b2_update_bucket
    • Dark
      Light

    b2_update_bucket

    • Dark
      Light

    Article summary

    Post
    /b2api/v3/b2_update_bucket

    Modifies bucket properties

    Update the bucketType, bucket info, lifecycle rules, CORS rules, default server-side encryption settings, or default Object Lock retention settings of an existing bucket. Can be used to allow everyone to download the contents of the bucket without providing any authorization, or to prevent anyone from downloading the contents of the bucket without providing a bucket auth token.

    Warning
    Do not include Protected Health Information (PHI) or Personally Identifiable Information (PII) in bucket names; object, file, or folder names; or other metadata. This metadata is not encrypted in a way that meets Health Insurance Portability and Accountability Act (HIPAA) protection requirements for PHI/PII data, and it is not generally encrypted in client-side encryption architectures.

    API Versions

    v2: Consistent file structures (Sept 13, 2018)

    Now returns action ("start"), contentLength (0), and contentSha1 ("none").

    v1: Application keys (July 26, 2018)

    Incompatible change: After calling b2_authorize_account with an application key that does not have the right permissions, this call will return a 401 Unauthorized.

    v1: Original release (September 22, 2015)


    PLEASE NOTE:

    This API endpoint can be called using a GET request by converting the parameters in the request body to query parameters.

    Header parameters
    Authorization
    stringRequired

    An account authorization token, obtained from b2_authorize_account.
    The token must have the writeBuckets capability.

    Body parameters
    Expand All
    object
    accountId
    string

    The account that the bucket is in.

    ExampleACCOUNT_ID
    bucketId
    string Required

    The unique identifier of the bucket.

    Example4a48fe8875c6214145260818
    bucketType
    string

    One of: "allPublic", "allPrivate". "allPublic" means that anybody can download the files is the bucket; "allPrivate" means that you need an authorization token to download them.

    If not specified, the setting will remain unchanged.

    ExampleallPublic
    bucketInfo
    object

    User-defined information to be stored with the bucket: a JSON object mapping names to values. See Buckets.

    If specified, the existing bucket info will be replaced with the new info. If not specified, the setting will remain unchanged.

    Cache-Control policies can be set here on a global level for all the files in the bucket.

    Example{}
    corsRules
    Array of object

    The initial list (a JSON array) of CORS rules for this bucket. See CORS Rules for an overview and the rule structure.

    Example[ { "corsRuleName": "downloadFromAnyOrigin", "allowedOrigins": [ "https" ], "allowedHeaders": [ "range" ], "allowedOperations": [ "b2_download_file_by_id", "b2_download_file_by_name" ], "exposeHeaders": [ "x-bz-content-sha1" ], "maxAgeSeconds": 3600 } ]
    object
    corsRuleName
    string
    ExampledownloadFromAnyOrigin
    allowedOrigins
    Array of string
    Example[ "https" ]
    string
    allowedHeaders
    Array of string
    Example[ "range" ]
    string
    allowedOperations
    Array of string
    Example[ "b2_download_file_by_id", "b2_download_file_by_name" ]
    string
    exposeHeaders
    Array of string
    Example[ "x-bz-content-sha1" ]
    string
    maxAgeSeconds
    integer
    Example3600
    defaultRetention
    string

    The default Object Lock retention settings for this bucket. See Object Lock for an overview and the parameter structure.

    If specified, the existing default bucket retention settings will be replaced with the new settings. If not specified, the setting will remain unchanged. Setting the value requires the writeBucketRetentions capability and that the bucket is Object Lock-enabled.

    Example
    defaultServerSideEncryption
    object

    The default server-side encryption settings for this bucket. See Server-Side Encryption settings for new files uploaded to this bucket. This field is filtered based on application key capabilities; readBucketEncryption capability is required to access the value. See Server-Side Encryption for an overview and the parameter structure. If specified, the existing default bucket encryption settings will be replaced with the new settings. If not specified, the setting will remain unchanged. Setting the value requires the writeBucketEncryption capability.

    Example{ "mode": "SSE-B2", "algorithm": "AES256" }
    mode
    string
    algorithm
    string
    fileLockEnabled
    boolean

    If present, the Boolean value specifies whether the bucket has Object Lock enabled. Once Object Lock is enabled on a bucket, it cannot be disabled.

    A value of true will be accepted if you have writeBucketRetentions capability. But you cannot enable Object Lock on a restricted bucket (e.g. share buckets, snapshot) or on a bucket that contains source replication configuration.

    A value of false will only be accepted if the bucket does not have Object Lock enabled.

    After enabling Object Lock on a bucket containing files with metadata over the lower 2,048 byte limit, API requests to b2_update_file_retention and b2_update_file_legal_hold will be rejected. This is because setting file retention or legal hold on a file adds additional headers when the file is downloaded, for example, with b2_download_file_by_name. In such cases, you can use b2_copy_file with a REPLACE metadataDirective to copy the file, give it less metadata, and also specify the fileRetention and legalHold parameters. The original file can then be deleted with b2_delete_file_version.

    lifecycleRules
    object

    The list of lifecycle rules for this bucket. Structure defined below. See Lifecycle Rules for an overview and the rule structure.


    If specified, the existing lifecycle rules will be replaced with this new list. If not specified, the setting will remain unchanged.

    Example[ { "daysFromHidingToDeleting": 30, "daysFromUploadingToHiding": null, "fileNamePrefix": "backup/" } ]
    daysFromHidingToDeleting
    integer
    Example30
    daysFromUploadingToHiding
    string
    Example
    fileNamePrefix
    string
    Examplebackup/
    replicationConfiguration

    The configuration to create a Replication Rule. See Cloud Replication Rules. At least one of the asReplicationSource or asReplicationDestination parameters is required, but they can also both be present.

    Note: Before you can configure Cloud Replication, you must have a verified email address and payment history on file.

    Example{ "asReplicationSource": { "replicationRules": [ { "destinationBucketId": "3f46fe8276c62b414506021y", "fileNamePrefix": "", "includeExistingFiles": false, "isEnabled": true, "priority": 1, "replicationRuleName": "replication-us-east" } ], "sourceApplicationKeyId": "00512f95cf4dcf0000000004z" } }
    asReplicationSource
    object
    replicationRules
    Array of object
    object
    destinationBucketId
    string
    Example3f46fe8276c62b414506021y
    fileNamePrefix
    string
    Example
    includeExistingFiles
    boolean
    ExampleFalse
    isEnabled
    boolean
    ExampleTrue
    priority
    integer
    Example1
    replicationRuleName
    string
    Examplereplication-us-east
    asReplicationDestination
    object
    sourceToDestinationKeyMapping
    string
    Example00512f95cf4dcf0000000004y
    ifRevisionIs
    integer

    When set, the update will only happen if the revision number stored in the B2 service matches the one passed in. This can be used to avoid having simultaneous updates make conflicting changes.

    Example1
    Responses
    200

    The request succeeded.


    The response headers include the Content-Type that was specified when the file was uploaded. They also include the X-Bz-FileName and X-Bz-Content-Sha1 headers, plus X-Bz-Info-* headers for any custom file info that was provided with the upload. The X-Bz-FileName uses percent-encoding, as if it were a URL parameter.

    Expand All
    object
    accountId
    string

    The account that the bucket is in.

    ExampleACCOUNT_ID
    bucketId

    The unique identifier of the bucket.

    Example4a48fe8875c6214145260818
    bucketName
    string

    The unique name of the bucket

    Exampleany-name-you-pick
    bucketType
    string

    One of: allPublic, allPrivate, restricted, snapshot, shared, or other values added in the future. allPublic means that anybody can download the files is the bucket; allPrivate means that you need an authorization token to download them; snapshot means that it's a private bucket containing snapshots created in the Backblaze web UI.

    ExampleallPrivate
    bucketInfo
    string

    The user data stored with this bucket.

    Example{}
    corsRules
    Array of object

    The initial list (a JSON array) of CORS rules for this bucket. See CORS Rules for an overview and the rule structure.

    Example[ { "corsRuleName": "downloadFromAnyOrigin", "allowedOrigins": [ "https" ], "allowedHeaders": [ "range" ], "allowedOperations": [ "b2_download_file_by_id", "b2_download_file_by_name" ], "exposeHeaders": [ "x-bz-content-sha1" ], "maxAgeSeconds": 3600 } ]
    object
    corsRuleName
    string
    ExampledownloadFromAnyOrigin
    allowedOrigins
    Array of string
    Example[ "https" ]
    string
    allowedHeaders
    Array of string
    Example[ "range" ]
    string
    allowedOperations
    Array of string
    Example[ "b2_download_file_by_id", "b2_download_file_by_name" ]
    string
    exposeHeaders
    Array of string
    Example[ "x-bz-content-sha1" ]
    string
    maxAgeSeconds
    integer
    Example3600
    fileLockConfiguration
    object

    The Object Lock configuration for this bucket. This field is filtered based on application key capabilities; readBucketRetentions capability is required to access the value. See Object Lock for more details on response structure.

    Example{ "isClientAuthorizedToRead": true, "value": { "defaultRetention": { "mode": null, "period": null }, "isFileLockEnabled": true } }
    isClientAuthorizedToRead
    boolean
    ExampleTrue
    value
    object
    defaultRentention
    object
    mode
    string
    Examplegovernance
    period
    object
    Example{ "duration": 2, "unit": "years" }
    duration
    integer
    Example2
    unit
    string
    Exampleyears
    isFileLockEnabled
    boolean
    ExampleTrue
    defaultServerSideEncryption
    object

    The default bucket Server-Side Encryption settings for new files uploaded to this bucket. This field is filtered based on application key capabilities; readBucketEncryption capability is required to access the value. See Server-Side Encryption for more details on response structure.

    Example{ "isClientAuthorizedToRead": true, "value": { "algorithm": "AES256", "mode": "SSE-B2" } }
    isClientAuthorizedToRead
    boolean
    value
    object
    algorithm
    string
    mode
    string
    lifecycleRules
    object

    The initial list of lifecycle rules for this bucket. See Lifecycle Rules for an overview and the rule structure.

    Example[ { "daysFromHidingToDeleting": 30, "daysFromUploadingToHiding": null, "fileNamePrefix": "backup/" } ]
    daysFromHidingToDeleting
    integer
    Example30
    daysFromUploadingToHiding
    string
    Example
    fileNamePrefix
    string
    Examplebackup/
    replicationConfiguration

    The list of replication rules for this bucket. See Cloud Replication Rules for an overview and the rule structure.

    Example{ "isClientAuthorizedToRead": "true,", "value": { "asReplicationDestination": null, "asReplicationSource": { "replicationRules": [ { "destinationBucketId": "3f46fe8276c62b414506021y", "fileNamePrefix": "", "includeExistingFiles": true, "isEnabled": false, "priority": 1, "replicationRuleName": "testRuleName" } ], "sourceApplicationKeyId": "100c9317036ba5b0000000001" } } }
    asReplicationSource
    object
    replicationRules
    Array of object
    object
    destinationBucketId
    string
    Example3f46fe8276c62b414506021y
    fileNamePrefix
    string
    Example
    includeExistingFiles
    boolean
    ExampleFalse
    isEnabled
    boolean
    ExampleTrue
    priority
    integer
    Example1
    replicationRuleName
    string
    Examplereplication-us-east
    asReplicationDestination
    object
    sourceToDestinationKeyMapping
    string
    Example00512f95cf4dcf0000000004y
    revision
    string

    A counter that is updated every time the bucket is modified, and can be used with the ifRevisionIs parameter to b2_update_bucket to prevent colliding, simultaneous updates.

    Example2
    options
    Array of string

    When present and set to s3, the bucket can be accessed through the S3 Compatible API.

    Example[ "S3" ]
    string
    Valid values[ "\"s3\"" ]
    400
    statuscodedescription
    400bad_bucket_idThe requested bucket ID does not match an existing bucket.
    400bad_requestThe request had the wrong fields or illegal values. The message returned with the error will describe the problem.
    400file_lock_conflictThis operation is not allowed because Object Lock is enabled on the bucket.
    400restricted_bucket_conflictThis operation is not allowed because the bucket is restricted.
    400source_replication_conflictThis operation is not allowed because source replication configuration is present on the bucket.
    object
    status
    integer

    The numeric HTTP status code. Always matches the status in the HTTP response.

    Example400
    code
    string

    A single-identifier code that identifies the error.

    Exampleinvalid_bucket_name
    message
    string

    A human-readable message, in English, saying what went wrong.

    Examplebucket name is too long
    401
    statuscodedescription
    401bad_auth_tokenThe auth token used is not valid. Call b2_authorize_account again to either get a new one, or an error message describing the problem.
    401email_not_verifiedA valid email address is required to use Cloud Replication. Please verify your email address. Contact customer support if you have questions.
    401expired_auth_tokenThe auth token used has expired. Call b2_authorize_account again to get a new one.
    401no_payment_historyA payment history is required to use Cloud Replication. Please make a payment before configuring Cloud Replication. Contact customer support if you have questions.
    401unauthorizedThe auth token used is valid, but does not authorize this call with these parameters. The capabilities of an auth token are determined by the application key used with b2_authorize_account.
    403
    statuscodedescription
    403transaction_cap_exceededTransaction cap exceeded. To increase your cap, sign in to your B2 Cloud Storage account online. Then select the Caps & Alerts link in the B2 Cloud Storage section of the sidebar.
    409
    statuscodedescription
    409conflictThe ifRevisionIs test failed.

    Was this article helpful?