S3 / Client / head_bucket
head_bucket#
- S3.Client.head_bucket(**kwargs)#
You can use this operation to determine if a bucket exists and if you have permission to access it. The action returns a
200 OKif the bucket exists and you have permission to access it.If the bucket does not exist or you do not have permission to access it, the
HEADrequest returns a generic400 Bad Request,403 Forbiddenor404 Not Foundcode. A message body is not included, so you cannot determine the exception beyond these error codes.Note
Directory buckets - You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format
https://bucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the Amazon S3 User Guide.Authentication and authorization
All
HeadBucketrequests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with thex-amz-prefix, includingx-amz-copy-source, must be signed. For more information, see REST Authentication.Directory bucket - You must use IAM credentials to authenticate and authorize your access to the
HeadBucketAPI operation, instead of using the temporary security credentials through theCreateSessionAPI operation.Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.
Permissions
General purpose bucket permissions - To use this operation, you must have permissions to perform the
s3:ListBucketaction. The bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see Managing access permissions to your Amazon S3 resources in the Amazon S3 User Guide.Directory bucket permissions - You must have the
s3express:CreateSessionpermission in theActionelement of a policy. By default, the session is in theReadWritemode. If you want to restrict the access, you can explicitly set thes3express:SessionModecondition key toReadOnlyon the bucket. For more information about example bucket policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone in the Amazon S3 User Guide.HTTP Host header syntax
Directory buckets - The HTTP Host header syntax is
Bucket_name.s3express-az_id.region.amazonaws.com.See also: AWS API Documentation
Request Syntax
response = client.head_bucket( Bucket='string', ExpectedBucketOwner='string' )
- Parameters:
Bucket (string) –
[REQUIRED]
The bucket name.
When using this action with an access point, you must direct requests to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.*Region*.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see Using access points in the Amazon S3 User Guide.
When using this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form
AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When using this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts bucket ARN in place of the bucket name. For more information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.ExpectedBucketOwner (string) – Ignored by COS if present.
- Return type:
dict
- Returns:
Response Syntax
{ 'IBMSSEKPEnabled': True|False, 'IBMSSEKPCrkId': 'string' }
Response Structure
(dict) –
IBMSSEKPEnabled (boolean) – The bucket encryption enabled or not.
IBMSSEKPCrkId (string) – CRK ID of the Bucket encryption
Exceptions
Examples
This operation checks to see if a bucket exists.
response = client.head_bucket( Bucket='acl1', ) print(response)
Expected Output:
{ 'ResponseMetadata': { '...': '...', }, }