[ aws . s3api ]

get-bucket-policy-status

Description

Retrieves the policy status for an Amazon S3 bucket, indicating whether the bucket is public. In order to use this operation, you must have the s3:GetBucketPolicyStatus permission. For more information about Amazon S3 permissions, see Specifying Permissions in a Policy .

For more information about when Amazon S3 considers a bucket public, see The Meaning of “Public” .

The following operations are related to GetBucketPolicyStatus :

• Using Amazon S3 Block Public Access

• GetPublicAccessBlock

• PutPublicAccessBlock

• DeletePublicAccessBlock

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  get-bucket-policy-status
--bucket <value>
[--expected-bucket-owner <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--bucket (string)

The name of the Amazon S3 bucket whose policy status you want to retrieve.

--expected-bucket-owner (string)

The account id of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Examples

To retrieve the policy status for a bucket indicating whether the bucket is public

The following get-bucket-policy-status example retrieves the policy status for the bucket my-bucket.

aws s3api get-bucket-policy-status \
    --bucket my-bucket

Output:

{
    "PolicyStatus": {
        "IsPublic": false
    }
}

Output

PolicyStatus -> (structure)

The policy status for the specified bucket.

IsPublic -> (boolean)

The policy status for this bucket. TRUE indicates that this bucket is public. FALSE indicates that the bucket is not public.