Skip to content

/AWS1/CL_LSAACCTLEVELBPASYNC

Describes the synchronization status of the Amazon Simple Storage Service (Amazon S3) account-level block public access (BPA) feature for your Lightsail buckets.

The account-level BPA feature of Amazon S3 provides centralized controls to limit public access to all Amazon S3 buckets in an account. BPA can make all Amazon S3 buckets in an Amazon Web Services account private regardless of the individual bucket and object permissions that are configured. Lightsail buckets take into account the Amazon S3 account-level BPA configuration when allowing or denying public access. To do this, Lightsail periodically fetches the account-level BPA configuration from Amazon S3. When the account-level BPA status is InSync, the Amazon S3 account-level BPA configuration is synchronized and it applies to your Lightsail buckets. For more information about Amazon Simple Storage Service account-level BPA and how it affects Lightsail buckets, see Block public access for buckets in Amazon Lightsail in the Amazon Lightsail Developer Guide.

CONSTRUCTOR

IMPORTING

Optional arguments:

iv_status TYPE /AWS1/LSAACCTLEVELBPASYNCSTAT /AWS1/LSAACCTLEVELBPASYNCSTAT

The status of the account-level BPA synchronization.

The following statuses are possible:

  • InSync - Account-level BPA is synchronized. The Amazon S3 account-level BPA configuration applies to your Lightsail buckets.

  • NeverSynced - Synchronization has not yet happened. The Amazon S3 account-level BPA configuration does not apply to your Lightsail buckets.

  • Failed - Synchronization failed. The Amazon S3 account-level BPA configuration does not apply to your Lightsail buckets.

  • Defaulted - Synchronization failed and account-level BPA for your Lightsail buckets is defaulted to active.

You might need to complete further actions if the status is Failed or Defaulted. The message parameter provides more information for those statuses.

iv_lastsyncedat TYPE /AWS1/LSAISODATE /AWS1/LSAISODATE

The timestamp of when the account-level BPA configuration was last synchronized. This value is null when the account-level BPA configuration has not been synchronized.

iv_message TYPE /AWS1/LSABPASTATUSMESSAGE /AWS1/LSABPASTATUSMESSAGE

A message that provides a reason for a Failed or Defaulted synchronization status.

The following messages are possible:

  • SYNC_ON_HOLD - The synchronization has not yet happened. This status message occurs immediately after you create your first Lightsail bucket. This status message should change after the first synchronization happens, approximately 1 hour after the first bucket is created.

  • DEFAULTED_FOR_SLR_MISSING - The synchronization failed because the required service-linked role is missing from your Amazon Web Services account. The account-level BPA configuration for your Lightsail buckets is defaulted to active until the synchronization can occur. This means that all your buckets are private and not publicly accessible. For more information about how to create the required service-linked role to allow synchronization, see Using Service-Linked Roles for Amazon Lightsail in the Amazon Lightsail Developer Guide.

  • DEFAULTED_FOR_SLR_MISSING_ON_HOLD - The synchronization failed because the required service-linked role is missing from your Amazon Web Services account. Account-level BPA is not yet configured for your Lightsail buckets. Therefore, only the bucket access permissions and individual object access permissions apply to your Lightsail buckets. For more information about how to create the required service-linked role to allow synchronization, see Using Service-Linked Roles for Amazon Lightsail in the Amazon Lightsail Developer Guide.

  • Unknown - The reason that synchronization failed is unknown. Contact Amazon Web ServicesSupport for more information.

iv_bpaimpactslightsail TYPE /AWS1/LSABOOLEAN /AWS1/LSABOOLEAN

A Boolean value that indicates whether account-level block public access is affecting your Lightsail buckets.

Queryable Attributes

status

The status of the account-level BPA synchronization.

The following statuses are possible:

  • InSync - Account-level BPA is synchronized. The Amazon S3 account-level BPA configuration applies to your Lightsail buckets.

  • NeverSynced - Synchronization has not yet happened. The Amazon S3 account-level BPA configuration does not apply to your Lightsail buckets.

  • Failed - Synchronization failed. The Amazon S3 account-level BPA configuration does not apply to your Lightsail buckets.

  • Defaulted - Synchronization failed and account-level BPA for your Lightsail buckets is defaulted to active.

You might need to complete further actions if the status is Failed or Defaulted. The message parameter provides more information for those statuses.

Accessible with the following methods

Method Description
GET_STATUS() Getter for STATUS, with configurable default
ASK_STATUS() Getter for STATUS w/ exceptions if field has no value
HAS_STATUS() Determine if STATUS has a value

lastSyncedAt

The timestamp of when the account-level BPA configuration was last synchronized. This value is null when the account-level BPA configuration has not been synchronized.

Accessible with the following methods

Method Description
GET_LASTSYNCEDAT() Getter for LASTSYNCEDAT, with configurable default
ASK_LASTSYNCEDAT() Getter for LASTSYNCEDAT w/ exceptions if field has no value
HAS_LASTSYNCEDAT() Determine if LASTSYNCEDAT has a value

message

A message that provides a reason for a Failed or Defaulted synchronization status.

The following messages are possible:

  • SYNC_ON_HOLD - The synchronization has not yet happened. This status message occurs immediately after you create your first Lightsail bucket. This status message should change after the first synchronization happens, approximately 1 hour after the first bucket is created.

  • DEFAULTED_FOR_SLR_MISSING - The synchronization failed because the required service-linked role is missing from your Amazon Web Services account. The account-level BPA configuration for your Lightsail buckets is defaulted to active until the synchronization can occur. This means that all your buckets are private and not publicly accessible. For more information about how to create the required service-linked role to allow synchronization, see Using Service-Linked Roles for Amazon Lightsail in the Amazon Lightsail Developer Guide.

  • DEFAULTED_FOR_SLR_MISSING_ON_HOLD - The synchronization failed because the required service-linked role is missing from your Amazon Web Services account. Account-level BPA is not yet configured for your Lightsail buckets. Therefore, only the bucket access permissions and individual object access permissions apply to your Lightsail buckets. For more information about how to create the required service-linked role to allow synchronization, see Using Service-Linked Roles for Amazon Lightsail in the Amazon Lightsail Developer Guide.

  • Unknown - The reason that synchronization failed is unknown. Contact Amazon Web ServicesSupport for more information.

Accessible with the following methods

Method Description
GET_MESSAGE() Getter for MESSAGE, with configurable default
ASK_MESSAGE() Getter for MESSAGE w/ exceptions if field has no value
HAS_MESSAGE() Determine if MESSAGE has a value

bpaImpactsLightsail

A Boolean value that indicates whether account-level block public access is affecting your Lightsail buckets.

Accessible with the following methods

Method Description
GET_BPAIMPACTSLIGHTSAIL() Getter for BPAIMPACTSLIGHTSAIL, with configurable default
ASK_BPAIMPACTSLIGHTSAIL() Getter for BPAIMPACTSLIGHTSAIL w/ exceptions if field has no
HAS_BPAIMPACTSLIGHTSAIL() Determine if BPAIMPACTSLIGHTSAIL has a value