Petabox
  • Introduction
  • Petabox FAQ
  • Concepts
    • Bucket versioning
    • Logging actions with a bucket
    • Object Lock
  • Tools
    • Supported tools
      • CyberDuck S3 Client
      • Mountain Duck
      • S3 Browser
      • RClone
      • AWS CLI Console client
      • SDKs for different languages
        • JavaScript SDK
        • AWS SDK for Java
        • Python SDK (boto)
  • S3 Compatible API
    • How to use the API
    • Signing Requests
    • API Reference
      • Bucket
        • HeadBucket
        • ListObjects/ListObjectsV2
        • PutBucketVersioning
        • PutBucketLogging
        • ListBuckets
        • RenameBucket
        • GetBucketLocation
      • Object
        • PutObject
        • GetObject
        • HeadObject
        • RenameObject
        • PutObjectAcl
      • Multipart upload
        • General multipart upload order
        • CreateMultipartUpload
        • UploadPart
        • CompleteMultipartUpload
        • ListMultipartUploads
      • Analytics
        • GetStatistics
        • GetBandwidthAnalytics
        • GetStorageAnalytics
      • Common request headers
      • Common response headers
      • Responses
      • GetObjectTagging
      • GetObjectAcl
      • GetBucketAcl
      • ListObjectVersions
      • GetBucketRequestPayment
      • GetBucketReplication
      • GetBucketTagging
      • GetBucketLocation
      • GetBucketVersioning
      • GetBucketLifecycle
      • GetObjectLockConfiguration
      • PutObjectLockConfiguration
      • GetObjectRetention
      • GetObjectLegalHold
      • PutObjectRetention
      • PutObjectLegalHold
      • PutObjectAcl
      • PutBucketAcl
      • PutBucketVersioning
      • CopyObject
      • DeleteObjects
      • AbortMultipartUpload
      • DeleteObject
      • DeleteBucket
      • PutBucketTagging
      • PutObjectTagging
      • DeleteBucketTagging
      • DeleteObjectTagging
      • PutBucketLogging
      • GetBucketLogging
      • ListParts
      • UploadPartCopy
      • PutBucketPolicy
      • GetBucketPolicy
      • DeleteBucketPolicy
Powered by GitBook
On this page
  • Request Syntax
  • URI Request Parameters
  • Request Body
  • Response Syntax
  • Response Elements
  • Examples
  • Sample Request
  • Sample Response
  1. S3 Compatible API
  2. API Reference

GetBucketPolicy

Returns the policy of a specified bucket

If you are using an identity other than the root user of the Petabox account that owns the bucket, the calling identity must have the GetBucketPolicy permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.

If you don't have GetBucketPolicy permissions, Petabox returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Petabox returns a 405 Method Not Allowed error.

Important

To ensure that bucket owners don't inadvertently lock themselves out of their own buckets, the root principal in a bucket owner's Petabox account can perform the GetBucketPolicy, PutBucketPolicy, and DeleteBucketPolicy API actions, even if their bucket policy explicitly denies the root principal's access.

Request Syntax

GET /?policy HTTP/1.1
Host: Bucket.s3.petabox.io
x-amz-expected-bucket-owner: ExpectedBucketOwner

URI Request Parameters

The request uses the following URI parameters.

Bucket

The bucket name for which to get the bucket policy.

Required: Yes

x-amz-expected-bucket-owner

The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code 403 Forbidden (access denied).

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200

{ Policy in JSON format }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

Examples

Sample Request

The following request returns the policy of the specified bucket.

GET ?policy HTTP/1.1
Host: bucket.s3.<Region>.petabox.io
Date: Wed, 28 Oct 2009 22:32:00 GMT
Authorization: authorization string

Sample Response

This example illustrates one usage of GetBucketPolicy.

HTTP/1.1 200 OK  
x-amz-id-2: Uuag1LuByru9pO4SAMPLEAtRPfTaOFg==  
x-amz-request-id: 656c76696e67SAMPLE57374  
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Connection: keep-alive  
Server: Petabox    


{
"Version":"2008-10-17",
"Id":"aaaa-bbbb-cccc-dddd",
"Statement" : [
    {
        "Effect":"Deny",
        "Sid":"1", 
        "Principal" : {
           "AWS":["111122223333","444455556666"]
        },
        "Action":["s3:*"],
        "Resource":"arn:aws:s3:::bucket/*"
     }
 ] 
}
PreviousPutBucketPolicyNextDeleteBucketPolicy

Last updated 9 days ago