{ "version": "2.0", "metadata": { "apiVersion": "2012-06-01", "checksumFormat": "sha256", "endpointPrefix": "glacier", "protocol": "rest-json", "serviceFullName": "Amazon Glacier", "serviceId": "Glacier", "signatureVersion": "v4", "uid": "glacier-2012-06-01" }, "operations": { "AbortMultipartUpload": { "name": "AbortMultipartUpload", "http": { "method": "DELETE", "requestUri": "/{accountId}/vaults/{vaultName}/multipart-uploads/{uploadId}", "responseCode": 204 }, "input": { "shape": "AbortMultipartUploadInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation aborts a multipart upload identified by the upload ID.

After the Abort Multipart Upload request succeeds, you cannot upload any more parts to the multipart upload or complete the multipart upload. Aborting a completed upload fails. However, aborting an already-aborted upload will succeed, for a short time. For more information about uploading a part and completing a multipart upload, see UploadMultipartPart and CompleteMultipartUpload.

This operation is idempotent.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Working with Archives in Amazon S3 Glacier and Abort Multipart Upload in the Amazon Glacier Developer Guide.

" }, "AbortVaultLock": { "name": "AbortVaultLock", "http": { "method": "DELETE", "requestUri": "/{accountId}/vaults/{vaultName}/lock-policy", "responseCode": 204 }, "input": { "shape": "AbortVaultLockInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation aborts the vault locking process if the vault lock is not in the Locked state. If the vault lock is in the Locked state when this operation is requested, the operation returns an AccessDeniedException error. Aborting the vault locking process removes the vault lock policy from the specified vault.

A vault lock is put into the InProgress state by calling InitiateVaultLock. A vault lock is put into the Locked state by calling CompleteVaultLock. You can get the state of a vault lock by calling GetVaultLock. For more information about the vault locking process, see Amazon Glacier Vault Lock. For more information about vault lock policies, see Amazon Glacier Access Control with Vault Lock Policies.

This operation is idempotent. You can successfully invoke this operation multiple times, if the vault lock is in the InProgress state or if there is no policy associated with the vault.

" }, "AddTagsToVault": { "name": "AddTagsToVault", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/tags?operation=add", "responseCode": 204 }, "input": { "shape": "AddTagsToVaultInput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ResourceNotFoundException" }, { "shape": "LimitExceededException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation adds the specified tags to a vault. Each tag is composed of a key and a value. Each vault can have up to 10 tags. If your request would cause the tag limit for the vault to be exceeded, the operation throws the LimitExceededException error. If a tag already exists on the vault under a specified key, the existing key value will be overwritten. For more information about tags, see Tagging Amazon S3 Glacier Resources.

" }, "CompleteMultipartUpload": { "name": "CompleteMultipartUpload", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/multipart-uploads/{uploadId}", "responseCode": 201 }, "input": { "shape": "CompleteMultipartUploadInput" }, "output": { "shape": "ArchiveCreationOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

You call this operation to inform Amazon S3 Glacier (Glacier) that all the archive parts have been uploaded and that Glacier can now assemble the archive from the uploaded parts. After assembling and saving the archive to the vault, Glacier returns the URI path of the newly created archive resource. Using the URI path, you can then access the archive. After you upload an archive, you should save the archive ID returned to retrieve the archive at a later point. You can also get the vault inventory to obtain a list of archive IDs in a vault. For more information, see InitiateJob.

In the request, you must include the computed SHA256 tree hash of the entire archive you have uploaded. For information about computing a SHA256 tree hash, see Computing Checksums. On the server side, Glacier also constructs the SHA256 tree hash of the assembled archive. If the values match, Glacier saves the archive to the vault; otherwise, it returns an error, and the operation fails. The ListParts operation returns a list of parts uploaded for a specific multipart upload. It includes checksum information for each uploaded part that can be used to debug a bad checksum issue.

Additionally, Glacier also checks for any missing content ranges when assembling the archive, if missing content ranges are found, Glacier returns an error and the operation fails.

Complete Multipart Upload is an idempotent operation. After your first successful complete multipart upload, if you call the operation again within a short period, the operation will succeed and return the same archive ID. This is useful in the event you experience a network issue that causes an aborted connection or receive a 500 server error, in which case you can repeat your Complete Multipart Upload request and get the same archive ID without creating duplicate archives. Note, however, that after the multipart upload completes, you cannot call the List Parts operation and the multipart upload will not appear in List Multipart Uploads response, even if idempotent complete is possible.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Uploading Large Archives in Parts (Multipart Upload) and Complete Multipart Upload in the Amazon Glacier Developer Guide.

" }, "CompleteVaultLock": { "name": "CompleteVaultLock", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/lock-policy/{lockId}", "responseCode": 204 }, "input": { "shape": "CompleteVaultLockInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation completes the vault locking process by transitioning the vault lock from the InProgress state to the Locked state, which causes the vault lock policy to become unchangeable. A vault lock is put into the InProgress state by calling InitiateVaultLock. You can obtain the state of the vault lock by calling GetVaultLock. For more information about the vault locking process, Amazon Glacier Vault Lock.

This operation is idempotent. This request is always successful if the vault lock is in the Locked state and the provided lock ID matches the lock ID originally used to lock the vault.

If an invalid lock ID is passed in the request when the vault lock is in the Locked state, the operation returns an AccessDeniedException error. If an invalid lock ID is passed in the request when the vault lock is in the InProgress state, the operation throws an InvalidParameter error.

" }, "CreateVault": { "name": "CreateVault", "http": { "method": "PUT", "requestUri": "/{accountId}/vaults/{vaultName}", "responseCode": 201 }, "input": { "shape": "CreateVaultInput" }, "output": { "shape": "CreateVaultOutput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" }, { "shape": "LimitExceededException" } ], "documentation": "

This operation creates a new vault with the specified name. The name of the vault must be unique within a region for an AWS account. You can create up to 1,000 vaults per account. If you need to create more vaults, contact Amazon S3 Glacier.

You must use the following guidelines when naming a vault.

This operation is idempotent.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Creating a Vault in Amazon Glacier and Create Vault in the Amazon Glacier Developer Guide.

" }, "DeleteArchive": { "name": "DeleteArchive", "http": { "method": "DELETE", "requestUri": "/{accountId}/vaults/{vaultName}/archives/{archiveId}", "responseCode": 204 }, "input": { "shape": "DeleteArchiveInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation deletes an archive from a vault. Subsequent requests to initiate a retrieval of this archive will fail. Archive retrievals that are in progress for this archive ID may or may not succeed according to the following scenarios:

This operation is idempotent. Attempting to delete an already-deleted archive does not result in an error.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Deleting an Archive in Amazon Glacier and Delete Archive in the Amazon Glacier Developer Guide.

" }, "DeleteVault": { "name": "DeleteVault", "http": { "method": "DELETE", "requestUri": "/{accountId}/vaults/{vaultName}", "responseCode": 204 }, "input": { "shape": "DeleteVaultInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation deletes a vault. Amazon S3 Glacier will delete a vault only if there are no archives in the vault as of the last inventory and there have been no writes to the vault since the last inventory. If either of these conditions is not satisfied, the vault deletion fails (that is, the vault is not removed) and Amazon S3 Glacier returns an error. You can use DescribeVault to return the number of archives in a vault, and you can use Initiate a Job (POST jobs) to initiate a new inventory retrieval for a vault. The inventory contains the archive IDs you use to delete archives using Delete Archive (DELETE archive).

This operation is idempotent.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Deleting a Vault in Amazon Glacier and Delete Vault in the Amazon S3 Glacier Developer Guide.

" }, "DeleteVaultAccessPolicy": { "name": "DeleteVaultAccessPolicy", "http": { "method": "DELETE", "requestUri": "/{accountId}/vaults/{vaultName}/access-policy", "responseCode": 204 }, "input": { "shape": "DeleteVaultAccessPolicyInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation deletes the access policy associated with the specified vault. The operation is eventually consistent; that is, it might take some time for Amazon S3 Glacier to completely remove the access policy, and you might still see the effect of the policy for a short time after you send the delete request.

This operation is idempotent. You can invoke delete multiple times, even if there is no policy associated with the vault. For more information about vault access policies, see Amazon Glacier Access Control with Vault Access Policies.

" }, "DeleteVaultNotifications": { "name": "DeleteVaultNotifications", "http": { "method": "DELETE", "requestUri": "/{accountId}/vaults/{vaultName}/notification-configuration", "responseCode": 204 }, "input": { "shape": "DeleteVaultNotificationsInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation deletes the notification configuration set for a vault. The operation is eventually consistent; that is, it might take some time for Amazon S3 Glacier to completely disable the notifications and you might still receive some notifications for a short time after you send the delete request.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Configuring Vault Notifications in Amazon S3 Glacier and Delete Vault Notification Configuration in the Amazon S3 Glacier Developer Guide.

" }, "DescribeJob": { "name": "DescribeJob", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/jobs/{jobId}" }, "input": { "shape": "DescribeJobInput" }, "output": { "shape": "GlacierJobDescription" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation returns information about a job you previously initiated, including the job initiation date, the user who initiated the job, the job status code/message and the Amazon SNS topic to notify after Amazon S3 Glacier (Glacier) completes the job. For more information about initiating a job, see InitiateJob.

This operation enables you to check the status of your job. However, it is strongly recommended that you set up an Amazon SNS topic and specify it in your initiate job request so that Glacier can notify the topic after it completes the job.

A job ID will not expire for at least 24 hours after Glacier completes the job.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For more information about using this operation, see the documentation for the underlying REST API Describe Job in the Amazon Glacier Developer Guide.

" }, "DescribeVault": { "name": "DescribeVault", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}" }, "input": { "shape": "DescribeVaultInput" }, "output": { "shape": "DescribeVaultOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation returns information about a vault, including the vault's Amazon Resource Name (ARN), the date the vault was created, the number of archives it contains, and the total size of all the archives in the vault. The number of archives and their total size are as of the last inventory generation. This means that if you add or remove an archive from a vault, and then immediately use Describe Vault, the change in contents will not be immediately reflected. If you want to retrieve the latest inventory of the vault, use InitiateJob. Amazon S3 Glacier generates vault inventories approximately daily. For more information, see Downloading a Vault Inventory in Amazon S3 Glacier.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Retrieving Vault Metadata in Amazon S3 Glacier and Describe Vault in the Amazon Glacier Developer Guide.

" }, "GetDataRetrievalPolicy": { "name": "GetDataRetrievalPolicy", "http": { "method": "GET", "requestUri": "/{accountId}/policies/data-retrieval" }, "input": { "shape": "GetDataRetrievalPolicyInput" }, "output": { "shape": "GetDataRetrievalPolicyOutput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation returns the current data retrieval policy for the account and region specified in the GET request. For more information about data retrieval policies, see Amazon Glacier Data Retrieval Policies.

" }, "GetJobOutput": { "name": "GetJobOutput", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/jobs/{jobId}/output" }, "input": { "shape": "GetJobOutputInput" }, "output": { "shape": "GetJobOutputOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation downloads the output of the job you initiated using InitiateJob. Depending on the job type you specified when you initiated the job, the output will be either the content of an archive or a vault inventory.

You can download all the job output or download a portion of the output by specifying a byte range. In the case of an archive retrieval job, depending on the byte range you specify, Amazon S3 Glacier (Glacier) returns the checksum for the portion of the data. You can compute the checksum on the client and verify that the values match to ensure the portion you downloaded is the correct data.

A job ID will not expire for at least 24 hours after Glacier completes the job. That a byte range. For both archive and inventory retrieval jobs, you should verify the downloaded size against the size returned in the headers from the Get Job Output response.

For archive retrieval jobs, you should also verify that the size is what you expected. If you download a portion of the output, the expected size is based on the range of bytes you specified. For example, if you specify a range of bytes=0-1048575, you should verify your download size is 1,048,576 bytes. If you download an entire archive, the expected size is the size of the archive when you uploaded it to Amazon S3 Glacier The expected size is also returned in the headers from the Get Job Output response.

In the case of an archive retrieval job, depending on the byte range you specify, Glacier returns the checksum for the portion of the data. To ensure the portion you downloaded is the correct data, compute the checksum on the client, verify that the values match, and verify that the size is what you expected.

A job ID does not expire for at least 24 hours after Glacier completes the job. That is, you can download the job output within the 24 hours period after Amazon Glacier completes the job.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and the underlying REST API, see Downloading a Vault Inventory, Downloading an Archive, and Get Job Output

" }, "GetVaultAccessPolicy": { "name": "GetVaultAccessPolicy", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/access-policy" }, "input": { "shape": "GetVaultAccessPolicyInput" }, "output": { "shape": "GetVaultAccessPolicyOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation retrieves the access-policy subresource set on the vault; for more information on setting this subresource, see Set Vault Access Policy (PUT access-policy). If there is no access policy set on the vault, the operation returns a 404 Not found error. For more information about vault access policies, see Amazon Glacier Access Control with Vault Access Policies.

" }, "GetVaultLock": { "name": "GetVaultLock", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/lock-policy" }, "input": { "shape": "GetVaultLockInput" }, "output": { "shape": "GetVaultLockOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation retrieves the following attributes from the lock-policy subresource set on the specified vault:

A vault lock is put into the InProgress state by calling InitiateVaultLock. A vault lock is put into the Locked state by calling CompleteVaultLock. You can abort the vault locking process by calling AbortVaultLock. For more information about the vault locking process, Amazon Glacier Vault Lock.

If there is no vault lock policy set on the vault, the operation returns a 404 Not found error. For more information about vault lock policies, Amazon Glacier Access Control with Vault Lock Policies.

" }, "GetVaultNotifications": { "name": "GetVaultNotifications", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/notification-configuration" }, "input": { "shape": "GetVaultNotificationsInput" }, "output": { "shape": "GetVaultNotificationsOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation retrieves the notification-configuration subresource of the specified vault.

For information about setting a notification configuration on a vault, see SetVaultNotifications. If a notification configuration for a vault is not set, the operation returns a 404 Not Found error. For more information about vault notifications, see Configuring Vault Notifications in Amazon S3 Glacier.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Configuring Vault Notifications in Amazon S3 Glacier and Get Vault Notification Configuration in the Amazon Glacier Developer Guide.

" }, "InitiateJob": { "name": "InitiateJob", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/jobs", "responseCode": 202 }, "input": { "shape": "InitiateJobInput" }, "output": { "shape": "InitiateJobOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "PolicyEnforcedException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "InsufficientCapacityException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation initiates a job of the specified type, which can be a select, an archival retrieval, or a vault retrieval. For more information about using this operation, see the documentation for the underlying REST API Initiate a Job.

" }, "InitiateMultipartUpload": { "name": "InitiateMultipartUpload", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/multipart-uploads", "responseCode": 201 }, "input": { "shape": "InitiateMultipartUploadInput" }, "output": { "shape": "InitiateMultipartUploadOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation initiates a multipart upload. Amazon S3 Glacier creates a multipart upload resource and returns its ID in the response. The multipart upload ID is used in subsequent requests to upload parts of an archive (see UploadMultipartPart).

When you initiate a multipart upload, you specify the part size in number of bytes. The part size must be a megabyte (1024 KB) multiplied by a power of 2-for example, 1048576 (1 MB), 2097152 (2 MB), 4194304 (4 MB), 8388608 (8 MB), and so on. The minimum allowable part size is 1 MB, and the maximum is 4 GB.

Every part you upload to this resource (see UploadMultipartPart), except the last one, must have the same size. The last one can be the same size or smaller. For example, suppose you want to upload a 16.2 MB file. If you initiate the multipart upload with a part size of 4 MB, you will upload four parts of 4 MB each and one part of 0.2 MB.

You don't need to know the size of the archive when you start a multipart upload because Amazon S3 Glacier does not require you to specify the overall archive size.

After you complete the multipart upload, Amazon S3 Glacier (Glacier) removes the multipart upload resource referenced by the ID. Glacier also removes the multipart upload resource if you cancel the multipart upload or it may be removed if there is no activity for a period of 24 hours.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Uploading Large Archives in Parts (Multipart Upload) and Initiate Multipart Upload in the Amazon Glacier Developer Guide.

" }, "InitiateVaultLock": { "name": "InitiateVaultLock", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/lock-policy", "responseCode": 201 }, "input": { "shape": "InitiateVaultLockInput" }, "output": { "shape": "InitiateVaultLockOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation initiates the vault locking process by doing the following:

You can set one vault lock policy for each vault and this policy can be up to 20 KB in size. For more information about vault lock policies, see Amazon Glacier Access Control with Vault Lock Policies.

You must complete the vault locking process within 24 hours after the vault lock enters the InProgress state. After the 24 hour window ends, the lock ID expires, the vault automatically exits the InProgress state, and the vault lock policy is removed from the vault. You call CompleteVaultLock to complete the vault locking process by setting the state of the vault lock to Locked.

After a vault lock is in the Locked state, you cannot initiate a new vault lock for the vault.

You can abort the vault locking process by calling AbortVaultLock. You can get the state of the vault lock by calling GetVaultLock. For more information about the vault locking process, Amazon Glacier Vault Lock.

If this operation is called when the vault lock is in the InProgress state, the operation returns an AccessDeniedException error. When the vault lock is in the InProgress state you must call AbortVaultLock before you can initiate a new vault lock policy.

" }, "ListJobs": { "name": "ListJobs", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/jobs" }, "input": { "shape": "ListJobsInput" }, "output": { "shape": "ListJobsOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation lists jobs for a vault, including jobs that are in-progress and jobs that have recently finished. The List Job operation returns a list of these jobs sorted by job initiation time.

Amazon Glacier retains recently completed jobs for a period before deleting them; however, it eventually removes completed jobs. The output of completed jobs can be retrieved. Retaining completed jobs for a period of time after they have completed enables you to get a job output in the event you miss the job completion notification or your first attempt to download it fails. For example, suppose you start an archive retrieval job to download an archive. After the job completes, you start to download the archive but encounter a network error. In this scenario, you can retry and download the archive while the job exists.

The List Jobs operation supports pagination. You should always check the response Marker field. If there are no more jobs to list, the Marker field is set to null. If there are more jobs to list, the Marker field is set to a non-null value, which you can use to continue the pagination of the list. To return a list of jobs that begins at a specific job, set the marker request parameter to the Marker value for that job that you obtained from a previous List Jobs request.

You can set a maximum limit for the number of jobs returned in the response by specifying the limit parameter in the request. The default limit is 50. The number of jobs returned might be fewer than the limit, but the number of returned jobs never exceeds the limit.

Additionally, you can filter the jobs list returned by specifying the optional statuscode parameter or completed parameter, or both. Using the statuscode parameter, you can specify to return only jobs that match either the InProgress, Succeeded, or Failed status. Using the completed parameter, you can specify to return only jobs that were completed (true) or jobs that were not completed (false).

For more information about using this operation, see the documentation for the underlying REST API List Jobs.

" }, "ListMultipartUploads": { "name": "ListMultipartUploads", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/multipart-uploads" }, "input": { "shape": "ListMultipartUploadsInput" }, "output": { "shape": "ListMultipartUploadsOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation lists in-progress multipart uploads for the specified vault. An in-progress multipart upload is a multipart upload that has been initiated by an InitiateMultipartUpload request, but has not yet been completed or aborted. The list returned in the List Multipart Upload response has no guaranteed order.

The List Multipart Uploads operation supports pagination. By default, this operation returns up to 50 multipart uploads in the response. You should always check the response for a marker at which to continue the list; if there are no more items the marker is null. To return a list of multipart uploads that begins at a specific upload, set the marker request parameter to the value you obtained from a previous List Multipart Upload request. You can also limit the number of uploads returned in the response by specifying the limit parameter in the request.

Note the difference between this operation and listing parts (ListParts). The List Multipart Uploads operation lists all multipart uploads for a vault and does not require a multipart upload ID. The List Parts operation requires a multipart upload ID since parts are associated with a single upload.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and the underlying REST API, see Working with Archives in Amazon S3 Glacier and List Multipart Uploads in the Amazon Glacier Developer Guide.

" }, "ListParts": { "name": "ListParts", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/multipart-uploads/{uploadId}" }, "input": { "shape": "ListPartsInput" }, "output": { "shape": "ListPartsOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation lists the parts of an archive that have been uploaded in a specific multipart upload. You can make this request at any time during an in-progress multipart upload before you complete the upload (see CompleteMultipartUpload. List Parts returns an error for completed uploads. The list returned in the List Parts response is sorted by part range.

The List Parts operation supports pagination. By default, this operation returns up to 50 uploaded parts in the response. You should always check the response for a marker at which to continue the list; if there are no more items the marker is null. To return a list of parts that begins at a specific part, set the marker request parameter to the value you obtained from a previous List Parts request. You can also limit the number of parts returned in the response by specifying the limit parameter in the request.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and the underlying REST API, see Working with Archives in Amazon S3 Glacier and List Parts in the Amazon Glacier Developer Guide.

" }, "ListProvisionedCapacity": { "name": "ListProvisionedCapacity", "http": { "method": "GET", "requestUri": "/{accountId}/provisioned-capacity" }, "input": { "shape": "ListProvisionedCapacityInput" }, "output": { "shape": "ListProvisionedCapacityOutput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation lists the provisioned capacity units for the specified AWS account.

" }, "ListTagsForVault": { "name": "ListTagsForVault", "http": { "method": "GET", "requestUri": "/{accountId}/vaults/{vaultName}/tags" }, "input": { "shape": "ListTagsForVaultInput" }, "output": { "shape": "ListTagsForVaultOutput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ResourceNotFoundException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation lists all the tags attached to a vault. The operation returns an empty map if there are no tags. For more information about tags, see Tagging Amazon S3 Glacier Resources.

" }, "ListVaults": { "name": "ListVaults", "http": { "method": "GET", "requestUri": "/{accountId}/vaults" }, "input": { "shape": "ListVaultsInput" }, "output": { "shape": "ListVaultsOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation lists all vaults owned by the calling user's account. The list returned in the response is ASCII-sorted by vault name.

By default, this operation returns up to 10 items. If there are more vaults to list, the response marker field contains the vault Amazon Resource Name (ARN) at which to continue the list with a new List Vaults request; otherwise, the marker field is null. To return a list of vaults that begins at a specific vault, set the marker request parameter to the vault ARN you obtained from a previous List Vaults request. You can also limit the number of vaults returned in the response by specifying the limit parameter in the request.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Retrieving Vault Metadata in Amazon S3 Glacier and List Vaults in the Amazon Glacier Developer Guide.

" }, "PurchaseProvisionedCapacity": { "name": "PurchaseProvisionedCapacity", "http": { "method": "POST", "requestUri": "/{accountId}/provisioned-capacity", "responseCode": 201 }, "input": { "shape": "PurchaseProvisionedCapacityInput" }, "output": { "shape": "PurchaseProvisionedCapacityOutput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "LimitExceededException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation purchases a provisioned capacity unit for an AWS account.

" }, "RemoveTagsFromVault": { "name": "RemoveTagsFromVault", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/tags?operation=remove", "responseCode": 204 }, "input": { "shape": "RemoveTagsFromVaultInput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ResourceNotFoundException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation removes one or more tags from the set of tags attached to a vault. For more information about tags, see Tagging Amazon S3 Glacier Resources. This operation is idempotent. The operation will be successful, even if there are no tags attached to the vault.

" }, "SetDataRetrievalPolicy": { "name": "SetDataRetrievalPolicy", "http": { "method": "PUT", "requestUri": "/{accountId}/policies/data-retrieval", "responseCode": 204 }, "input": { "shape": "SetDataRetrievalPolicyInput" }, "errors": [ { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation sets and then enacts a data retrieval policy in the region specified in the PUT request. You can set one policy per region for an AWS account. The policy is enacted within a few minutes of a successful PUT operation.

The set policy operation does not affect retrieval jobs that were in progress before the policy was enacted. For more information about data retrieval policies, see Amazon Glacier Data Retrieval Policies.

" }, "SetVaultAccessPolicy": { "name": "SetVaultAccessPolicy", "http": { "method": "PUT", "requestUri": "/{accountId}/vaults/{vaultName}/access-policy", "responseCode": 204 }, "input": { "shape": "SetVaultAccessPolicyInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation configures an access policy for a vault and will overwrite an existing policy. To configure a vault access policy, send a PUT request to the access-policy subresource of the vault. An access policy is specific to a vault and is also called a vault subresource. You can set one access policy per vault and the policy can be up to 20 KB in size. For more information about vault access policies, see Amazon Glacier Access Control with Vault Access Policies.

" }, "SetVaultNotifications": { "name": "SetVaultNotifications", "http": { "method": "PUT", "requestUri": "/{accountId}/vaults/{vaultName}/notification-configuration", "responseCode": 204 }, "input": { "shape": "SetVaultNotificationsInput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation configures notifications that will be sent when specific events happen to a vault. By default, you don't get any notifications.

To configure vault notifications, send a PUT request to the notification-configuration subresource of the vault. The request should include a JSON document that provides an Amazon SNS topic and specific events for which you want Amazon S3 Glacier to send notifications to the topic.

Amazon SNS topics must grant permission to the vault to be allowed to publish notifications to the topic. You can configure a vault to publish a notification for the following vault events:

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Configuring Vault Notifications in Amazon S3 Glacier and Set Vault Notification Configuration in the Amazon Glacier Developer Guide.

" }, "UploadArchive": { "name": "UploadArchive", "http": { "method": "POST", "requestUri": "/{accountId}/vaults/{vaultName}/archives", "responseCode": 201 }, "input": { "shape": "UploadArchiveInput" }, "output": { "shape": "ArchiveCreationOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "RequestTimeoutException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation adds an archive to a vault. This is a synchronous operation, and for a successful upload, your data is durably persisted. Amazon S3 Glacier returns the archive ID in the x-amz-archive-id header of the response.

You must use the archive ID to access your data in Amazon S3 Glacier. After you upload an archive, you should save the archive ID returned so that you can retrieve or delete the archive later. Besides saving the archive ID, you can also index it and give it a friendly name to allow for better searching. You can also use the optional archive description field to specify how the archive is referred to in an external index of archives, such as you might create in Amazon DynamoDB. You can also get the vault inventory to obtain a list of archive IDs in a vault. For more information, see InitiateJob.

You must provide a SHA256 tree hash of the data you are uploading. For information about computing a SHA256 tree hash, see Computing Checksums.

You can optionally specify an archive description of up to 1,024 printable ASCII characters. You can get the archive description when you either retrieve the archive or get the vault inventory. For more information, see InitiateJob. Amazon Glacier does not interpret the description in any way. An archive description does not need to be unique. You cannot use the description to retrieve or sort the archive list.

Archives are immutable. After you upload an archive, you cannot edit the archive or its description.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Uploading an Archive in Amazon Glacier and Upload Archive in the Amazon Glacier Developer Guide.

" }, "UploadMultipartPart": { "name": "UploadMultipartPart", "http": { "method": "PUT", "requestUri": "/{accountId}/vaults/{vaultName}/multipart-uploads/{uploadId}", "responseCode": 204 }, "input": { "shape": "UploadMultipartPartInput" }, "output": { "shape": "UploadMultipartPartOutput" }, "errors": [ { "shape": "ResourceNotFoundException" }, { "shape": "InvalidParameterValueException" }, { "shape": "MissingParameterValueException" }, { "shape": "RequestTimeoutException" }, { "shape": "ServiceUnavailableException" } ], "documentation": "

This operation uploads a part of an archive. You can upload archive parts in any order. You can also upload them in parallel. You can upload up to 10,000 parts for a multipart upload.

Amazon Glacier rejects your upload part request if any of the following conditions is true:

This operation is idempotent. If you upload the same part multiple times, the data included in the most recent request overwrites the previously uploaded data.

An AWS account has full permission to perform all operations (actions). However, AWS Identity and Access Management (IAM) users don't have any permissions by default. You must grant them explicit permission to perform specific actions. For more information, see Access Control Using AWS Identity and Access Management (IAM).

For conceptual information and underlying REST API, see Uploading Large Archives in Parts (Multipart Upload) and Upload Part in the Amazon Glacier Developer Guide.

" } }, "shapes": { "AbortMultipartUploadInput": { "type": "structure", "required": [ "accountId", "vaultName", "uploadId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "uploadId": { "shape": "string", "documentation": "

The upload ID of the multipart upload to delete.

", "location": "uri", "locationName": "uploadId" } }, "documentation": "

Provides options to abort a multipart upload identified by the upload ID.

For information about the underlying REST API, see Abort Multipart Upload. For conceptual information, see Working with Archives in Amazon S3 Glacier.

" }, "AbortVaultLockInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID. This value must match the AWS account ID associated with the credentials used to sign the request. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon Glacier uses the AWS account ID associated with the credentials used to sign the request. If you specify your account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

The input values for AbortVaultLock.

" }, "AccessControlPolicyList": { "type": "list", "member": { "shape": "Grant" } }, "ActionCode": { "type": "string", "enum": [ "ArchiveRetrieval", "InventoryRetrieval", "Select" ] }, "AddTagsToVaultInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "Tags": { "shape": "TagMap", "documentation": "

The tags to add to the vault. Each tag is composed of a key and a value. The value can be an empty string.

" } }, "documentation": "

The input values for AddTagsToVault.

" }, "ArchiveCreationOutput": { "type": "structure", "members": { "location": { "shape": "string", "documentation": "

The relative URI path of the newly added archive resource.

", "location": "header", "locationName": "Location" }, "checksum": { "shape": "string", "documentation": "

The checksum of the archive computed by Amazon S3 Glacier.

", "location": "header", "locationName": "x-amz-sha256-tree-hash" }, "archiveId": { "shape": "string", "documentation": "

The ID of the archive. This value is also included as part of the location.

", "location": "header", "locationName": "x-amz-archive-id" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

For information about the underlying REST API, see Upload Archive. For conceptual information, see Working with Archives in Amazon S3 Glacier.

" }, "CSVInput": { "type": "structure", "members": { "FileHeaderInfo": { "shape": "FileHeaderInfo", "documentation": "

Describes the first line of input. Valid values are None, Ignore, and Use.

" }, "Comments": { "shape": "string", "documentation": "

A single character used to indicate that a row should be ignored when the character is present at the start of that row.

" }, "QuoteEscapeCharacter": { "shape": "string", "documentation": "

A single character used for escaping the quotation-mark character inside an already escaped value.

" }, "RecordDelimiter": { "shape": "string", "documentation": "

A value used to separate individual records from each other.

" }, "FieldDelimiter": { "shape": "string", "documentation": "

A value used to separate individual fields from each other within a record.

" }, "QuoteCharacter": { "shape": "string", "documentation": "

A value used as an escape character where the field delimiter is part of the value.

" } }, "documentation": "

Contains information about the comma-separated value (CSV) file to select from.

" }, "CSVOutput": { "type": "structure", "members": { "QuoteFields": { "shape": "QuoteFields", "documentation": "

A value that indicates whether all output fields should be contained within quotation marks.

" }, "QuoteEscapeCharacter": { "shape": "string", "documentation": "

A single character used for escaping the quotation-mark character inside an already escaped value.

" }, "RecordDelimiter": { "shape": "string", "documentation": "

A value used to separate individual records from each other.

" }, "FieldDelimiter": { "shape": "string", "documentation": "

A value used to separate individual fields from each other within a record.

" }, "QuoteCharacter": { "shape": "string", "documentation": "

A value used as an escape character where the field delimiter is part of the value.

" } }, "documentation": "

Contains information about the comma-separated value (CSV) file that the job results are stored in.

" }, "CannedACL": { "type": "string", "enum": [ "private", "public-read", "public-read-write", "aws-exec-read", "authenticated-read", "bucket-owner-read", "bucket-owner-full-control" ] }, "CompleteMultipartUploadInput": { "type": "structure", "required": [ "accountId", "vaultName", "uploadId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "uploadId": { "shape": "string", "documentation": "

The upload ID of the multipart upload.

", "location": "uri", "locationName": "uploadId" }, "archiveSize": { "shape": "string", "documentation": "

The total size, in bytes, of the entire archive. This value should be the sum of all the sizes of the individual parts that you uploaded.

", "location": "header", "locationName": "x-amz-archive-size" }, "checksum": { "shape": "string", "documentation": "

The SHA256 tree hash of the entire archive. It is the tree hash of SHA256 tree hash of the individual parts. If the value you specify in the request does not match the SHA256 tree hash of the final assembled archive as computed by Amazon S3 Glacier (Glacier), Glacier returns an error and the request fails.

", "location": "header", "locationName": "x-amz-sha256-tree-hash" } }, "documentation": "

Provides options to complete a multipart upload operation. This informs Amazon Glacier that all the archive parts have been uploaded and Amazon S3 Glacier (Glacier) can now assemble the archive from the uploaded parts. After assembling and saving the archive to the vault, Glacier returns the URI path of the newly created archive resource.

" }, "CompleteVaultLockInput": { "type": "structure", "required": [ "accountId", "vaultName", "lockId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID. This value must match the AWS account ID associated with the credentials used to sign the request. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon Glacier uses the AWS account ID associated with the credentials used to sign the request. If you specify your account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "lockId": { "shape": "string", "documentation": "

The lockId value is the lock ID obtained from a InitiateVaultLock request.

", "location": "uri", "locationName": "lockId" } }, "documentation": "

The input values for CompleteVaultLock.

" }, "CreateVaultInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID. This value must match the AWS account ID associated with the credentials used to sign the request. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you specify your account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

Provides options to create a vault.

" }, "CreateVaultOutput": { "type": "structure", "members": { "location": { "shape": "string", "documentation": "

The URI of the vault that was created.

", "location": "header", "locationName": "Location" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "DataRetrievalPolicy": { "type": "structure", "members": { "Rules": { "shape": "DataRetrievalRulesList", "documentation": "

The policy rule. Although this is a list type, currently there must be only one rule, which contains a Strategy field and optionally a BytesPerHour field.

" } }, "documentation": "

Data retrieval policy.

" }, "DataRetrievalRule": { "type": "structure", "members": { "Strategy": { "shape": "string", "documentation": "

The type of data retrieval policy to set.

Valid values: BytesPerHour|FreeTier|None

" }, "BytesPerHour": { "shape": "NullableLong", "documentation": "

The maximum number of bytes that can be retrieved in an hour.

This field is required only if the value of the Strategy field is BytesPerHour. Your PUT operation will be rejected if the Strategy field is not set to BytesPerHour and you set this field.

" } }, "documentation": "

Data retrieval policy rule.

" }, "DataRetrievalRulesList": { "type": "list", "member": { "shape": "DataRetrievalRule" } }, "DateTime": { "type": "string" }, "DeleteArchiveInput": { "type": "structure", "required": [ "accountId", "vaultName", "archiveId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "archiveId": { "shape": "string", "documentation": "

The ID of the archive to delete.

", "location": "uri", "locationName": "archiveId" } }, "documentation": "

Provides options for deleting an archive from an Amazon S3 Glacier vault.

" }, "DeleteVaultAccessPolicyInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

DeleteVaultAccessPolicy input.

" }, "DeleteVaultInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

Provides options for deleting a vault from Amazon S3 Glacier.

" }, "DeleteVaultNotificationsInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

Provides options for deleting a vault notification configuration from an Amazon Glacier vault.

" }, "DescribeJobInput": { "type": "structure", "required": [ "accountId", "vaultName", "jobId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "jobId": { "shape": "string", "documentation": "

The ID of the job to describe.

", "location": "uri", "locationName": "jobId" } }, "documentation": "

Provides options for retrieving a job description.

" }, "DescribeVaultInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

Provides options for retrieving metadata for a specific vault in Amazon Glacier.

" }, "DescribeVaultOutput": { "type": "structure", "members": { "VaultARN": { "shape": "string", "documentation": "

The Amazon Resource Name (ARN) of the vault.

" }, "VaultName": { "shape": "string", "documentation": "

The name of the vault.

" }, "CreationDate": { "shape": "string", "documentation": "

The Universal Coordinated Time (UTC) date when the vault was created. This value should be a string in the ISO 8601 date format, for example 2012-03-20T17:03:43.221Z.

" }, "LastInventoryDate": { "shape": "string", "documentation": "

The Universal Coordinated Time (UTC) date when Amazon S3 Glacier completed the last vault inventory. This value should be a string in the ISO 8601 date format, for example 2012-03-20T17:03:43.221Z.

" }, "NumberOfArchives": { "shape": "long", "documentation": "

The number of archives in the vault as of the last inventory date. This field will return null if an inventory has not yet run on the vault, for example if you just created the vault.

" }, "SizeInBytes": { "shape": "long", "documentation": "

Total size, in bytes, of the archives in the vault as of the last inventory date. This field will return null if an inventory has not yet run on the vault, for example if you just created the vault.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "Encryption": { "type": "structure", "members": { "EncryptionType": { "shape": "EncryptionType", "documentation": "

The server-side encryption algorithm used when storing job results in Amazon S3, for example AES256 or aws:kms.

" }, "KMSKeyId": { "shape": "string", "documentation": "

The AWS KMS key ID to use for object encryption. All GET and PUT requests for an object protected by AWS KMS fail if not made by using Secure Sockets Layer (SSL) or Signature Version 4.

" }, "KMSContext": { "shape": "string", "documentation": "

Optional. If the encryption type is aws:kms, you can use this value to specify the encryption context for the job results.

" } }, "documentation": "

Contains information about the encryption used to store the job results in Amazon S3.

" }, "EncryptionType": { "type": "string", "enum": [ "aws:kms", "AES256" ] }, "ExpressionType": { "type": "string", "enum": [ "SQL" ] }, "FileHeaderInfo": { "type": "string", "enum": [ "USE", "IGNORE", "NONE" ] }, "GetDataRetrievalPolicyInput": { "type": "structure", "required": [ "accountId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID. This value must match the AWS account ID associated with the credentials used to sign the request. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon Glacier uses the AWS account ID associated with the credentials used to sign the request. If you specify your account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" } }, "documentation": "

Input for GetDataRetrievalPolicy.

" }, "GetDataRetrievalPolicyOutput": { "type": "structure", "members": { "Policy": { "shape": "DataRetrievalPolicy", "documentation": "

Contains the returned data retrieval policy in JSON format.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to the GetDataRetrievalPolicy request.

" }, "GetJobOutputInput": { "type": "structure", "required": [ "accountId", "vaultName", "jobId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "jobId": { "shape": "string", "documentation": "

The job ID whose data is downloaded.

", "location": "uri", "locationName": "jobId" }, "range": { "shape": "string", "documentation": "

The range of bytes to retrieve from the output. For example, if you want to download the first 1,048,576 bytes, specify the range as bytes=0-1048575. By default, this operation downloads the entire output.

If the job output is large, then you can use a range to retrieve a portion of the output. This allows you to download the entire output in smaller chunks of bytes. For example, suppose you have 1 GB of job output you want to download and you decide to download 128 MB chunks of data at a time, which is a total of eight Get Job Output requests. You use the following process to download the job output:

  1. Download a 128 MB chunk of output by specifying the appropriate byte range. Verify that all 128 MB of data was received.

  2. Along with the data, the response includes a SHA256 tree hash of the payload. You compute the checksum of the payload on the client and compare it with the checksum you received in the response to ensure you received all the expected data.

  3. Repeat steps 1 and 2 for all the eight 128 MB chunks of output data, each time specifying the appropriate byte range.

  4. After downloading all the parts of the job output, you have a list of eight checksum values. Compute the tree hash of these values to find the checksum of the entire output. Using the DescribeJob API, obtain job information of the job that provided you the output. The response includes the checksum of the entire archive stored in Amazon S3 Glacier. You compare this value with the checksum you computed to ensure you have downloaded the entire archive content with no errors.

", "location": "header", "locationName": "Range" } }, "documentation": "

Provides options for downloading output of an Amazon S3 Glacier job.

" }, "GetJobOutputOutput": { "type": "structure", "members": { "body": { "shape": "Stream", "documentation": "

The job data, either archive data or inventory data.

" }, "checksum": { "shape": "string", "documentation": "

The checksum of the data in the response. This header is returned only when retrieving the output for an archive retrieval job. Furthermore, this header appears only under the following conditions:

", "location": "header", "locationName": "x-amz-sha256-tree-hash" }, "status": { "shape": "httpstatus", "documentation": "

The HTTP response code for a job output request. The value depends on whether a range was specified in the request.

", "location": "statusCode" }, "contentRange": { "shape": "string", "documentation": "

The range of bytes returned by Amazon S3 Glacier. If only partial output is downloaded, the response provides the range of bytes Amazon S3 Glacier returned. For example, bytes 0-1048575/8388608 returns the first 1 MB from 8 MB.

", "location": "header", "locationName": "Content-Range" }, "acceptRanges": { "shape": "string", "documentation": "

Indicates the range units accepted. For more information, see RFC2616.

", "location": "header", "locationName": "Accept-Ranges" }, "contentType": { "shape": "string", "documentation": "

The Content-Type depends on whether the job output is an archive or a vault inventory. For archive data, the Content-Type is application/octet-stream. For vault inventory, if you requested CSV format when you initiated the job, the Content-Type is text/csv. Otherwise, by default, vault inventory is returned as JSON, and the Content-Type is application/json.

", "location": "header", "locationName": "Content-Type" }, "archiveDescription": { "shape": "string", "documentation": "

The description of an archive.

", "location": "header", "locationName": "x-amz-archive-description" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

", "payload": "body" }, "GetVaultAccessPolicyInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

Input for GetVaultAccessPolicy.

" }, "GetVaultAccessPolicyOutput": { "type": "structure", "members": { "policy": { "shape": "VaultAccessPolicy", "documentation": "

Contains the returned vault access policy as a JSON string.

" } }, "documentation": "

Output for GetVaultAccessPolicy.

", "payload": "policy" }, "GetVaultLockInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

The input values for GetVaultLock.

" }, "GetVaultLockOutput": { "type": "structure", "members": { "Policy": { "shape": "string", "documentation": "

The vault lock policy as a JSON string, which uses \"\\\" as an escape character.

" }, "State": { "shape": "string", "documentation": "

The state of the vault lock. InProgress or Locked.

" }, "ExpirationDate": { "shape": "string", "documentation": "

The UTC date and time at which the lock ID expires. This value can be null if the vault lock is in a Locked state.

" }, "CreationDate": { "shape": "string", "documentation": "

The UTC date and time at which the vault lock was put into the InProgress state.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "GetVaultNotificationsInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

Provides options for retrieving the notification configuration set on an Amazon Glacier vault.

" }, "GetVaultNotificationsOutput": { "type": "structure", "members": { "vaultNotificationConfig": { "shape": "VaultNotificationConfig", "documentation": "

Returns the notification configuration set on the vault.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

", "payload": "vaultNotificationConfig" }, "GlacierJobDescription": { "type": "structure", "members": { "JobId": { "shape": "string", "documentation": "

An opaque string that identifies an Amazon S3 Glacier job.

" }, "JobDescription": { "shape": "string", "documentation": "

The job description provided when initiating the job.

" }, "Action": { "shape": "ActionCode", "documentation": "

The job type. This value is either ArchiveRetrieval, InventoryRetrieval, or Select.

" }, "ArchiveId": { "shape": "string", "documentation": "

The archive ID requested for a select job or archive retrieval. Otherwise, this field is null.

" }, "VaultARN": { "shape": "string", "documentation": "

The Amazon Resource Name (ARN) of the vault from which an archive retrieval was requested.

" }, "CreationDate": { "shape": "string", "documentation": "

The UTC date when the job was created. This value is a string representation of ISO 8601 date format, for example \"2012-03-20T17:03:43.221Z\".

" }, "Completed": { "shape": "boolean", "documentation": "

The job status. When a job is completed, you get the job's output using Get Job Output (GET output).

" }, "StatusCode": { "shape": "StatusCode", "documentation": "

The status code can be InProgress, Succeeded, or Failed, and indicates the status of the job.

" }, "StatusMessage": { "shape": "string", "documentation": "

A friendly message that describes the job status.

" }, "ArchiveSizeInBytes": { "shape": "Size", "documentation": "

For an archive retrieval job, this value is the size in bytes of the archive being requested for download. For an inventory retrieval or select job, this value is null.

" }, "InventorySizeInBytes": { "shape": "Size", "documentation": "

For an inventory retrieval job, this value is the size in bytes of the inventory requested for download. For an archive retrieval or select job, this value is null.

" }, "SNSTopic": { "shape": "string", "documentation": "

An Amazon SNS topic that receives notification.

" }, "CompletionDate": { "shape": "string", "documentation": "

The UTC time that the job request completed. While the job is in progress, the value is null.

" }, "SHA256TreeHash": { "shape": "string", "documentation": "

For an archive retrieval job, this value is the checksum of the archive. Otherwise, this value is null.

The SHA256 tree hash value for the requested range of an archive. If the InitiateJob request for an archive specified a tree-hash aligned range, then this field returns a value.

If the whole archive is retrieved, this value is the same as the ArchiveSHA256TreeHash value.

This field is null for the following:

" }, "ArchiveSHA256TreeHash": { "shape": "string", "documentation": "

The SHA256 tree hash of the entire archive for an archive retrieval. For inventory retrieval or select jobs, this field is null.

" }, "RetrievalByteRange": { "shape": "string", "documentation": "

The retrieved byte range for archive retrieval jobs in the form StartByteValue-EndByteValue. If no range was specified in the archive retrieval, then the whole archive is retrieved. In this case, StartByteValue equals 0 and EndByteValue equals the size of the archive minus 1. For inventory retrieval or select jobs, this field is null.

" }, "Tier": { "shape": "string", "documentation": "

The tier to use for a select or an archive retrieval. Valid values are Expedited, Standard, or Bulk. Standard is the default.

" }, "InventoryRetrievalParameters": { "shape": "InventoryRetrievalJobDescription", "documentation": "

Parameters used for range inventory retrieval.

" }, "JobOutputPath": { "shape": "string", "documentation": "

Contains the job output location.

" }, "SelectParameters": { "shape": "SelectParameters", "documentation": "

Contains the parameters used for a select.

" }, "OutputLocation": { "shape": "OutputLocation", "documentation": "

Contains the location where the data from the select job is stored.

" } }, "documentation": "

Contains the description of an Amazon S3 Glacier job.

" }, "Grant": { "type": "structure", "members": { "Grantee": { "shape": "Grantee", "documentation": "

The grantee.

" }, "Permission": { "shape": "Permission", "documentation": "

Specifies the permission given to the grantee.

" } }, "documentation": "

Contains information about a grant.

" }, "Grantee": { "type": "structure", "required": [ "Type" ], "members": { "Type": { "shape": "Type", "documentation": "

Type of grantee

" }, "DisplayName": { "shape": "string", "documentation": "

Screen name of the grantee.

" }, "URI": { "shape": "string", "documentation": "

URI of the grantee group.

" }, "ID": { "shape": "string", "documentation": "

The canonical user ID of the grantee.

" }, "EmailAddress": { "shape": "string", "documentation": "

Email address of the grantee.

" } }, "documentation": "

Contains information about the grantee.

" }, "InitiateJobInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "jobParameters": { "shape": "JobParameters", "documentation": "

Provides options for specifying job information.

" } }, "documentation": "

Provides options for initiating an Amazon S3 Glacier job.

", "payload": "jobParameters" }, "InitiateJobOutput": { "type": "structure", "members": { "location": { "shape": "string", "documentation": "

The relative URI path of the job.

", "location": "header", "locationName": "Location" }, "jobId": { "shape": "string", "documentation": "

The ID of the job.

", "location": "header", "locationName": "x-amz-job-id" }, "jobOutputPath": { "shape": "string", "documentation": "

The path to the location of where the select results are stored.

", "location": "header", "locationName": "x-amz-job-output-path" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "InitiateMultipartUploadInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "archiveDescription": { "shape": "string", "documentation": "

The archive description that you are uploading in parts.

The part size must be a megabyte (1024 KB) multiplied by a power of 2, for example 1048576 (1 MB), 2097152 (2 MB), 4194304 (4 MB), 8388608 (8 MB), and so on. The minimum allowable part size is 1 MB, and the maximum is 4 GB (4096 MB).

", "location": "header", "locationName": "x-amz-archive-description" }, "partSize": { "shape": "string", "documentation": "

The size of each part except the last, in bytes. The last part can be smaller than this part size.

", "location": "header", "locationName": "x-amz-part-size" } }, "documentation": "

Provides options for initiating a multipart upload to an Amazon S3 Glacier vault.

" }, "InitiateMultipartUploadOutput": { "type": "structure", "members": { "location": { "shape": "string", "documentation": "

The relative URI path of the multipart upload ID Amazon S3 Glacier created.

", "location": "header", "locationName": "Location" }, "uploadId": { "shape": "string", "documentation": "

The ID of the multipart upload. This value is also included as part of the location.

", "location": "header", "locationName": "x-amz-multipart-upload-id" } }, "documentation": "

The Amazon S3 Glacier response to your request.

" }, "InitiateVaultLockInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID. This value must match the AWS account ID associated with the credentials used to sign the request. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon Glacier uses the AWS account ID associated with the credentials used to sign the request. If you specify your account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "policy": { "shape": "VaultLockPolicy", "documentation": "

The vault lock policy as a JSON string, which uses \"\\\" as an escape character.

" } }, "documentation": "

The input values for InitiateVaultLock.

", "payload": "policy" }, "InitiateVaultLockOutput": { "type": "structure", "members": { "lockId": { "shape": "string", "documentation": "

The lock ID, which is used to complete the vault locking process.

", "location": "header", "locationName": "x-amz-lock-id" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "InputSerialization": { "type": "structure", "members": { "csv": { "shape": "CSVInput", "documentation": "

Describes the serialization of a CSV-encoded object.

" } }, "documentation": "

Describes how the archive is serialized.

" }, "InventoryRetrievalJobDescription": { "type": "structure", "members": { "Format": { "shape": "string", "documentation": "

The output format for the vault inventory list, which is set by the InitiateJob request when initiating a job to retrieve a vault inventory. Valid values are CSV and JSON.

" }, "StartDate": { "shape": "DateTime", "documentation": "

The start of the date range in Universal Coordinated Time (UTC) for vault inventory retrieval that includes archives created on or after this date. This value should be a string in the ISO 8601 date format, for example 2013-03-20T17:03:43Z.

" }, "EndDate": { "shape": "DateTime", "documentation": "

The end of the date range in UTC for vault inventory retrieval that includes archives created before this date. This value should be a string in the ISO 8601 date format, for example 2013-03-20T17:03:43Z.

" }, "Limit": { "shape": "string", "documentation": "

The maximum number of inventory items returned per vault inventory retrieval request. This limit is set when initiating the job with the a InitiateJob request.

" }, "Marker": { "shape": "string", "documentation": "

An opaque string that represents where to continue pagination of the vault inventory retrieval results. You use the marker in a new InitiateJob request to obtain additional inventory items. If there are no more inventory items, this value is null. For more information, see Range Inventory Retrieval.

" } }, "documentation": "

Describes the options for a range inventory retrieval job.

" }, "InventoryRetrievalJobInput": { "type": "structure", "members": { "StartDate": { "shape": "string", "documentation": "

The start of the date range in UTC for vault inventory retrieval that includes archives created on or after this date. This value should be a string in the ISO 8601 date format, for example 2013-03-20T17:03:43Z.

" }, "EndDate": { "shape": "string", "documentation": "

The end of the date range in UTC for vault inventory retrieval that includes archives created before this date. This value should be a string in the ISO 8601 date format, for example 2013-03-20T17:03:43Z.

" }, "Limit": { "shape": "string", "documentation": "

Specifies the maximum number of inventory items returned per vault inventory retrieval request. Valid values are greater than or equal to 1.

" }, "Marker": { "shape": "string", "documentation": "

An opaque string that represents where to continue pagination of the vault inventory retrieval results. You use the marker in a new InitiateJob request to obtain additional inventory items. If there are no more inventory items, this value is null.

" } }, "documentation": "

Provides options for specifying a range inventory retrieval job.

" }, "JobList": { "type": "list", "member": { "shape": "GlacierJobDescription" } }, "JobParameters": { "type": "structure", "members": { "Format": { "shape": "string", "documentation": "

When initiating a job to retrieve a vault inventory, you can optionally add this parameter to your request to specify the output format. If you are initiating an inventory job and do not specify a Format field, JSON is the default format. Valid values are \"CSV\" and \"JSON\".

" }, "Type": { "shape": "string", "documentation": "

The job type. You can initiate a job to perform a select query on an archive, retrieve an archive, or get an inventory of a vault. Valid values are \"select\", \"archive-retrieval\" and \"inventory-retrieval\".

" }, "ArchiveId": { "shape": "string", "documentation": "

The ID of the archive that you want to retrieve. This field is required only if Type is set to select or archive-retrievalcode>. An error occurs if you specify this request parameter for an inventory retrieval job request.

" }, "Description": { "shape": "string", "documentation": "

The optional description for the job. The description must be less than or equal to 1,024 bytes. The allowable characters are 7-bit ASCII without control codes-specifically, ASCII values 32-126 decimal or 0x20-0x7E hexadecimal.

" }, "SNSTopic": { "shape": "string", "documentation": "

The Amazon SNS topic ARN to which Amazon S3 Glacier sends a notification when the job is completed and the output is ready for you to download. The specified topic publishes the notification to its subscribers. The SNS topic must exist.

" }, "RetrievalByteRange": { "shape": "string", "documentation": "

The byte range to retrieve for an archive retrieval. in the form \"StartByteValue-EndByteValue\" If not specified, the whole archive is retrieved. If specified, the byte range must be megabyte (1024*1024) aligned which means that StartByteValue must be divisible by 1 MB and EndByteValue plus 1 must be divisible by 1 MB or be the end of the archive specified as the archive byte size value minus 1. If RetrievalByteRange is not megabyte aligned, this operation returns a 400 response.

An error occurs if you specify this field for an inventory retrieval job request.

" }, "Tier": { "shape": "string", "documentation": "

The tier to use for a select or an archive retrieval job. Valid values are Expedited, Standard, or Bulk. Standard is the default.

" }, "InventoryRetrievalParameters": { "shape": "InventoryRetrievalJobInput", "documentation": "

Input parameters used for range inventory retrieval.

" }, "SelectParameters": { "shape": "SelectParameters", "documentation": "

Contains the parameters that define a job.

" }, "OutputLocation": { "shape": "OutputLocation", "documentation": "

Contains information about the location where the select job results are stored.

" } }, "documentation": "

Provides options for defining a job.

" }, "ListJobsInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "limit": { "shape": "string", "documentation": "

The maximum number of jobs to be returned. The default limit is 50. The number of jobs returned might be fewer than the specified limit, but the number of returned jobs never exceeds the limit.

", "location": "querystring", "locationName": "limit" }, "marker": { "shape": "string", "documentation": "

An opaque string used for pagination. This value specifies the job at which the listing of jobs should begin. Get the marker value from a previous List Jobs response. You only need to include the marker if you are continuing the pagination of results started in a previous List Jobs request.

", "location": "querystring", "locationName": "marker" }, "statuscode": { "shape": "string", "documentation": "

The type of job status to return. You can specify the following values: InProgress, Succeeded, or Failed.

", "location": "querystring", "locationName": "statuscode" }, "completed": { "shape": "string", "documentation": "

The state of the jobs to return. You can specify true or false.

", "location": "querystring", "locationName": "completed" } }, "documentation": "

Provides options for retrieving a job list for an Amazon S3 Glacier vault.

" }, "ListJobsOutput": { "type": "structure", "members": { "JobList": { "shape": "JobList", "documentation": "

A list of job objects. Each job object contains metadata describing the job.

" }, "Marker": { "shape": "string", "documentation": "

An opaque string used for pagination that specifies the job at which the listing of jobs should begin. You get the marker value from a previous List Jobs response. You only need to include the marker if you are continuing the pagination of the results started in a previous List Jobs request.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "ListMultipartUploadsInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "marker": { "shape": "string", "documentation": "

An opaque string used for pagination. This value specifies the upload at which the listing of uploads should begin. Get the marker value from a previous List Uploads response. You need only include the marker if you are continuing the pagination of results started in a previous List Uploads request.

", "location": "querystring", "locationName": "marker" }, "limit": { "shape": "string", "documentation": "

Specifies the maximum number of uploads returned in the response body. If this value is not specified, the List Uploads operation returns up to 50 uploads.

", "location": "querystring", "locationName": "limit" } }, "documentation": "

Provides options for retrieving list of in-progress multipart uploads for an Amazon Glacier vault.

" }, "ListMultipartUploadsOutput": { "type": "structure", "members": { "UploadsList": { "shape": "UploadsList", "documentation": "

A list of in-progress multipart uploads.

" }, "Marker": { "shape": "string", "documentation": "

An opaque string that represents where to continue pagination of the results. You use the marker in a new List Multipart Uploads request to obtain more uploads in the list. If there are no more uploads, this value is null.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "ListPartsInput": { "type": "structure", "required": [ "accountId", "vaultName", "uploadId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "uploadId": { "shape": "string", "documentation": "

The upload ID of the multipart upload.

", "location": "uri", "locationName": "uploadId" }, "marker": { "shape": "string", "documentation": "

An opaque string used for pagination. This value specifies the part at which the listing of parts should begin. Get the marker value from the response of a previous List Parts response. You need only include the marker if you are continuing the pagination of results started in a previous List Parts request.

", "location": "querystring", "locationName": "marker" }, "limit": { "shape": "string", "documentation": "

The maximum number of parts to be returned. The default limit is 50. The number of parts returned might be fewer than the specified limit, but the number of returned parts never exceeds the limit.

", "location": "querystring", "locationName": "limit" } }, "documentation": "

Provides options for retrieving a list of parts of an archive that have been uploaded in a specific multipart upload.

" }, "ListPartsOutput": { "type": "structure", "members": { "MultipartUploadId": { "shape": "string", "documentation": "

The ID of the upload to which the parts are associated.

" }, "VaultARN": { "shape": "string", "documentation": "

The Amazon Resource Name (ARN) of the vault to which the multipart upload was initiated.

" }, "ArchiveDescription": { "shape": "string", "documentation": "

The description of the archive that was specified in the Initiate Multipart Upload request.

" }, "PartSizeInBytes": { "shape": "long", "documentation": "

The part size in bytes. This is the same value that you specified in the Initiate Multipart Upload request.

" }, "CreationDate": { "shape": "string", "documentation": "

The UTC time at which the multipart upload was initiated.

" }, "Parts": { "shape": "PartList", "documentation": "

A list of the part sizes of the multipart upload. Each object in the array contains a RangeBytes and sha256-tree-hash name/value pair.

" }, "Marker": { "shape": "string", "documentation": "

An opaque string that represents where to continue pagination of the results. You use the marker in a new List Parts request to obtain more jobs in the list. If there are no more parts, this value is null.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "ListProvisionedCapacityInput": { "type": "structure", "required": [ "accountId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, don't include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" } } }, "ListProvisionedCapacityOutput": { "type": "structure", "members": { "ProvisionedCapacityList": { "shape": "ProvisionedCapacityList", "documentation": "

The response body contains the following JSON fields.

" } } }, "ListTagsForVaultInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" } }, "documentation": "

The input value for ListTagsForVaultInput.

" }, "ListTagsForVaultOutput": { "type": "structure", "members": { "Tags": { "shape": "TagMap", "documentation": "

The tags attached to the vault. Each tag is composed of a key and a value.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "ListVaultsInput": { "type": "structure", "required": [ "accountId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID. This value must match the AWS account ID associated with the credentials used to sign the request. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon Glacier uses the AWS account ID associated with the credentials used to sign the request. If you specify your account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "marker": { "shape": "string", "documentation": "

A string used for pagination. The marker specifies the vault ARN after which the listing of vaults should begin.

", "location": "querystring", "locationName": "marker" }, "limit": { "shape": "string", "documentation": "

The maximum number of vaults to be returned. The default limit is 10. The number of vaults returned might be fewer than the specified limit, but the number of returned vaults never exceeds the limit.

", "location": "querystring", "locationName": "limit" } }, "documentation": "

Provides options to retrieve the vault list owned by the calling user's account. The list provides metadata information for each vault.

" }, "ListVaultsOutput": { "type": "structure", "members": { "VaultList": { "shape": "VaultList", "documentation": "

List of vaults.

" }, "Marker": { "shape": "string", "documentation": "

The vault ARN at which to continue pagination of the results. You use the marker in another List Vaults request to obtain more vaults in the list.

" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "NotificationEventList": { "type": "list", "member": { "shape": "string" } }, "NullableLong": { "type": "long" }, "OutputLocation": { "type": "structure", "members": { "S3": { "shape": "S3Location", "documentation": "

Describes an S3 location that will receive the results of the job request.

" } }, "documentation": "

Contains information about the location where the select job results are stored.

" }, "OutputSerialization": { "type": "structure", "members": { "csv": { "shape": "CSVOutput", "documentation": "

Describes the serialization of CSV-encoded query results.

" } }, "documentation": "

Describes how the select output is serialized.

" }, "PartList": { "type": "list", "member": { "shape": "PartListElement" } }, "PartListElement": { "type": "structure", "members": { "RangeInBytes": { "shape": "string", "documentation": "

The byte range of a part, inclusive of the upper value of the range.

" }, "SHA256TreeHash": { "shape": "string", "documentation": "

The SHA256 tree hash value that Amazon S3 Glacier calculated for the part. This field is never null.

" } }, "documentation": "

A list of the part sizes of the multipart upload.

" }, "Permission": { "type": "string", "enum": [ "FULL_CONTROL", "WRITE", "WRITE_ACP", "READ", "READ_ACP" ] }, "ProvisionedCapacityDescription": { "type": "structure", "members": { "CapacityId": { "shape": "string", "documentation": "

The ID that identifies the provisioned capacity unit.

" }, "StartDate": { "shape": "string", "documentation": "

The date that the provisioned capacity unit was purchased, in Universal Coordinated Time (UTC).

" }, "ExpirationDate": { "shape": "string", "documentation": "

The date that the provisioned capacity unit expires, in Universal Coordinated Time (UTC).

" } }, "documentation": "

The definition for a provisioned capacity unit.

" }, "ProvisionedCapacityList": { "type": "list", "member": { "shape": "ProvisionedCapacityDescription" } }, "PurchaseProvisionedCapacityInput": { "type": "structure", "required": [ "accountId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, don't include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" } } }, "PurchaseProvisionedCapacityOutput": { "type": "structure", "members": { "capacityId": { "shape": "string", "documentation": "

The ID that identifies the provisioned capacity unit.

", "location": "header", "locationName": "x-amz-capacity-id" } } }, "QuoteFields": { "type": "string", "enum": [ "ALWAYS", "ASNEEDED" ] }, "RemoveTagsFromVaultInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "TagKeys": { "shape": "TagKeyList", "documentation": "

A list of tag keys. Each corresponding tag is removed from the vault.

" } }, "documentation": "

The input value for RemoveTagsFromVaultInput.

" }, "S3Location": { "type": "structure", "members": { "BucketName": { "shape": "string", "documentation": "

The name of the Amazon S3 bucket where the job results are stored.

" }, "Prefix": { "shape": "string", "documentation": "

The prefix that is prepended to the results for this request.

" }, "Encryption": { "shape": "Encryption", "documentation": "

Contains information about the encryption used to store the job results in Amazon S3.

" }, "CannedACL": { "shape": "CannedACL", "documentation": "

The canned access control list (ACL) to apply to the job results.

" }, "AccessControlList": { "shape": "AccessControlPolicyList", "documentation": "

A list of grants that control access to the staged results.

" }, "Tagging": { "shape": "hashmap", "documentation": "

The tag-set that is applied to the job results.

" }, "UserMetadata": { "shape": "hashmap", "documentation": "

A map of metadata to store with the job results in Amazon S3.

" }, "StorageClass": { "shape": "StorageClass", "documentation": "

The storage class used to store the job results.

" } }, "documentation": "

Contains information about the location in Amazon S3 where the select job results are stored.

" }, "SelectParameters": { "type": "structure", "members": { "InputSerialization": { "shape": "InputSerialization", "documentation": "

Describes the serialization format of the object.

" }, "ExpressionType": { "shape": "ExpressionType", "documentation": "

The type of the provided expression, for example SQL.

" }, "Expression": { "shape": "string", "documentation": "

The expression that is used to select the object.

" }, "OutputSerialization": { "shape": "OutputSerialization", "documentation": "

Describes how the results of the select job are serialized.

" } }, "documentation": "

Contains information about the parameters used for a select.

" }, "SetDataRetrievalPolicyInput": { "type": "structure", "required": [ "accountId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID. This value must match the AWS account ID associated with the credentials used to sign the request. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon Glacier uses the AWS account ID associated with the credentials used to sign the request. If you specify your account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "Policy": { "shape": "DataRetrievalPolicy", "documentation": "

The data retrieval policy in JSON format.

" } }, "documentation": "

SetDataRetrievalPolicy input.

" }, "SetVaultAccessPolicyInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "policy": { "shape": "VaultAccessPolicy", "documentation": "

The vault access policy as a JSON string.

" } }, "documentation": "

SetVaultAccessPolicy input.

", "payload": "policy" }, "SetVaultNotificationsInput": { "type": "structure", "required": [ "accountId", "vaultName" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "vaultNotificationConfig": { "shape": "VaultNotificationConfig", "documentation": "

Provides options for specifying notification configuration.

" } }, "documentation": "

Provides options to configure notifications that will be sent when specific events happen to a vault.

", "payload": "vaultNotificationConfig" }, "Size": { "type": "long" }, "StatusCode": { "type": "string", "enum": [ "InProgress", "Succeeded", "Failed" ] }, "StorageClass": { "type": "string", "enum": [ "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA" ] }, "Stream": { "type": "blob", "streaming": true }, "TagKey": { "type": "string" }, "TagKeyList": { "type": "list", "member": { "shape": "string" } }, "TagMap": { "type": "map", "key": { "shape": "TagKey" }, "value": { "shape": "TagValue" } }, "TagValue": { "type": "string" }, "Type": { "type": "string", "enum": [ "AmazonCustomerByEmail", "CanonicalUser", "Group" ] }, "UploadArchiveInput": { "type": "structure", "required": [ "vaultName", "accountId" ], "members": { "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "archiveDescription": { "shape": "string", "documentation": "

The optional description of the archive you are uploading.

", "location": "header", "locationName": "x-amz-archive-description" }, "checksum": { "shape": "string", "documentation": "

The SHA256 tree hash of the data being uploaded.

", "location": "header", "locationName": "x-amz-sha256-tree-hash" }, "body": { "shape": "Stream", "documentation": "

The data to upload.

" } }, "documentation": "

Provides options to add an archive to a vault.

", "payload": "body" }, "UploadListElement": { "type": "structure", "members": { "MultipartUploadId": { "shape": "string", "documentation": "

The ID of a multipart upload.

" }, "VaultARN": { "shape": "string", "documentation": "

The Amazon Resource Name (ARN) of the vault that contains the archive.

" }, "ArchiveDescription": { "shape": "string", "documentation": "

The description of the archive that was specified in the Initiate Multipart Upload request.

" }, "PartSizeInBytes": { "shape": "long", "documentation": "

The part size, in bytes, specified in the Initiate Multipart Upload request. This is the size of all the parts in the upload except the last part, which may be smaller than this size.

" }, "CreationDate": { "shape": "string", "documentation": "

The UTC time at which the multipart upload was initiated.

" } }, "documentation": "

A list of in-progress multipart uploads for a vault.

" }, "UploadMultipartPartInput": { "type": "structure", "required": [ "accountId", "vaultName", "uploadId" ], "members": { "accountId": { "shape": "string", "documentation": "

The AccountId value is the AWS account ID of the account that owns the vault. You can either specify an AWS account ID or optionally a single '-' (hyphen), in which case Amazon S3 Glacier uses the AWS account ID associated with the credentials used to sign the request. If you use an account ID, do not include any hyphens ('-') in the ID.

", "location": "uri", "locationName": "accountId" }, "vaultName": { "shape": "string", "documentation": "

The name of the vault.

", "location": "uri", "locationName": "vaultName" }, "uploadId": { "shape": "string", "documentation": "

The upload ID of the multipart upload.

", "location": "uri", "locationName": "uploadId" }, "checksum": { "shape": "string", "documentation": "

The SHA256 tree hash of the data being uploaded.

", "location": "header", "locationName": "x-amz-sha256-tree-hash" }, "range": { "shape": "string", "documentation": "

Identifies the range of bytes in the assembled archive that will be uploaded in this part. Amazon S3 Glacier uses this information to assemble the archive in the proper sequence. The format of this header follows RFC 2616. An example header is Content-Range:bytes 0-4194303/*.

", "location": "header", "locationName": "Content-Range" }, "body": { "shape": "Stream", "documentation": "

The data to upload.

" } }, "documentation": "

Provides options to upload a part of an archive in a multipart upload operation.

", "payload": "body" }, "UploadMultipartPartOutput": { "type": "structure", "members": { "checksum": { "shape": "string", "documentation": "

The SHA256 tree hash that Amazon S3 Glacier computed for the uploaded part.

", "location": "header", "locationName": "x-amz-sha256-tree-hash" } }, "documentation": "

Contains the Amazon S3 Glacier response to your request.

" }, "UploadsList": { "type": "list", "member": { "shape": "UploadListElement" } }, "VaultAccessPolicy": { "type": "structure", "members": { "Policy": { "shape": "string", "documentation": "

The vault access policy.

" } }, "documentation": "

Contains the vault access policy.

" }, "VaultList": { "type": "list", "member": { "shape": "DescribeVaultOutput" } }, "VaultLockPolicy": { "type": "structure", "members": { "Policy": { "shape": "string", "documentation": "

The vault lock policy.

" } }, "documentation": "

Contains the vault lock policy.

" }, "VaultNotificationConfig": { "type": "structure", "members": { "SNSTopic": { "shape": "string", "documentation": "

The Amazon Simple Notification Service (Amazon SNS) topic Amazon Resource Name (ARN).

" }, "Events": { "shape": "NotificationEventList", "documentation": "

A list of one or more events for which Amazon S3 Glacier will send a notification to the specified Amazon SNS topic.

" } }, "documentation": "

Represents a vault's notification configuration.

" }, "boolean": { "type": "boolean" }, "hashmap": { "type": "map", "key": { "shape": "string" }, "value": { "shape": "string" } }, "httpstatus": { "type": "integer" }, "long": { "type": "long" }, "string": { "type": "string" } }, "documentation": "

Amazon S3 Glacier (Glacier) is a storage solution for \"cold data.\"

Glacier is an extremely low-cost storage service that provides secure, durable, and easy-to-use storage for data backup and archival. With Glacier, customers can store their data cost effectively for months, years, or decades. Glacier also enables customers to offload the administrative burdens of operating and scaling storage to AWS, so they don't have to worry about capacity planning, hardware provisioning, data replication, hardware failure and recovery, or time-consuming hardware migrations.

Glacier is a great storage choice when low storage cost is paramount and your data is rarely retrieved. If your application requires fast or frequent access to your data, consider using Amazon S3. For more information, see Amazon Simple Storage Service (Amazon S3).

You can store any kind of data in any format. There is no maximum limit on the total amount of data you can store in Glacier.

If you are a first-time user of Glacier, we recommend that you begin by reading the following sections in the Amazon S3 Glacier Developer Guide:

" }