GET PublicAccessBlock
Description
This operation retrieves the PublicAccessBlock
configuration for an Amazon Web Services
account. In order to use this operation, you must have the
s3:GetAccountPublicAccessBlock
permission. For more information about
Amazon S3 permissions, see Specifying
Permissions in a Policy in the Amazon Simple Storage Service Developer Guide.
Important
When Amazon S3 evaluates the PublicAccessBlock
configuration for a bucket or an
object, it checks the PublicAccessBlock
configuration for both the
bucket (or the bucket that contains the object) and the bucket owner's account.
If
the PublicAccessBlock
settings are different between the bucket and the
account, Amazon S3 uses the most restrictive combination of the bucket-level and
account-level settings.
For more information about when Amazon S3 considers a bucket or an object public, see The Meaning of "Public" in the Amazon Simple Storage Service Developer Guide.
Requests
Syntax
GET /v20180820/configuration/publicAccessBlock HTTP/1.1 Host:
<account-id>
.s3-control.amazonaws.com x-amz-date:<Thu, 15 Nov 2016 00:17:21 GMT>
Authorization:<authorization string>
(see Authenticating Requests (AWS Signature Version 4))
Note
For information about locating your AWS account ID, see Finding your AWS Account ID in the Amazon Web Services General Reference.
Request Parameters
This operation does not use request parameters.
Request Headers
This implementation of the operation uses only request headers that are common to all operations. For more information, see Common Request Headers.
Request Elements
This implementation of the operation does not use request elements.
Responses
Response Headers
The operation returns response headers that are common to most responses. For more information, see Common Response Headers.
Response Elements
Name | Description |
---|---|
PublicAccessBlockConfiguration |
A Type: Container Children: |
BlockPublicAcls |
Specifies whether Amazon S3 will block public access control lists (ACLs) for buckets and objects that are owned by this account. Type: Boolean Ancestor: Valid values: |
IgnorePublicAcls |
Specifies whether Amazon S3 will ignore public ACLs for buckets and objects that are owned by this account. Type: Boolean Ancestor: Valid values: |
BlockPublicPolicy |
Specifies whether Amazon S3 will block public bucket policies for buckets that are owned by this account. Type: Boolean Ancestor: Valid values: |
RestrictPublicBuckets |
Specifies whether Amazon S3 will restrict public bucket policies for buckets that are owned by this account. Type: Boolean Ancestor: Valid values: |
Special Errors
This implementation of the operation does not return special errors. For general information about Amazon S3 errors and a list of error codes, see Error Responses.
Examples
Sample Request
The following request gets an account PublicAccessBlock
configuration.
GET /v20180820/configuration/publicAccessBlock HTTP/1.1 Host:
<account-id>
.s3-control.amazonaws.com x-amz-date:<Thu, 15 Nov 2016 00:17:21 GMT>
Authorization:<signatureValue>
Sample Response
HTTP/1.1 200 OK x-amz-id-2: ITnGT1y4REXAMPLEPi4hklTXouTf0hccUjo0iCPEXAMPLEutBj3M7fPGlWO2SEWp x-amz-request-id: 51991EXAMPLE5321 Date: Thu, 15 Nov 2016 00:17:22 GMT Server: AmazonS3 Content-Length: 0 <PublicAccessBlockConfiguration> <BlockPublicAcls>TRUE</BlockPublicAcls> <IgnorePublicAcls>FALSE</IgnorePublicAcls> <BlockPublicPolicy>FALSE</BlockPublicPolicy> <RestrictPublicBuckets>FALSE</RestrictPublicBuckets> </PublicAccessBlockConfiguration>
Related Resources
-
Using Amazon S3 Block Public Access in the Amazon Simple Storage Service Developer Guide.