Update-bucket command
Updates the bucketType of an existing bucket. Prints the ID
of the bucket updated.
Optionally stores bucket info, CORS rules and lifecycle rules with the bucket. These can be given as JSON on the command line.
If you want server-side encryption for all of the files that are uploaded to a bucket,
you can enable SSE-B2 encryption as a default setting for the bucket.
In order to do that pass --default-server-side-encryption=SSE-B2.
The default algorithm is set to AES256 which can by changed
with --default-server-side-encryption-algorithm parameter.
All uploads to that bucket, from the time default encryption is enabled onward,
will then be encrypted with SSE-B2 by default.
To disable default bucket encryption, use --default-server-side-encryption=none.
If --default-server-side-encryption is not provided,
default server side encryption is determined by the server.
Note
Note that existing files in the bucket are not affected by default bucket encryption settings.
Use –lifecycle-rule to set lifecycle rule for the bucket. Multiple rules can be specified by repeating the option.
–lifecycle-rules option is deprecated and cannot be used together with –lifecycle-rule.
To set a default retention for files in the bucket --default-retention-mode and
--default-retention-period have to be specified. The latter one is of the form “X days|years”.
Warning
Setting file retention mode to ‘compliance’ is irreversible - such files can only be ever deleted after their retention period passes, regardless of keys (master or not) used. This is especially dangerous when setting bucket default retention, as it may lead to high storage costs.
This command can be used to set the bucket’s fileLockEnabled flag to true using the --file-lock-enabled
option. This can only be done if the bucket is not set up as a replication source.
Warning
Once fileLockEnabled is set, it can NOT be reverted back to false
Please note that replication from file-lock-enabled bucket to file-lock-disabled bucket is not allowed, therefore if file lock is enabled on a bucket, it can never again be the replication source bucket for a file-lock-disabled destination.
Additionally in a file-lock-enabled bucket the file metadata limit will be decreased from 7000 bytes to 2048 bytes for new file versions
Please consult b2_update_bucket official documentation for further guidance.
Requires capability:
writeBuckets
readBucketEncryption
and for some operations:
writeBucketRetentions
writeBucketEncryption
b2 update-bucket [-h] [--bucket-info BUCKET_INFO] [--cors-rules CORS_RULES]
[--default-retention-mode {compliance,governance,none}]
[--default-retention-period period]
[--replication REPLICATION] [--file-lock-enabled]
[--default-server-side-encryption {SSE-B2,none}]
[--default-server-side-encryption-algorithm {AES256}]
[--lifecycle-rule LIFECYCLE_RULES | --lifecycle-rules LIFECYCLE_RULES]
bucketName [{allPublic,allPrivate}]
Positional Arguments
- bucketName
Target bucket name
- bucketType
Possible choices: allPublic, allPrivate
Named Arguments
- --bucket-info
- --cors-rules
If given, the bucket will have a ‘custom’ CORS configuration. Accepts a JSON string.
- --default-retention-mode
Possible choices: compliance, governance, none
- --default-retention-period
- --replication
- --file-lock-enabled
If given, the bucket will have the file lock mechanism enabled. This parameter cannot be changed back.
- --default-server-side-encryption
Possible choices: SSE-B2, none
- --default-server-side-encryption-algorithm
Possible choices: AES256
Default: “AES256”
- --lifecycle-rule
Lifecycle rule in JSON format. Can be supplied multiple times.
- --lifecycle-rules
(deprecated; use –lifecycle-rule instead) List of lifecycle rules in JSON format.