mrap/instances/<Multi-Region Access Point>/routes HTTP/1.1
Host: example-account-id.s3-control.eu-west-1.amazonaws.com

<SubmitMultiRegionAccessPointRoutesRequest>
   <RouteUpdates>
    <Route>
      <Region>eu-north-1<Region>
      <Bucket>example-bucket-eu-north-1</Bucket>
      <TrafficDialPercentage>100</TrafficDialPercentage>
    </Route>
   </RouteUpdates>
</SubmitMultiRegionAccessPointRoutesRequest>
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/SubmitMultiRegionAccessPointRoutes) 

# TagResource


 Creates a new user-defined tag or updates an existing tag. Each tag is a label consisting of a key and value that is applied to your resource. Tags can help you organize, track costs for, and control access to your resources. You can add up to 50 Amazon resource tags for each S3 resource. 

**Note**  
This operation is only supported for the following Amazon S3 resource:  
 [General purpose buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/buckets-tagging.html) 
 [Access Points for directory buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-db-tagging.html) 
 [Access Points for general purpose buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-tagging.html) 
 [Directory buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/directory-buckets-tagging.html) 
 [S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage-lens-groups.html) 
 [S3 Access Grants instances, registered locations, or grants](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-grants-tagging.html).

Permissions  
For general purpose buckets, access points for general purpose buckets, Storage Lens groups, and S3 Access Grants, you must have the `s3:TagResource` permission to use this operation. 

Directory bucket permissions  
For directory buckets, you must have the `s3express:TagResource` permission to use this operation. For more information about directory buckets policies and permissions, see [Identity and Access Management (IAM) for S3 Express One Zone](https://docs.amazonaws.cn/AmazonS3/latest/userguide/s3-express-permissions.html) in the *Amazon S3 User Guide*.

HTTP Host header syntax  
 **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`.

For information about S3 Tagging errors, see [List of Amazon S3 Tagging error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3TaggingErrorCodeList).

## Request Syntax


```
POST /v20180820/tags/resourceArn+ HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<TagResourceRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <Tags>
      <Tag>
         <Key>string</Key>
         <Value>string</Value>
      </Tag>
   </Tags>
</TagResourceRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_control_TagResource_RequestSyntax) **   <a name="AmazonS3-control_TagResource-request-uri-uri-ResourceArn"></a>
The Amazon Resource Name (ARN) of the S3 resource that you're applying tags to. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.  
Length Constraints: Maximum length of 1011.  
Pattern: `arn:[^:]+:s3(express)?:[^:].*`   
Required: Yes

 ** [x-amz-account-id](#API_control_TagResource_RequestSyntax) **   <a name="AmazonS3-control_TagResource-request-header-AccountId"></a>
 The Amazon account ID that created the S3 resource that you're trying to add tags to or the requester's account ID.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [TagResourceRequest](#API_control_TagResource_RequestSyntax) **   <a name="AmazonS3-control_TagResource-request-TagResourceRequest"></a>
Root level tag for the TagResourceRequest parameters.  
Required: Yes

 ** [Tags](#API_control_TagResource_RequestSyntax) **   <a name="AmazonS3-control_TagResource-request-Tags"></a>
 The Amazon resource tags that you want to add to the specified S3 resource.   
Type: Array of [Tag](API_control_Tag.md) data types  
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Required: Yes

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/TagResource) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/TagResource) 

# UntagResource


This operation removes the specified user-defined tags from an S3 resource. You can pass one or more tag keys. 

**Note**  
This operation is only supported for the following Amazon S3 resources:  
 [General purpose buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/buckets-tagging.html) 
 [Access Points for directory buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-db-tagging.html) 
 [Access Points for general purpose buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-points-tagging.html) 
 [Directory buckets](https://docs.amazonaws.cn/AmazonS3/latest/userguide/directory-buckets-tagging.html) 
 [S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage-lens-groups.html) 
 [S3 Access Grants instances, registered locations, and grants](https://docs.amazonaws.cn/AmazonS3/latest/userguide/access-grants-tagging.html).

Permissions  
For general purpose buckets, access points for general purpose buckets, Storage Lens groups, and S3 Access Grants, you must have the `s3:UntagResource` permission to use this operation. 

Directory bucket permissions  
For directory buckets, you must have the `s3express:UntagResource` permission to use this operation. For more information about directory buckets policies and permissions, see [Identity and Access Management (IAM) for S3 Express One Zone](https://docs.amazonaws.cn/AmazonS3/latest/userguide/s3-express-permissions.html) in the *Amazon S3 User Guide*.

HTTP Host header syntax  
 **Directory buckets ** - The HTTP Host header syntax is `s3express-control.region.amazonaws.com`.

For information about S3 Tagging errors, see [List of Amazon S3 Tagging error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3TaggingErrorCodeList).

## Request Syntax


```
DELETE /v20180820/tags/resourceArn+?tagKeys=TagKeys HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [resourceArn](#API_control_UntagResource_RequestSyntax) **   <a name="AmazonS3-control_UntagResource-request-uri-uri-ResourceArn"></a>
The Amazon Resource Name (ARN) of the S3 resource that you're removing tags from. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.  
Length Constraints: Maximum length of 1011.  
Pattern: `arn:[^:]+:s3(express)?:[^:].*`   
Required: Yes

 ** [tagKeys](#API_control_UntagResource_RequestSyntax) **   <a name="AmazonS3-control_UntagResource-request-uri-querystring-TagKeys"></a>
 The array of tag key-value pairs that you're trying to remove from of the S3 resource.   
Array Members: Minimum number of 0 items. Maximum number of 50 items.  
Length Constraints: Minimum length of 1. Maximum length of 128.  
Pattern: `^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`   
Required: Yes

 ** [x-amz-account-id](#API_control_UntagResource_RequestSyntax) **   <a name="AmazonS3-control_UntagResource-request-header-AccountId"></a>
 The Amazon account ID that owns the resource that you're trying to remove the tags from.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/UntagResource) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/UntagResource) 

# UpdateAccessGrantsLocation


Updates the IAM role of a registered location in your S3 Access Grants instance.

Permissions  
You must have the `s3:UpdateAccessGrantsLocation` permission to use this operation. 

Additional Permissions  
You must also have the following permission: `iam:PassRole` 

## Request Syntax


```
PUT /v20180820/accessgrantsinstance/location/id HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<UpdateAccessGrantsLocationRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <IAMRoleArn>string</IAMRoleArn>
</UpdateAccessGrantsLocationRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-request-uri-uri-AccessGrantsLocationId"></a>
The ID of the registered location that you are updating. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
The ID of the registered location to which you are granting access. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
If you are passing the `default` location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the `Subprefix` field.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-request-header-AccountId"></a>
The Amazon account ID of the S3 Access Grants instance.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [UpdateAccessGrantsLocationRequest](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-request-UpdateAccessGrantsLocationRequest"></a>
Root level tag for the UpdateAccessGrantsLocationRequest parameters.  
Required: Yes

 ** [IAMRoleArn](#API_control_UpdateAccessGrantsLocation_RequestSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-request-IAMRoleArn"></a>
The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*`   
Required: Yes

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<UpdateAccessGrantsLocationResult>
   <CreatedAt>timestamp</CreatedAt>
   <AccessGrantsLocationId>string</AccessGrantsLocationId>
   <AccessGrantsLocationArn>string</AccessGrantsLocationArn>
   <LocationScope>string</LocationScope>
   <IAMRoleArn>string</IAMRoleArn>
</UpdateAccessGrantsLocationResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [UpdateAccessGrantsLocationResult](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-response-UpdateAccessGrantsLocationResult"></a>
Root level tag for the UpdateAccessGrantsLocationResult parameters.  
Required: Yes

 ** [AccessGrantsLocationArn](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-response-AccessGrantsLocationArn"></a>
The Amazon Resource Name (ARN) of the registered location that you are updating.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/location/[a-zA-Z0-9\-]+` 

 ** [AccessGrantsLocationId](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-response-AccessGrantsLocationId"></a>
The ID of the registered location to which you are granting access. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-]+` 

 ** [CreatedAt](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-response-CreatedAt"></a>
The date and time when you registered the location.   
Type: Timestamp

 ** [IAMRoleArn](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-response-IAMRoleArn"></a>
The Amazon Resource Name (ARN) of the IAM role of the registered location. S3 Access Grants assumes this role to manage access to the registered location.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Pattern: `arn:[^:]+:iam::\d{12}:role/.*` 

 ** [LocationScope](#API_control_UpdateAccessGrantsLocation_ResponseSyntax) **   <a name="AmazonS3-control_UpdateAccessGrantsLocation-response-LocationScope"></a>
The S3 URI path of the location that you are updating. You cannot update the scope of the registered location. The location scope can be the default S3 location `s3://`, the S3 path to a bucket `s3://<bucket>`, or the S3 path to a bucket and prefix `s3://<bucket>/<prefix>`.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2000.  
Pattern: `^.+$` 

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/UpdateAccessGrantsLocation) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/UpdateAccessGrantsLocation) 

# UpdateJobPriority


Updates an existing S3 Batch Operations job's priority. For more information, see [S3 Batch Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `UpdateJobPriority` operation, you must have permission to perform the `s3:UpdateJobPriority` action.

Related actions include:
+  [CreateJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [ListJobs](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [DescribeJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [UpdateJobStatus](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
POST /v20180820/jobs/id/priority?priority=Priority HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_UpdateJobPriority_RequestSyntax) **   <a name="AmazonS3-control_UpdateJobPriority-request-uri-uri-JobId"></a>
The ID for the job whose priority you want to update.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [priority](#API_control_UpdateJobPriority_RequestSyntax) **   <a name="AmazonS3-control_UpdateJobPriority-request-uri-querystring-Priority"></a>
The priority you want to assign to this job.  
Valid Range: Minimum value of 0. Maximum value of 2147483647.  
Required: Yes

 ** [x-amz-account-id](#API_control_UpdateJobPriority_RequestSyntax) **   <a name="AmazonS3-control_UpdateJobPriority-request-header-AccountId"></a>
The Amazon Web Services account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<UpdateJobPriorityResult>
   <JobId>string</JobId>
   <Priority>integer</Priority>
</UpdateJobPriorityResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [UpdateJobPriorityResult](#API_control_UpdateJobPriority_ResponseSyntax) **   <a name="AmazonS3-control_UpdateJobPriority-response-UpdateJobPriorityResult"></a>
Root level tag for the UpdateJobPriorityResult parameters.  
Required: Yes

 ** [JobId](#API_control_UpdateJobPriority_ResponseSyntax) **   <a name="AmazonS3-control_UpdateJobPriority-response-JobId"></a>
The ID for the job whose priority Amazon S3 updated.  
Type: String  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+` 

 ** [Priority](#API_control_UpdateJobPriority_ResponseSyntax) **   <a name="AmazonS3-control_UpdateJobPriority-response-Priority"></a>
The new priority assigned to the specified job.  
Type: Integer  
Valid Range: Minimum value of 0. Maximum value of 2147483647.

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/UpdateJobPriority) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/UpdateJobPriority) 

# UpdateJobStatus


Updates the status for the specified job. Use this operation to confirm that you want to run a job or to cancel an existing job. For more information, see [S3 Batch Operations](https://docs.amazonaws.cn/AmazonS3/latest/userguide/batch-ops.html) in the *Amazon S3 User Guide*.

Permissions  
To use the `UpdateJobStatus` operation, you must have permission to perform the `s3:UpdateJobStatus` action.

Related actions include:
+  [CreateJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_CreateJob.html) 
+  [ListJobs](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_ListJobs.html) 
+  [DescribeJob](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_DescribeJob.html) 
+  [UpdateJobStatus](https://docs.amazonaws.cn/AmazonS3/latest/API/API_control_UpdateJobStatus.html) 

## Request Syntax


```
POST /v20180820/jobs/id/status?requestedJobStatus=RequestedJobStatus&statusUpdateReason=StatusUpdateReason HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [id](#API_control_UpdateJobStatus_RequestSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-request-uri-uri-JobId"></a>
The ID of the job whose status you want to update.  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [requestedJobStatus](#API_control_UpdateJobStatus_RequestSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-request-uri-querystring-RequestedJobStatus"></a>
The status that you want to move the specified job to.  
Valid Values: `Cancelled | Ready`   
Required: Yes

 ** [statusUpdateReason](#API_control_UpdateJobStatus_RequestSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-request-uri-querystring-StatusUpdateReason"></a>
A description of the reason why you want to change the specified job's status. This field can be any string up to the maximum length.  
Length Constraints: Minimum length of 1. Maximum length of 256.

 ** [x-amz-account-id](#API_control_UpdateJobStatus_RequestSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-request-header-AccountId"></a>
The Amazon Web Services account ID associated with the S3 Batch Operations job.  
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request does not have a request body.

## Response Syntax


```
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<UpdateJobStatusResult>
   <JobId>string</JobId>
   <Status>string</Status>
   <StatusUpdateReason>string</StatusUpdateReason>
</UpdateJobStatusResult>
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.

 ** [UpdateJobStatusResult](#API_control_UpdateJobStatus_ResponseSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-response-UpdateJobStatusResult"></a>
Root level tag for the UpdateJobStatusResult parameters.  
Required: Yes

 ** [JobId](#API_control_UpdateJobStatus_ResponseSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-response-JobId"></a>
The ID for the job whose status was updated.  
Type: String  
Length Constraints: Minimum length of 5. Maximum length of 36.  
Pattern: `[a-zA-Z0-9\-\_]+` 

 ** [Status](#API_control_UpdateJobStatus_ResponseSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-response-Status"></a>
The current status for the specified job.  
Type: String  
Valid Values: `Active | Cancelled | Cancelling | Complete | Completing | Failed | Failing | New | Paused | Pausing | Preparing | Ready | Suspended` 

 ** [StatusUpdateReason](#API_control_UpdateJobStatus_ResponseSyntax) **   <a name="AmazonS3-control_UpdateJobStatus-response-StatusUpdateReason"></a>
The reason that the specified job's status was updated.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 256.

## Errors


 ** BadRequestException **   
  
HTTP Status Code: 400

 ** InternalServiceException **   
  
HTTP Status Code: 500

 ** JobStatusException **   
  
HTTP Status Code: 400

 ** NotFoundException **   
  
HTTP Status Code: 400

 ** TooManyRequestsException **   
  
HTTP Status Code: 400

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/UpdateJobStatus) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/UpdateJobStatus) 

# UpdateStorageLensGroup


 Updates the existing Storage Lens group.

To use this operation, you must have the permission to perform the `s3:UpdateStorageLensGroup` action. For more information about the required Storage Lens Groups permissions, see [Setting account permissions to use S3 Storage Lens groups](https://docs.amazonaws.cn/AmazonS3/latest/userguide/storage_lens_iam_permissions.html#storage_lens_groups_permissions).

For information about Storage Lens groups errors, see [List of Amazon S3 Storage Lens error codes](https://docs.amazonaws.cn/AmazonS3/latest/API/ErrorResponses.html#S3LensErrorCodeList).

## Request Syntax


```
PUT /v20180820/storagelensgroup/name HTTP/1.1
Host: s3-control.amazonaws.com.cn
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<UpdateStorageLensGroupRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
   <StorageLensGroup>
      <Filter>
         <And>
            <MatchAnyPrefix>
               <Prefix>string</Prefix>
            </MatchAnyPrefix>
            <MatchAnySuffix>
               <Suffix>string</Suffix>
            </MatchAnySuffix>
            <MatchAnyTag>
               <Tag>
                  <Key>string</Key>
                  <Value>string</Value>
               </Tag>
            </MatchAnyTag>
            <MatchObjectAge>
               <DaysGreaterThan>integer</DaysGreaterThan>
               <DaysLessThan>integer</DaysLessThan>
            </MatchObjectAge>
            <MatchObjectSize>
               <BytesGreaterThan>long</BytesGreaterThan>
               <BytesLessThan>long</BytesLessThan>
            </MatchObjectSize>
         </And>
         <MatchAnyPrefix>
            <Prefix>string</Prefix>
         </MatchAnyPrefix>
         <MatchAnySuffix>
            <Suffix>string</Suffix>
         </MatchAnySuffix>
         <MatchAnyTag>
            <Tag>
               <Key>string</Key>
               <Value>string</Value>
            </Tag>
         </MatchAnyTag>
         <MatchObjectAge>
            <DaysGreaterThan>integer</DaysGreaterThan>
            <DaysLessThan>integer</DaysLessThan>
         </MatchObjectAge>
         <MatchObjectSize>
            <BytesGreaterThan>long</BytesGreaterThan>
            <BytesLessThan>long</BytesLessThan>
         </MatchObjectSize>
         <Or>
            <MatchAnyPrefix>
               <Prefix>string</Prefix>
            </MatchAnyPrefix>
            <MatchAnySuffix>
               <Suffix>string</Suffix>
            </MatchAnySuffix>
            <MatchAnyTag>
               <Tag>
                  <Key>string</Key>
                  <Value>string</Value>
               </Tag>
            </MatchAnyTag>
            <MatchObjectAge>
               <DaysGreaterThan>integer</DaysGreaterThan>
               <DaysLessThan>integer</DaysLessThan>
            </MatchObjectAge>
            <MatchObjectSize>
               <BytesGreaterThan>long</BytesGreaterThan>
               <BytesLessThan>long</BytesLessThan>
            </MatchObjectSize>
         </Or>
      </Filter>
      <Name>string</Name>
      <StorageLensGroupArn>string</StorageLensGroupArn>
   </StorageLensGroup>
</UpdateStorageLensGroupRequest>
```

## URI Request Parameters


The request uses the following URI parameters.

 ** [name](#API_control_UpdateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_UpdateStorageLensGroup-request-uri-uri-Name"></a>
 The name of the Storage Lens group that you want to update.   
Length Constraints: Minimum length of 1. Maximum length of 64.  
Pattern: `[a-zA-Z0-9\-\_]+`   
Required: Yes

 ** [x-amz-account-id](#API_control_UpdateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_UpdateStorageLensGroup-request-header-AccountId"></a>
 The Amazon account ID of the Storage Lens group owner.   
Length Constraints: Maximum length of 64.  
Pattern: `^\d{12}$`   
Required: Yes

## Request Body


The request accepts the following data in XML format.

 ** [UpdateStorageLensGroupRequest](#API_control_UpdateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_UpdateStorageLensGroup-request-UpdateStorageLensGroupRequest"></a>
Root level tag for the UpdateStorageLensGroupRequest parameters.  
Required: Yes

 ** [StorageLensGroup](#API_control_UpdateStorageLensGroup_RequestSyntax) **   <a name="AmazonS3-control_UpdateStorageLensGroup-request-StorageLensGroup"></a>
 The JSON file that contains the Storage Lens group configuration.   
Type: [StorageLensGroup](API_control_StorageLensGroup.md) data type  
Required: Yes

## Response Syntax


```
HTTP/1.1 204
```

## Response Elements


If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/s3control-2018-08-20/UpdateStorageLensGroup) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/s3control-2018-08-20/UpdateStorageLensGroup)