Skip to main content

Name

nebius storage bucket update

Synopsis

nebius storage bucket update [id]
  --bucket-policy-rules
  --cors-rules
  --default-storage-class
  --force-storage-class
  --id
  --labels
  --labels-add
  --labels-remove
  --lifecycle-configuration-last-access-filter-conditions
  --lifecycle-configuration-rules
  --max-size-bytes
  --name
  --object-audit-logging
  --parent-id
  --resource-version
  --versioning-policy
  --async
  --clear-mask
  --diff
  --full
  --patch

Positional Arguments

id

Identifier for the resource, unique for its resource type.

Options

--bucket-policy-rules (json)

Rule specifies which role must be given to a subject to access a set of objects with given
prefixes or a whole bucket.

(structure)

anonymous -> (structure)[meaningful_empty_value]

Enable anonymous access. Only read-only roles are allowed in anonymous mode.

Mutually exclusive with: group_id.

group_id -> (string)

Group ID to grant access to.

Mutually exclusive with: anonymous.

paths -> (string)

A list of paths each of which is either a full object key or a prefix ending with a
single "" wildcard character. A rule is only applied to objects matching any of paths.
If there is a path equal to "", a rule applies to a whole bucket.

roles -> (string)

A set of roles which a subject will have. All storage.* roles are supported.

JSON Schema:

[{               
  "anonymous": {
  },
  "paths": [""], 
  "roles": [""]  
}]

--cors-rules (json)

CORS rules.

(structure)

allowed_headers -> (string)

Headers that are allowed in a preflight request through the Access-Control-Request-Headers header.

allowed_methods -> (string)[required]

HTTP methods CORS is allowed for: GET, PUT, POST, DELETE, HEAD.

allowed_origins -> (string)[required]

The origins that you want to allow cross-domain requests from. Single wildcard * is allowed.

expose_headers -> (string)

Headers in the response that you want customers to be able to access from their applications.

id -> (string)[optional]

Optional rule identifier.

max_age_seconds -> (int32)[optional]

Time in seconds that your browser can cache the response for a preflight request as identified by the resource.

JSON Schema:

[{                        
  "allowed_headers": [""],
  "allowed_methods": [""],
  "allowed_origins": [""],
  "expose_headers": [""], 
  "id": "",               
  "max_age_seconds": 0    
}]

--default-storage-class (string)

Storage class to use by default for uploads to the bucket. It may be overridden by x-amz-storage-class header.
If not set - STANDARD is used as a default storage class.

A value must be one of:

  • storage_class_unspecified
  • standard
  • enhanced_throughput
  • intelligent

--force-storage-class (bool)

Flag to force usage of default_storage_class, ignoring x-amz-storage-class header.

--id (string)

Identifier for the resource, unique for its resource type.

--labels (string->string)

Labels associated with the resource.

--labels-add (string->string)

Add values to Labels associated with the resource.

--labels-remove (string array)

Remove values from Labels associated with the resource.

--lifecycle-configuration-last-access-filter-conditions (json)

A request is included in days_since_last_access calculations if:

  • The first condition matching the request has INCLUDE type.
    OR
  • The request doesn’t match any conditions.

(structure)

methods -> (string)

The s3 methods to match.
An empty list matches all methods.

A value must be one of:

  • “method_unspecified"
  • "get_object"
  • "head_object"
  • "get_object_tagging"
  • "copy_object"
  • "upload_part_copy”

type -> (string)[required]

A value must be one of:

  • “type_unspecified"
  • "include"
  • "exclude”

user_agents -> (string)

User agents to match. Condition is satisfied if the request’s user agent contains any of these substrings.
An empty list matches all user agents.

JSON Schema:

[{                                                                                                                
  "methods": "method_unspecified"|"get_object"|"head_object"|"get_object_tagging"|"copy_object"|"upload_part_copy",
  "type": "type_unspecified"|"include"|"exclude"                                                                  ,
  "user_agents": [""]                                                                                             
}]

--lifecycle-configuration-rules (json)

(structure)

abort_incomplete_multipart_upload -> (structure)

Specifies the days since the initiation of an incomplete multipart upload that
the system will wait before permanently removing all parts of the upload.

days_after_initiation -> (int32)

Specifies the days since the initiation of an incomplete multipart upload that
the system will wait before permanently removing all parts of the upload.

expiration -> (structure)

Specifies the expiration for the lifecycle of the object in the form of date, days and,
whether the object has a delete marker.

date -> (timestamp)[google.protobuf.Timestamp]

Indicates at what date the object will be deleted. The time is always midnight UTC.

Mutually exclusive with: days.

days -> (int32)

Indicates the lifetime, in days, of the objects that are subject to the rule.
The value must be a non-zero positive integer.

Mutually exclusive with: date.

expired_object_delete_marker -> (bool)

Indicates whether the system will remove a “delete marker” with no noncurrent versions.
If set to true, the “delete marker” will be permanently removed.
If set to false the policy takes no action.
This cannot be specified with Days or Date in a LifecycleExpiration Policy.

filter -> (structure)[non_empty_default]

The Filter is used to identify objects that a Lifecycle Rule applies to.
The Lifecycle Rule will apply to any object matching all of the predicates
configured inside (using logical AND).

object_size_greater_than_bytes -> (int64)

Minimum object size to which the rule applies.

object_size_less_than_bytes -> (int64)

Maximum object size to which the rule applies.

prefix -> (string)

Prefix identifying one or more objects to which the rule applies.
If prefix is empty, the rule applies to all objects in the bucket.

id -> (string)[required]

Unique identifier for the rule per configuration.
The value cannot be longer than 255 characters.

noncurrent_version_expiration -> (structure)

Specifies when noncurrent object versions expire.
It works only on a bucket that has versioning enabled (or suspended).

newer_noncurrent_versions -> (int32)[optional]

Specifies how many noncurrent versions the system will retain.

noncurrent_days -> (int32)

Specifies the number of days an object is noncurrent before the system will expire it.

noncurrent_version_transition -> (structure)

Specifies the transition for the lifecycle of a noncurrent object.
It works only on a bucket that has versioning enabled (or suspended).

newer_noncurrent_versions -> (int32)[optional]

Specifies how many noncurrent versions the system will retain without transition.

noncurrent_days -> (int32)

Specifies the number of days an object is noncurrent before the system will transit it.

storage_class -> (string)

Target storage class to transit to.

A value must be one of:

  • “storage_class_unspecified"
  • "standard"
  • "enhanced_throughput"
  • "intelligent”

status -> (string)[required]

A value must be one of:

  • “status_unspecified"
  • "enabled"
  • "disabled”

transition -> (structure)

Specifies the transition for the lifecycle of an object in the form of date or days and
target storage class to transit object to.

date -> (timestamp)[google.protobuf.Timestamp]

Indicates at what date the object will be transited. The time is always midnight UTC.

Mutually exclusive with: days, days_since_last_access.

days -> (int32)

Amount of days since object was uploaded before it’s transited to a new storage class.
The value must be a non-zero positive integer.

Mutually exclusive with: date, days_since_last_access.

days_since_last_access -> (int32)

The number of days since the object was last accessed before it is transitioned.

Mutually exclusive with: date, days.

storage_class -> (string)

Target storage class to transit to.

A value must be one of:

  • “storage_class_unspecified"
  • "standard"
  • "enhanced_throughput"
  • "intelligent”

JSON Schema:

[{                                                   
  "abort_incomplete_multipart_upload": {
    "days_after_initiation": 0          
  },
  "expiration": {                         
    "date": "1970-01-31T02:30:59Z",       
    "expired_object_delete_marker": false 
  },
  "filter": {                           
    "object_size_greater_than_bytes": 0,
    "object_size_less_than_bytes": 0,   
    "prefix": ""                        
  },
  "id": "",                                          
  "noncurrent_version_expiration": {
    "newer_noncurrent_versions": 0, 
    "noncurrent_days": 0            
  },
  "noncurrent_version_transition": {                                                           
    "newer_noncurrent_versions": 0,                                                            
    "noncurrent_days": 0,                                                                      
    "storage_class": "storage_class_unspecified"|"standard"|"enhanced_throughput"|"intelligent"
  },
  "status": "status_unspecified"|"enabled"|"disabled",
  "transition": {                                                                              
    "date": "1970-01-31T02:30:59Z",                                                            
    "storage_class": "storage_class_unspecified"|"standard"|"enhanced_throughput"|"intelligent"
  }
}]

--max-size-bytes (int64)

Maximum bucket size.
Zero means unlimited.
Actual limit can be lower if customer doesn’t have enough quota.
Real bucket size can go a little higher if customer writes too fast.

--name (string)

Human readable name for the resource.

--object-audit-logging (string)

Object audit logging specifies which requests must be logged - none, all or mutational only.

A value must be one of:

  • object_audit_logging_unspecified
  • none
  • mutate_only
  • all

--parent-id (string)

Identifier of the parent resource to which the resource belongs.

--resource-version (int64)

Version of the resource for safe concurrent modifications and consistent reads.
Positive and monotonically increases on each resource spec change (but not on each change of the
resource’s container(s) or status).
Service allows zero value or current.

--versioning-policy (string)

Supports transitions:

  • disabled -> enabled
  • disabled -> suspended
  • enabled <-> suspended.

A value must be one of:

  • versioning_policy_unspecified
  • disabled
  • enabled
  • suspended

--async (bool)

If set, returns operation id. Otherwise, waits for the operation to complete and returns its resource.

--clear-mask (string array)

Reset-mask field paths to clear in patch mode. Can be repeated.

--diff (bool)

Show diff of resource before commiting update.

--full (bool)

Update full resource state. Automatically set to true if the —file or argument provided.

--patch (bool)

Update only specified fields.

Global Options

-h, --help (bool)

Show this message.

-p, --profile (string)

Set a profile for interacting with the cloud.

--format (string)

Output format. Supported values: yaml|json|jsonpath|table|text.

-f, --file (string)

Input file. For ‘update’ commands automatically set —full=true.

-c, --config (string)

Provide path to config file.

--debug (bool)

Enable debug logs.

--color (bool)

Enable colored output.

--no-browser (bool)

Do not open browser automatically on auth.

--insecure (bool)

Disable transport security.

--auth-timeout (duration: 2h30m10s)

Set the timeout for the request including authentication process, default is 15m0s.

--per-retry-timeout (duration: 2h30m10s)

Set the timeout for each retry attempt, default is 20s.

--retries (uint)

Set the number of retry attempts, 1 is disable retries, default is 3.

--timeout (duration: 2h30m10s)

Set the timeout for the main request, default is 1m0s.

--no-check-update (bool)

Suppress check for updates.