Module netapp_ontap.models.s3_policy_statement

Copyright © 2022 NetApp Inc. All rights reserved.


class S3PolicyStatementSchema (*, only: Union[Sequence[str], Set[str]] = None, exclude: Union[Sequence[str], Set[str]] = (), many: bool = False, context: Dict = None, load_only: Union[Sequence[str], Set[str]] = (), dump_only: Union[Sequence[str], Set[str]] = (), partial: Union[bool, Sequence[str], Set[str]] = False, unknown: str = None)

The fields of the S3PolicyStatement object


  • netapp_ontap.resource.ResourceSchema
  • marshmallow.schema.Schema
  • marshmallow.base.SchemaABC

Class variables


For each resource, S3 supports a set of operations. The resource operations allowed or denied are identified by an action list:

  • GetObject - retrieves objects from a bucket.
  • PutObject - puts objects in a bucket.
  • DeleteObject - deletes objects from a bucket.
  • ListBucket - lists the objects in a bucket.
  • GetBucketAcl - retrieves the access control list (ACL) of a bucket.
  • GetObjectAcl - retrieves the access control list (ACL) of an object.
  • ListAllMyBuckets - lists all of the buckets in a server.
  • ListBucketMultipartUploads - lists the multipart uploads in progress for a bucket.
  • ListMultipartUploadParts - lists the parts in a multipart upload.
  • GetObjectTagging - retrieves the tag set of an object.
  • PutObjecttagging - sets the tag set for an object.
  • DeleteObjectTagging - deletes the tag set of an object.
  • GetBucketLocation - retrieves the location of a bucket. The wildcard character "*" can be used to form a regular expression for specifying actions.

Example: ["*"]


Specifies whether access is allowed or denied. If access (to allow) is not granted explicitly to a resource, access is implicitly denied. Access can also be denied explicitly to a resource, in order to make sure that a user cannot access it, even if a different policy grants access.

Valid choices:

  • allow
  • deny
index GET

Specifies a unique statement index used to identify a particular statement. This parameter should not be specified in the POST method. A statement index is automatically generated and is retrieved using the GET method.

resources GET POST PATCH

The resources field of the s3_policy_statement.

Example: ["bucket1","bucket1/*"]


Specifies the statement identifier which contains additional information about the statement.

Example: FullAccessToBucket1