# PublicAccessBlock

Blocks public acccess to a Bucket

## GetPublicAccessBlock

> Retrieves the public access configuration for a bucket.\
> \
> \#### Permissions\
> You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission\
> to perform the \`s3:GetBucketPublicAccessBlock\` operation using \[Bucket Policy]\(#tag/Policy/operation/PutBucketPolicy).\
> \
> \#### S3 API Compatibility\
> \- The \`x-amz-expected-bucket-owner\` header isn't supported.<br>

```json
{"openapi":"3.0.3","info":{"title":"IONOS Object Storage API for user-owned buckets","version":"2.0.15"},"tags":[{"name":"PublicAccessBlock","description":"Blocks public acccess to a Bucket"}],"servers":[{"url":"https://s3.eu-central-1.ionoscloud.com","description":"URL for `de` (Frankfurt, Germany)"},{"url":"https://s3.de-central.profitbricks.com","description":"Legacy URL for `de` (Frankfurt, Germany)"},{"url":"https://s3.eu-central-2.ionoscloud.com","description":"URL for `eu-central-2` (Berlin, Germany)"},{"url":"https://s3.eu-south-2.ionoscloud.com","description":"URL for `eu-south-2` (Logroño, Spain)"}],"security":[{"hmac":[]}],"components":{"securitySchemes":{"hmac":{"type":"apiKey","name":"Authorization","in":"header","description":"IONOS Object Storage API requests are authenticated using the AWS signature. \nThe IONOS Object Storage API authenticates users using a customized HTTP scheme based on a [keyed-HMAC](https://en.wikipedia.org/wiki/HMAC) (Hash Message Authentication Code).\nThe process of generating the proper Authorization header is somewhat involved. We recommend that you make use of a tool such as Postman.\n\n<img src=\"/docs/s3/hmac-postman.png\" width=\"800px\" />\n\nIn the **Authorization** tab for a request, select **AWS Signature** from the **Type** dropdown list.\nSpecify where Postman should append your authorization data using the **Add authorization data to** drop-down menu.\n\n* If you select **Request Headers**, Postman populates the **Headers** tab with Authorization and `X-Amz-` prefixed fields.\n\n* If you select **Request URL**, Postman populates the **Params** tab with authentication details prefixed with `X-Amz-`.\n\n\n**Note:** The parameters listed below contain confidential information. We recommend using variables to keep this data secure while working in a collaborative environment.\n\n* For **Access Key**, enter your `access key` directly in the fields or through variables for added security.\n\n* For **Secret Key**, enter your `secret key` directly in the fields or through variables for added security.\n\nAdvanced fields are optional, but Postman will attempt to generate them automatically if necessary.\n* For **AWS Region**, enter one of the [regions](#section/Endpoints) (`eu-central-3`) where your bucket is hosted.\n\n* For **Service Name**, enter `s3`. The name of the service that receives the requests.\n\n* For **Session Token**, **leave the field blank**. This is only required when temporary security credentials are used.\n"}},"schemas":{"BlockPublicAccessOutput":{"type":"object","properties":{"BlockPublicAcls":{"description":"Indicates that access to the bucket via Access Control Lists (ACLs) that grant public access is blocked.\nIn other words, ACLs that allow public access are not permitted.\n","type":"boolean"},"IgnorePublicAcls":{"description":"Instructs the system to ignore any ACLs that grant public access. Even if ACLs are set to allow public access,\nthey will be disregarded.\n","type":"boolean"},"BlockPublicPolicy":{"description":"Blocks public access to the bucket via bucket policies. Bucket policies that grant public access will not be allowed.\n","type":"boolean"},"RestrictPublicBuckets":{"description":"Restricts access to buckets that have public policies. Buckets with policies that grant public access will have their access restricted.\n","type":"boolean"}},"xml":{"name":"BlockPublicAccessBlockConfiguration"}},"Error":{"type":"object","description":"Container for all error elements.","properties":{"Error":{"type":"object","properties":{"Code":{"type":"string","enum":["AccessDenied","AccountProblem","AmbiguousGrantByEmailAddress","BadDigest","BucketAlreadyExists","BucketAlreadyOwnedByYou","BucketNotEmpty","CrossLocationLoggingProhibited","EntityTooSmall","EntityTooLarge","IllegalVersioningConfigurationException","IncorrectNumberOfFilesInPostRequest","InternalError","InvalidAccessKeyId","InvalidArgument","InvalidBucketName","InvalidBucketState","InvalidDigest","InvalidEncryptionAlgorithmError","InvalidLocationConstraint","InvalidObjectState","InvalidPart","InvalidPartOrder","InvalidPolicyDocument","InvalidRange","InvalidRequest","InvalidSecurity","InvalidTargetBucketForLogging","InvalidURI","KeyTooLong","MalformedACLError","MalformedPOSTRequest","MalformedXML","MaxMessageLengthExceeded","MaxPostPreDataLengthExceededError","MetadataTooLarge","MethodNotAllowed","MissingContentLength","MissingSecurityHeader","NoSuchBucket","NoSuchBucketPolicy","NoSuchKey","NoSuchLifecycleConfiguration","NoSuchReplicationConfiguration","NoSuchUpload","NoSuchVersion","NotImplemented","PermanentRedirect","PreconditionFailed","Redirect","RestoreAlreadyInProgress","RequestIsNotMultiPartContent","RequestTimeout","RequestTimeTooSkewed","SignatureDoesNotMatch","ServiceUnavailable","SlowDown","TemporaryRedirect","TooManyBuckets","UnexpectedContent","UnresolvableGrantByEmailAddress","UserKeyMustBeSpecified"],"description":"The error code is a string that uniquely identifies an error\ncondition. It is meant to be read and understood by programs\nthat detect and handle errors by type.\n\n## IONOS Object Storage error codes\n- AccessDenied\n  - Description: Access Denied\n  - HTTPStatus Code: 403 Forbidden\n- AccountProblem\n  - Description: There is a problem with your IONOS Object Storage account that prevents the operation from completing successfully. Contact IONOS for further assistance.\n  - HTTP Status Code: 403 Forbidden\n- AmbiguousGrantByEmailAddress\n  - Description: The email address you provided is associated with more than one account.\n  - HTTP Status Code: 400 Bad Request\n- BadDigest\n  - Description: The Content-MD5 you specified did not match what we received.\n  - HTTP Status Code: 400 Bad Request\n- BucketAlreadyExists\n  - Description: The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.\n  - HTTP Status Code: 409 Conflict\n- BucketAlreadyOwnedByYou\n  - Description: The bucket you tried to create already exists, and you own it.\n  - HTTP Code: 409 Conflict\n- BucketNotEmpty\n  - Description: The bucket you tried to delete is not empty.\n  - HTTP Status Code: 409 Conflict\n- CrossLocationLoggingProhibited\n  - Description: Cross-location logging not allowed. Buckets in one geographic location cannot log information to a bucket in another location.\n  - HTTP Status Code: 403 Forbidden\n- EntityTooSmall\n  - Description: Your proposed upload is smaller than the minimum allowed object size.\n  - HTTP Status Code: 400 Bad Request\n- EntityTooLarge\n  - Description: Your proposed upload exceeds the maximum allowed object size.\n  - HTTP Status Code: 400 Bad Request\n- IllegalVersioningConfigurationException\n  - Description: Indicates that the versioning configuration specified in the request is invalid.\n  - HTTP Status Code: 400 Bad Request\n- IncorrectNumberOfFilesInPostRequest\n  - Description: POST requires exactly one file upload per request.\n  - HTTP Status Code: 400 Bad Request\n- InternalError\n  - Description: We encountered an internal error. Please try again.\n  - HTTP Status Code: 500 Internal Server Error \n- InvalidAccessKeyId\n  - Description: The IONOS Object Storage access key ID you provided does not exist in our records.\n  - HTTP Status Code: 403 Forbidden\n- InvalidArgument\n  - Description: Invalid Argument\n  - HTTP Status Code: 400 Bad Request\n- InvalidBucketName\n  - Description: The specified bucket is not valid.\n  - HTTP Status Code: 400 Bad Request\n- InvalidBucketState\n  - Description: The request is not valid with the current state of the bucket.\n  - HTTP Status Code: 409 Conflict\n- InvalidDigest\n  - Description: The Content-MD5 you specified is not valid.\n  - HTTP Status Code: 400 Bad Request\n- InvalidEncryptionAlgorithmError\n  - Description: The encryption request you specified is not valid. The valid value is AES256.\n  - HTTP Status Code: 400 Bad Request\n- InvalidLocationConstraint\n  - HTTP Status Code: 400 Bad Request\n- InvalidObjectState\n  - Description: The operation is not valid for the current state of the object.\n  - HTTP Status Code: 403 Forbidden\n- InvalidPart\n  - Description: One or more of the specified parts could not be found. The part might not have been uploaded, or the specified entity tag might not have matched the part's entity tag.\n  - HTTP Status Code: 400 Bad Request\n- InvalidPartOrder\n  - Description: The list of parts was not in ascending order. Parts list must be specified in order by part number.\n  - HTTP Status Code: 400 Bad Request\n- InvalidPolicyDocument\n  - Description: The content of the form does not meet the conditions specified in the policy document.\n  - HTTP Status Code: 400 Bad Request\n- InvalidRange\n  - Description: The requested range cannot be satisfied.\n  - HTTP Status Code: 416 Requested Range Not Satisfiable\n- InvalidRequest\n  - Description: Please use `AWS4-HMAC-SHA256`.\n  - HTTP Status Code: 400 Bad Request\n- InvalidSecurity\n  - Description: The provided security credentials are not valid.\n  - HTTP Status Code: 403 Forbidden\n- InvalidTargetBucketForLogging\n  - Description: The target bucket for logging does not exist, is not owned by you, or does not have the appropriate grants for the log-delivery group.\n  - Status Code: 400 Bad Request\n- InvalidURI\n  - Description: Couldn't parse the specified URI.\n  - HTTP Status Code: 400 Bad Request\n- KeyTooLong\n  - Description: Your key is too long.\n  - HTTP Status Code: 400 Bad Request\n- MalformedACLError\n  - Description: The XML you provided was not well-formed or did not validate against our published schema.\n  - HTTP Status Code: 400 Bad Request\n- MalformedPOSTRequest\n  - Description: The body of your POST request is not well-formed multipart/form-data.\n  - HTTP Status Code: 400 Bad Request\n- MalformedXML\n  - Description: This happens when the user sends malformed XML (XML that doesn't conform to the published XSD) for the configuration. The error message is, \"The XML you provided was not well-formed or did not validate against our published schema.\"\n  - HTTP Status Code: 400 Bad Request\n- MaxMessageLengthExceeded\n  - Description: Your request was too big.\n  - HTTP Status Code: 400 Bad Request\n- MaxPostPreDataLengthExceededError\n  - Description: Your POST request fields preceding the upload file were too large.\n  - HTTP Status Code: 400 Bad Request\n- MetadataTooLarge\n  - Description: Your metadata headers exceed the maximum allowed metadata size.\n  - HTTP Status Code: 400 Bad Request\n- MethodNotAllowed\n  - Description: The specified method is not allowed against this resource.\n  - HTTP Status Code: 405 Method Not Allowed\n- MissingContentLength\n  - Description: You must provide the Content-Length HTTP header.\n  - HTTP Status Code: 411 Length Required\n- MissingSecurityHeader\n  - Description: Your request is missing a required header.\n  - HTTP Status Code: 400 Bad Request\n- NoSuchBucket\n  - Description: The specified bucket does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchBucketPolicy\n  - Description: The specified bucket does not have a bucket policy.\n  - HTTP Status Code: 404 Not Found\n- NoSuchKey\n  - Description: The specified key does not exist.\n  - HTTP Status Code:404 Not Found\n- NoSuchLifecycleConfiguration\n  - Description: The lifecycle configuration does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchReplicationConfiguration\n  - Description: The replication configuration does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchUpload\n  - Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed.\n  - HTTP Status Code: 404 Not Found\n- NoSuchVersion\n  - Description: Indicates that the version ID specified in the request does not match an existing version.\n  - HTTP Status Code: 404 Not Found\n- NotImplemented\n  - Description: A header you provided implies functionality that is not implemented.\n  - HTTP Status Code: 501 Not Implemented\n- PermanentRedirect\n  - Description: The bucket you are attempting to access must be addressed using the specified endpoint. Send all future requests to this endpoint.\n  - HTTP Status Code: 301 Moved Permanently\n- PreconditionFailed\n  - Description: At least one of the preconditions you specified did not hold.\n  - HTTP Status Code: 412 Precondition Failed\n- Redirect\n  - Description: Temporary redirect.\n  - HTTP Status Code: 307 Moved Temporarily\n- RestoreAlreadyInProgress\n  - Description: Object restore is already in progress.\n  - HTTP Status Code: 409 Conflict\n- RequestIsNotMultiPartContent\n  - Description: Bucket POST must be of the enclosure-type multipart/form-data.\n  - HTTP Status Code: 400 Bad Request\n- RequestTimeout\n  - Description: Your socket connection to the server was not read from or written to within the timeout period.\n  - HTTP Status Code: 400 Bad Request\n- RequestTimeTooSkewed\n  - Description: The difference between the request time and the server's time is too large.\n  - HTTP Status Code: 403 Forbidden\n- SignatureDoesNotMatch\n  - HTTP Status Code: 403 Forbidden\n- ServiceUnavailable\n  - Description: Reduce your request rate.\n  - HTTP Status Code: 503 Service Unavailable\n- SlowDown\n  - Description: Reduce your request rate.\n  - HTTP Status Code: 503 Slow Down\n- TemporaryRedirect\n  - Description: You are being redirected to the bucket while DNS updates.\n  - HTTP Status Code: 307 Moved Temporarily\n- TooManyBuckets\n  - Description: You have attempted to create more buckets than allowed.\n  - HTTP Status Code: 400 Bad Request\n- UnexpectedContent\n  - Description: This request does not support content.\n  - HTTP Status Code: 400 Bad Request\n- UnresolvableGrantByEmailAddress\n  - Description: The email address you provided does not match any account on record.\n  - HTTP Status Code: 400 Bad Request\n- UserKeyMustBeSpecified\n  - Description: The bucket POST must contain the specified field name. If it is specified, check the order of the fields.\n  - HTTP Status Code: 400 Bad Request\n"},"Message":{"type":"string","description":"Gives a brief English description of the issue."},"RequestId":{"type":"string"},"HostId":{"type":"string"}}}},"xml":{"name":"Error"}},"BucketName":{"description":"The bucket name.","type":"string","minLength":3,"maxLength":63,"xml":{"name":"Name"}}}},"paths":{"/{Bucket}?publicAccessBlock":{"get":{"tags":["PublicAccessBlock"],"summary":"GetPublicAccessBlock","operationId":"GetPublicAccessBlock","description":"Retrieves the public access configuration for a bucket.\n\n#### Permissions\nYou must be the contract owner or an administrator to perform this operation. If not, they can grant you permission\nto perform the `s3:GetBucketPublicAccessBlock` operation using [Bucket Policy](#tag/Policy/operation/PutBucketPolicy).\n\n#### S3 API Compatibility\n- The `x-amz-expected-bucket-owner` header isn't supported.\n","responses":{"200":{"description":"Successful operation","headers":{},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/BlockPublicAccessOutput"}}}},"403":{"description":"AccessDenied","headers":{},"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/Error"}}}},"404":{"description":"NoSuchBucket","headers":{},"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/Error"}}}}},"parameters":[{"name":"Bucket","in":"path","required":true,"schema":{"$ref":"#/components/schemas/BucketName"}},{"name":"policy","in":"query","required":true,"schema":{"type":"boolean","enum":[true]},"allowEmptyValue":true}]}}}}
```

## PutPublicAccessBlock

> Blocks public access to an object storage bucket based on the specified parameters. \
> \
> This operation modifies the bucket's settings to either prevent public access entirely\
> or impose restrictions based on specific conditions.\
> \
> \#### Permissions\
> You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission\
> to perform the \`s3:PutBucketPublicAccessBlock\` operation using \[Bucket Policy]\(#tag/Policy/operation/PutBucketPolicy).\
> \*\*Note:\*\* The bucket owner can always perform this operation, even if the policy explicitly denies access to it.\
> \
> \#### S3 API Compatibility\
> \- The \`x-amz-expected-bucket-owner\` header isn't supported.\
> \- The \`x-amz-confirm-remove-self-bucket-access\` header isn't supported.<br>

```json
{"openapi":"3.0.3","info":{"title":"IONOS Object Storage API for user-owned buckets","version":"2.0.15"},"tags":[{"name":"PublicAccessBlock","description":"Blocks public acccess to a Bucket"}],"servers":[{"url":"https://s3.eu-central-1.ionoscloud.com","description":"URL for `de` (Frankfurt, Germany)"},{"url":"https://s3.de-central.profitbricks.com","description":"Legacy URL for `de` (Frankfurt, Germany)"},{"url":"https://s3.eu-central-2.ionoscloud.com","description":"URL for `eu-central-2` (Berlin, Germany)"},{"url":"https://s3.eu-south-2.ionoscloud.com","description":"URL for `eu-south-2` (Logroño, Spain)"}],"security":[{"hmac":[]}],"components":{"securitySchemes":{"hmac":{"type":"apiKey","name":"Authorization","in":"header","description":"IONOS Object Storage API requests are authenticated using the AWS signature. \nThe IONOS Object Storage API authenticates users using a customized HTTP scheme based on a [keyed-HMAC](https://en.wikipedia.org/wiki/HMAC) (Hash Message Authentication Code).\nThe process of generating the proper Authorization header is somewhat involved. We recommend that you make use of a tool such as Postman.\n\n<img src=\"/docs/s3/hmac-postman.png\" width=\"800px\" />\n\nIn the **Authorization** tab for a request, select **AWS Signature** from the **Type** dropdown list.\nSpecify where Postman should append your authorization data using the **Add authorization data to** drop-down menu.\n\n* If you select **Request Headers**, Postman populates the **Headers** tab with Authorization and `X-Amz-` prefixed fields.\n\n* If you select **Request URL**, Postman populates the **Params** tab with authentication details prefixed with `X-Amz-`.\n\n\n**Note:** The parameters listed below contain confidential information. We recommend using variables to keep this data secure while working in a collaborative environment.\n\n* For **Access Key**, enter your `access key` directly in the fields or through variables for added security.\n\n* For **Secret Key**, enter your `secret key` directly in the fields or through variables for added security.\n\nAdvanced fields are optional, but Postman will attempt to generate them automatically if necessary.\n* For **AWS Region**, enter one of the [regions](#section/Endpoints) (`eu-central-3`) where your bucket is hosted.\n\n* For **Service Name**, enter `s3`. The name of the service that receives the requests.\n\n* For **Session Token**, **leave the field blank**. This is only required when temporary security credentials are used.\n"}},"schemas":{"Error":{"type":"object","description":"Container for all error elements.","properties":{"Error":{"type":"object","properties":{"Code":{"type":"string","enum":["AccessDenied","AccountProblem","AmbiguousGrantByEmailAddress","BadDigest","BucketAlreadyExists","BucketAlreadyOwnedByYou","BucketNotEmpty","CrossLocationLoggingProhibited","EntityTooSmall","EntityTooLarge","IllegalVersioningConfigurationException","IncorrectNumberOfFilesInPostRequest","InternalError","InvalidAccessKeyId","InvalidArgument","InvalidBucketName","InvalidBucketState","InvalidDigest","InvalidEncryptionAlgorithmError","InvalidLocationConstraint","InvalidObjectState","InvalidPart","InvalidPartOrder","InvalidPolicyDocument","InvalidRange","InvalidRequest","InvalidSecurity","InvalidTargetBucketForLogging","InvalidURI","KeyTooLong","MalformedACLError","MalformedPOSTRequest","MalformedXML","MaxMessageLengthExceeded","MaxPostPreDataLengthExceededError","MetadataTooLarge","MethodNotAllowed","MissingContentLength","MissingSecurityHeader","NoSuchBucket","NoSuchBucketPolicy","NoSuchKey","NoSuchLifecycleConfiguration","NoSuchReplicationConfiguration","NoSuchUpload","NoSuchVersion","NotImplemented","PermanentRedirect","PreconditionFailed","Redirect","RestoreAlreadyInProgress","RequestIsNotMultiPartContent","RequestTimeout","RequestTimeTooSkewed","SignatureDoesNotMatch","ServiceUnavailable","SlowDown","TemporaryRedirect","TooManyBuckets","UnexpectedContent","UnresolvableGrantByEmailAddress","UserKeyMustBeSpecified"],"description":"The error code is a string that uniquely identifies an error\ncondition. It is meant to be read and understood by programs\nthat detect and handle errors by type.\n\n## IONOS Object Storage error codes\n- AccessDenied\n  - Description: Access Denied\n  - HTTPStatus Code: 403 Forbidden\n- AccountProblem\n  - Description: There is a problem with your IONOS Object Storage account that prevents the operation from completing successfully. Contact IONOS for further assistance.\n  - HTTP Status Code: 403 Forbidden\n- AmbiguousGrantByEmailAddress\n  - Description: The email address you provided is associated with more than one account.\n  - HTTP Status Code: 400 Bad Request\n- BadDigest\n  - Description: The Content-MD5 you specified did not match what we received.\n  - HTTP Status Code: 400 Bad Request\n- BucketAlreadyExists\n  - Description: The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.\n  - HTTP Status Code: 409 Conflict\n- BucketAlreadyOwnedByYou\n  - Description: The bucket you tried to create already exists, and you own it.\n  - HTTP Code: 409 Conflict\n- BucketNotEmpty\n  - Description: The bucket you tried to delete is not empty.\n  - HTTP Status Code: 409 Conflict\n- CrossLocationLoggingProhibited\n  - Description: Cross-location logging not allowed. Buckets in one geographic location cannot log information to a bucket in another location.\n  - HTTP Status Code: 403 Forbidden\n- EntityTooSmall\n  - Description: Your proposed upload is smaller than the minimum allowed object size.\n  - HTTP Status Code: 400 Bad Request\n- EntityTooLarge\n  - Description: Your proposed upload exceeds the maximum allowed object size.\n  - HTTP Status Code: 400 Bad Request\n- IllegalVersioningConfigurationException\n  - Description: Indicates that the versioning configuration specified in the request is invalid.\n  - HTTP Status Code: 400 Bad Request\n- IncorrectNumberOfFilesInPostRequest\n  - Description: POST requires exactly one file upload per request.\n  - HTTP Status Code: 400 Bad Request\n- InternalError\n  - Description: We encountered an internal error. Please try again.\n  - HTTP Status Code: 500 Internal Server Error \n- InvalidAccessKeyId\n  - Description: The IONOS Object Storage access key ID you provided does not exist in our records.\n  - HTTP Status Code: 403 Forbidden\n- InvalidArgument\n  - Description: Invalid Argument\n  - HTTP Status Code: 400 Bad Request\n- InvalidBucketName\n  - Description: The specified bucket is not valid.\n  - HTTP Status Code: 400 Bad Request\n- InvalidBucketState\n  - Description: The request is not valid with the current state of the bucket.\n  - HTTP Status Code: 409 Conflict\n- InvalidDigest\n  - Description: The Content-MD5 you specified is not valid.\n  - HTTP Status Code: 400 Bad Request\n- InvalidEncryptionAlgorithmError\n  - Description: The encryption request you specified is not valid. The valid value is AES256.\n  - HTTP Status Code: 400 Bad Request\n- InvalidLocationConstraint\n  - HTTP Status Code: 400 Bad Request\n- InvalidObjectState\n  - Description: The operation is not valid for the current state of the object.\n  - HTTP Status Code: 403 Forbidden\n- InvalidPart\n  - Description: One or more of the specified parts could not be found. The part might not have been uploaded, or the specified entity tag might not have matched the part's entity tag.\n  - HTTP Status Code: 400 Bad Request\n- InvalidPartOrder\n  - Description: The list of parts was not in ascending order. Parts list must be specified in order by part number.\n  - HTTP Status Code: 400 Bad Request\n- InvalidPolicyDocument\n  - Description: The content of the form does not meet the conditions specified in the policy document.\n  - HTTP Status Code: 400 Bad Request\n- InvalidRange\n  - Description: The requested range cannot be satisfied.\n  - HTTP Status Code: 416 Requested Range Not Satisfiable\n- InvalidRequest\n  - Description: Please use `AWS4-HMAC-SHA256`.\n  - HTTP Status Code: 400 Bad Request\n- InvalidSecurity\n  - Description: The provided security credentials are not valid.\n  - HTTP Status Code: 403 Forbidden\n- InvalidTargetBucketForLogging\n  - Description: The target bucket for logging does not exist, is not owned by you, or does not have the appropriate grants for the log-delivery group.\n  - Status Code: 400 Bad Request\n- InvalidURI\n  - Description: Couldn't parse the specified URI.\n  - HTTP Status Code: 400 Bad Request\n- KeyTooLong\n  - Description: Your key is too long.\n  - HTTP Status Code: 400 Bad Request\n- MalformedACLError\n  - Description: The XML you provided was not well-formed or did not validate against our published schema.\n  - HTTP Status Code: 400 Bad Request\n- MalformedPOSTRequest\n  - Description: The body of your POST request is not well-formed multipart/form-data.\n  - HTTP Status Code: 400 Bad Request\n- MalformedXML\n  - Description: This happens when the user sends malformed XML (XML that doesn't conform to the published XSD) for the configuration. The error message is, \"The XML you provided was not well-formed or did not validate against our published schema.\"\n  - HTTP Status Code: 400 Bad Request\n- MaxMessageLengthExceeded\n  - Description: Your request was too big.\n  - HTTP Status Code: 400 Bad Request\n- MaxPostPreDataLengthExceededError\n  - Description: Your POST request fields preceding the upload file were too large.\n  - HTTP Status Code: 400 Bad Request\n- MetadataTooLarge\n  - Description: Your metadata headers exceed the maximum allowed metadata size.\n  - HTTP Status Code: 400 Bad Request\n- MethodNotAllowed\n  - Description: The specified method is not allowed against this resource.\n  - HTTP Status Code: 405 Method Not Allowed\n- MissingContentLength\n  - Description: You must provide the Content-Length HTTP header.\n  - HTTP Status Code: 411 Length Required\n- MissingSecurityHeader\n  - Description: Your request is missing a required header.\n  - HTTP Status Code: 400 Bad Request\n- NoSuchBucket\n  - Description: The specified bucket does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchBucketPolicy\n  - Description: The specified bucket does not have a bucket policy.\n  - HTTP Status Code: 404 Not Found\n- NoSuchKey\n  - Description: The specified key does not exist.\n  - HTTP Status Code:404 Not Found\n- NoSuchLifecycleConfiguration\n  - Description: The lifecycle configuration does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchReplicationConfiguration\n  - Description: The replication configuration does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchUpload\n  - Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed.\n  - HTTP Status Code: 404 Not Found\n- NoSuchVersion\n  - Description: Indicates that the version ID specified in the request does not match an existing version.\n  - HTTP Status Code: 404 Not Found\n- NotImplemented\n  - Description: A header you provided implies functionality that is not implemented.\n  - HTTP Status Code: 501 Not Implemented\n- PermanentRedirect\n  - Description: The bucket you are attempting to access must be addressed using the specified endpoint. Send all future requests to this endpoint.\n  - HTTP Status Code: 301 Moved Permanently\n- PreconditionFailed\n  - Description: At least one of the preconditions you specified did not hold.\n  - HTTP Status Code: 412 Precondition Failed\n- Redirect\n  - Description: Temporary redirect.\n  - HTTP Status Code: 307 Moved Temporarily\n- RestoreAlreadyInProgress\n  - Description: Object restore is already in progress.\n  - HTTP Status Code: 409 Conflict\n- RequestIsNotMultiPartContent\n  - Description: Bucket POST must be of the enclosure-type multipart/form-data.\n  - HTTP Status Code: 400 Bad Request\n- RequestTimeout\n  - Description: Your socket connection to the server was not read from or written to within the timeout period.\n  - HTTP Status Code: 400 Bad Request\n- RequestTimeTooSkewed\n  - Description: The difference between the request time and the server's time is too large.\n  - HTTP Status Code: 403 Forbidden\n- SignatureDoesNotMatch\n  - HTTP Status Code: 403 Forbidden\n- ServiceUnavailable\n  - Description: Reduce your request rate.\n  - HTTP Status Code: 503 Service Unavailable\n- SlowDown\n  - Description: Reduce your request rate.\n  - HTTP Status Code: 503 Slow Down\n- TemporaryRedirect\n  - Description: You are being redirected to the bucket while DNS updates.\n  - HTTP Status Code: 307 Moved Temporarily\n- TooManyBuckets\n  - Description: You have attempted to create more buckets than allowed.\n  - HTTP Status Code: 400 Bad Request\n- UnexpectedContent\n  - Description: This request does not support content.\n  - HTTP Status Code: 400 Bad Request\n- UnresolvableGrantByEmailAddress\n  - Description: The email address you provided does not match any account on record.\n  - HTTP Status Code: 400 Bad Request\n- UserKeyMustBeSpecified\n  - Description: The bucket POST must contain the specified field name. If it is specified, check the order of the fields.\n  - HTTP Status Code: 400 Bad Request\n"},"Message":{"type":"string","description":"Gives a brief English description of the issue."},"RequestId":{"type":"string"},"HostId":{"type":"string"}}}},"xml":{"name":"Error"}},"BucketName":{"description":"The bucket name.","type":"string","minLength":3,"maxLength":63,"xml":{"name":"Name"}},"Content-MD5":{"type":"string","description":"The base64 encoded MD5 digest of the message (without the headers) according to\n[RFC 1864](http://www.ietf.org/rfc/rfc1864.txt).\n"},"BlockPublicAccessPayload":{"type":"object","properties":{"BlockPublicAcls":{"description":"Indicates that access to the bucket via Access Control Lists (ACLs) that grant public access is blocked.\nIn other words, ACLs that allow public access are not permitted.\n","type":"boolean","default":false},"IgnorePublicAcls":{"description":"Instructs the system to ignore any ACLs that grant public access. Even if ACLs are set to allow public access,\nthey will be disregarded.\n","type":"boolean","default":false},"BlockPublicPolicy":{"description":"Blocks public access to the bucket via bucket policies. Bucket policies that grant public access will not be allowed.\n","type":"boolean","default":false},"RestrictPublicBuckets":{"description":"Restricts access to buckets that have public policies. Buckets with policies that grant public access will have their access restricted.\n","type":"boolean","default":false}},"xml":{"name":"PublicAccessBlockConfiguration","namespace":"http://s3.amazonaws.com/doc/2006-03-01/"}}}},"paths":{"/{Bucket}?publicAccessBlock":{"put":{"tags":["PublicAccessBlock"],"summary":"PutPublicAccessBlock","operationId":"PutPublicAccessBlock","description":"Blocks public access to an object storage bucket based on the specified parameters. \n\nThis operation modifies the bucket's settings to either prevent public access entirely\nor impose restrictions based on specific conditions.\n\n#### Permissions\nYou must be the contract owner or an administrator to perform this operation. If not, they can grant you permission\nto perform the `s3:PutBucketPublicAccessBlock` operation using [Bucket Policy](#tag/Policy/operation/PutBucketPolicy).\n**Note:** The bucket owner can always perform this operation, even if the policy explicitly denies access to it.\n\n#### S3 API Compatibility\n- The `x-amz-expected-bucket-owner` header isn't supported.\n- The `x-amz-confirm-remove-self-bucket-access` header isn't supported.\n","responses":{"200":{"description":"Successful operation","headers":{},"content":{"application/xml":{}}},"400":{"description":"MalformedXML","headers":{},"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/Error"}}}},"403":{"description":"AccessDenied","headers":{},"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/Error"}}}},"404":{"description":"NoSuchBucket","headers":{},"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/Error"}}}}},"parameters":[{"name":"Bucket","in":"path","required":true,"schema":{"$ref":"#/components/schemas/BucketName"}},{"name":"policy","in":"query","required":true,"schema":{"type":"boolean","enum":[true]},"allowEmptyValue":true},{"name":"Content-MD5","in":"header","required":false,"schema":{"$ref":"#/components/schemas/Content-MD5"}}],"requestBody":{"required":true,"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/BlockPublicAccessPayload"}}}}}}}}
```

## DeletePublicAccessBlock

> Deletes the public access configuration for an object storage bucket.\
> \
> \#### Permissions\
> You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission\
> to perform the \`s3:DeleteBucketPublicAccessBlock\` operation using \[Bucket Policy]\(#tag/Policy/operation/PutBucketPolicy).\
> \
> \#### S3 API Compatibility\
> \- The \`x-amz-expected-bucket-owner\` header isn't supported.<br>

```json
{"openapi":"3.0.3","info":{"title":"IONOS Object Storage API for user-owned buckets","version":"2.0.15"},"tags":[{"name":"PublicAccessBlock","description":"Blocks public acccess to a Bucket"}],"servers":[{"url":"https://s3.eu-central-1.ionoscloud.com","description":"URL for `de` (Frankfurt, Germany)"},{"url":"https://s3.de-central.profitbricks.com","description":"Legacy URL for `de` (Frankfurt, Germany)"},{"url":"https://s3.eu-central-2.ionoscloud.com","description":"URL for `eu-central-2` (Berlin, Germany)"},{"url":"https://s3.eu-south-2.ionoscloud.com","description":"URL for `eu-south-2` (Logroño, Spain)"}],"security":[{"hmac":[]}],"components":{"securitySchemes":{"hmac":{"type":"apiKey","name":"Authorization","in":"header","description":"IONOS Object Storage API requests are authenticated using the AWS signature. \nThe IONOS Object Storage API authenticates users using a customized HTTP scheme based on a [keyed-HMAC](https://en.wikipedia.org/wiki/HMAC) (Hash Message Authentication Code).\nThe process of generating the proper Authorization header is somewhat involved. We recommend that you make use of a tool such as Postman.\n\n<img src=\"/docs/s3/hmac-postman.png\" width=\"800px\" />\n\nIn the **Authorization** tab for a request, select **AWS Signature** from the **Type** dropdown list.\nSpecify where Postman should append your authorization data using the **Add authorization data to** drop-down menu.\n\n* If you select **Request Headers**, Postman populates the **Headers** tab with Authorization and `X-Amz-` prefixed fields.\n\n* If you select **Request URL**, Postman populates the **Params** tab with authentication details prefixed with `X-Amz-`.\n\n\n**Note:** The parameters listed below contain confidential information. We recommend using variables to keep this data secure while working in a collaborative environment.\n\n* For **Access Key**, enter your `access key` directly in the fields or through variables for added security.\n\n* For **Secret Key**, enter your `secret key` directly in the fields or through variables for added security.\n\nAdvanced fields are optional, but Postman will attempt to generate them automatically if necessary.\n* For **AWS Region**, enter one of the [regions](#section/Endpoints) (`eu-central-3`) where your bucket is hosted.\n\n* For **Service Name**, enter `s3`. The name of the service that receives the requests.\n\n* For **Session Token**, **leave the field blank**. This is only required when temporary security credentials are used.\n"}},"schemas":{"Error":{"type":"object","description":"Container for all error elements.","properties":{"Error":{"type":"object","properties":{"Code":{"type":"string","enum":["AccessDenied","AccountProblem","AmbiguousGrantByEmailAddress","BadDigest","BucketAlreadyExists","BucketAlreadyOwnedByYou","BucketNotEmpty","CrossLocationLoggingProhibited","EntityTooSmall","EntityTooLarge","IllegalVersioningConfigurationException","IncorrectNumberOfFilesInPostRequest","InternalError","InvalidAccessKeyId","InvalidArgument","InvalidBucketName","InvalidBucketState","InvalidDigest","InvalidEncryptionAlgorithmError","InvalidLocationConstraint","InvalidObjectState","InvalidPart","InvalidPartOrder","InvalidPolicyDocument","InvalidRange","InvalidRequest","InvalidSecurity","InvalidTargetBucketForLogging","InvalidURI","KeyTooLong","MalformedACLError","MalformedPOSTRequest","MalformedXML","MaxMessageLengthExceeded","MaxPostPreDataLengthExceededError","MetadataTooLarge","MethodNotAllowed","MissingContentLength","MissingSecurityHeader","NoSuchBucket","NoSuchBucketPolicy","NoSuchKey","NoSuchLifecycleConfiguration","NoSuchReplicationConfiguration","NoSuchUpload","NoSuchVersion","NotImplemented","PermanentRedirect","PreconditionFailed","Redirect","RestoreAlreadyInProgress","RequestIsNotMultiPartContent","RequestTimeout","RequestTimeTooSkewed","SignatureDoesNotMatch","ServiceUnavailable","SlowDown","TemporaryRedirect","TooManyBuckets","UnexpectedContent","UnresolvableGrantByEmailAddress","UserKeyMustBeSpecified"],"description":"The error code is a string that uniquely identifies an error\ncondition. It is meant to be read and understood by programs\nthat detect and handle errors by type.\n\n## IONOS Object Storage error codes\n- AccessDenied\n  - Description: Access Denied\n  - HTTPStatus Code: 403 Forbidden\n- AccountProblem\n  - Description: There is a problem with your IONOS Object Storage account that prevents the operation from completing successfully. Contact IONOS for further assistance.\n  - HTTP Status Code: 403 Forbidden\n- AmbiguousGrantByEmailAddress\n  - Description: The email address you provided is associated with more than one account.\n  - HTTP Status Code: 400 Bad Request\n- BadDigest\n  - Description: The Content-MD5 you specified did not match what we received.\n  - HTTP Status Code: 400 Bad Request\n- BucketAlreadyExists\n  - Description: The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.\n  - HTTP Status Code: 409 Conflict\n- BucketAlreadyOwnedByYou\n  - Description: The bucket you tried to create already exists, and you own it.\n  - HTTP Code: 409 Conflict\n- BucketNotEmpty\n  - Description: The bucket you tried to delete is not empty.\n  - HTTP Status Code: 409 Conflict\n- CrossLocationLoggingProhibited\n  - Description: Cross-location logging not allowed. Buckets in one geographic location cannot log information to a bucket in another location.\n  - HTTP Status Code: 403 Forbidden\n- EntityTooSmall\n  - Description: Your proposed upload is smaller than the minimum allowed object size.\n  - HTTP Status Code: 400 Bad Request\n- EntityTooLarge\n  - Description: Your proposed upload exceeds the maximum allowed object size.\n  - HTTP Status Code: 400 Bad Request\n- IllegalVersioningConfigurationException\n  - Description: Indicates that the versioning configuration specified in the request is invalid.\n  - HTTP Status Code: 400 Bad Request\n- IncorrectNumberOfFilesInPostRequest\n  - Description: POST requires exactly one file upload per request.\n  - HTTP Status Code: 400 Bad Request\n- InternalError\n  - Description: We encountered an internal error. Please try again.\n  - HTTP Status Code: 500 Internal Server Error \n- InvalidAccessKeyId\n  - Description: The IONOS Object Storage access key ID you provided does not exist in our records.\n  - HTTP Status Code: 403 Forbidden\n- InvalidArgument\n  - Description: Invalid Argument\n  - HTTP Status Code: 400 Bad Request\n- InvalidBucketName\n  - Description: The specified bucket is not valid.\n  - HTTP Status Code: 400 Bad Request\n- InvalidBucketState\n  - Description: The request is not valid with the current state of the bucket.\n  - HTTP Status Code: 409 Conflict\n- InvalidDigest\n  - Description: The Content-MD5 you specified is not valid.\n  - HTTP Status Code: 400 Bad Request\n- InvalidEncryptionAlgorithmError\n  - Description: The encryption request you specified is not valid. The valid value is AES256.\n  - HTTP Status Code: 400 Bad Request\n- InvalidLocationConstraint\n  - HTTP Status Code: 400 Bad Request\n- InvalidObjectState\n  - Description: The operation is not valid for the current state of the object.\n  - HTTP Status Code: 403 Forbidden\n- InvalidPart\n  - Description: One or more of the specified parts could not be found. The part might not have been uploaded, or the specified entity tag might not have matched the part's entity tag.\n  - HTTP Status Code: 400 Bad Request\n- InvalidPartOrder\n  - Description: The list of parts was not in ascending order. Parts list must be specified in order by part number.\n  - HTTP Status Code: 400 Bad Request\n- InvalidPolicyDocument\n  - Description: The content of the form does not meet the conditions specified in the policy document.\n  - HTTP Status Code: 400 Bad Request\n- InvalidRange\n  - Description: The requested range cannot be satisfied.\n  - HTTP Status Code: 416 Requested Range Not Satisfiable\n- InvalidRequest\n  - Description: Please use `AWS4-HMAC-SHA256`.\n  - HTTP Status Code: 400 Bad Request\n- InvalidSecurity\n  - Description: The provided security credentials are not valid.\n  - HTTP Status Code: 403 Forbidden\n- InvalidTargetBucketForLogging\n  - Description: The target bucket for logging does not exist, is not owned by you, or does not have the appropriate grants for the log-delivery group.\n  - Status Code: 400 Bad Request\n- InvalidURI\n  - Description: Couldn't parse the specified URI.\n  - HTTP Status Code: 400 Bad Request\n- KeyTooLong\n  - Description: Your key is too long.\n  - HTTP Status Code: 400 Bad Request\n- MalformedACLError\n  - Description: The XML you provided was not well-formed or did not validate against our published schema.\n  - HTTP Status Code: 400 Bad Request\n- MalformedPOSTRequest\n  - Description: The body of your POST request is not well-formed multipart/form-data.\n  - HTTP Status Code: 400 Bad Request\n- MalformedXML\n  - Description: This happens when the user sends malformed XML (XML that doesn't conform to the published XSD) for the configuration. The error message is, \"The XML you provided was not well-formed or did not validate against our published schema.\"\n  - HTTP Status Code: 400 Bad Request\n- MaxMessageLengthExceeded\n  - Description: Your request was too big.\n  - HTTP Status Code: 400 Bad Request\n- MaxPostPreDataLengthExceededError\n  - Description: Your POST request fields preceding the upload file were too large.\n  - HTTP Status Code: 400 Bad Request\n- MetadataTooLarge\n  - Description: Your metadata headers exceed the maximum allowed metadata size.\n  - HTTP Status Code: 400 Bad Request\n- MethodNotAllowed\n  - Description: The specified method is not allowed against this resource.\n  - HTTP Status Code: 405 Method Not Allowed\n- MissingContentLength\n  - Description: You must provide the Content-Length HTTP header.\n  - HTTP Status Code: 411 Length Required\n- MissingSecurityHeader\n  - Description: Your request is missing a required header.\n  - HTTP Status Code: 400 Bad Request\n- NoSuchBucket\n  - Description: The specified bucket does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchBucketPolicy\n  - Description: The specified bucket does not have a bucket policy.\n  - HTTP Status Code: 404 Not Found\n- NoSuchKey\n  - Description: The specified key does not exist.\n  - HTTP Status Code:404 Not Found\n- NoSuchLifecycleConfiguration\n  - Description: The lifecycle configuration does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchReplicationConfiguration\n  - Description: The replication configuration does not exist.\n  - HTTP Status Code: 404 Not Found\n- NoSuchUpload\n  - Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed.\n  - HTTP Status Code: 404 Not Found\n- NoSuchVersion\n  - Description: Indicates that the version ID specified in the request does not match an existing version.\n  - HTTP Status Code: 404 Not Found\n- NotImplemented\n  - Description: A header you provided implies functionality that is not implemented.\n  - HTTP Status Code: 501 Not Implemented\n- PermanentRedirect\n  - Description: The bucket you are attempting to access must be addressed using the specified endpoint. Send all future requests to this endpoint.\n  - HTTP Status Code: 301 Moved Permanently\n- PreconditionFailed\n  - Description: At least one of the preconditions you specified did not hold.\n  - HTTP Status Code: 412 Precondition Failed\n- Redirect\n  - Description: Temporary redirect.\n  - HTTP Status Code: 307 Moved Temporarily\n- RestoreAlreadyInProgress\n  - Description: Object restore is already in progress.\n  - HTTP Status Code: 409 Conflict\n- RequestIsNotMultiPartContent\n  - Description: Bucket POST must be of the enclosure-type multipart/form-data.\n  - HTTP Status Code: 400 Bad Request\n- RequestTimeout\n  - Description: Your socket connection to the server was not read from or written to within the timeout period.\n  - HTTP Status Code: 400 Bad Request\n- RequestTimeTooSkewed\n  - Description: The difference between the request time and the server's time is too large.\n  - HTTP Status Code: 403 Forbidden\n- SignatureDoesNotMatch\n  - HTTP Status Code: 403 Forbidden\n- ServiceUnavailable\n  - Description: Reduce your request rate.\n  - HTTP Status Code: 503 Service Unavailable\n- SlowDown\n  - Description: Reduce your request rate.\n  - HTTP Status Code: 503 Slow Down\n- TemporaryRedirect\n  - Description: You are being redirected to the bucket while DNS updates.\n  - HTTP Status Code: 307 Moved Temporarily\n- TooManyBuckets\n  - Description: You have attempted to create more buckets than allowed.\n  - HTTP Status Code: 400 Bad Request\n- UnexpectedContent\n  - Description: This request does not support content.\n  - HTTP Status Code: 400 Bad Request\n- UnresolvableGrantByEmailAddress\n  - Description: The email address you provided does not match any account on record.\n  - HTTP Status Code: 400 Bad Request\n- UserKeyMustBeSpecified\n  - Description: The bucket POST must contain the specified field name. If it is specified, check the order of the fields.\n  - HTTP Status Code: 400 Bad Request\n"},"Message":{"type":"string","description":"Gives a brief English description of the issue."},"RequestId":{"type":"string"},"HostId":{"type":"string"}}}},"xml":{"name":"Error"}},"BucketName":{"description":"The bucket name.","type":"string","minLength":3,"maxLength":63,"xml":{"name":"Name"}}}},"paths":{"/{Bucket}?publicAccessBlock":{"delete":{"tags":["PublicAccessBlock"],"summary":"DeletePublicAccessBlock","operationId":"DeletePublicAccessBlock","description":"Deletes the public access configuration for an object storage bucket.\n\n#### Permissions\nYou must be the contract owner or an administrator to perform this operation. If not, they can grant you permission\nto perform the `s3:DeleteBucketPublicAccessBlock` operation using [Bucket Policy](#tag/Policy/operation/PutBucketPolicy).\n\n#### S3 API Compatibility\n- The `x-amz-expected-bucket-owner` header isn't supported.\n","responses":{"204":{"description":"Successful operation","content":{"application/xml":{}}},"403":{"description":"AccessDenied","headers":{},"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/Error"}}}},"404":{"description":"NoSuchBucket","headers":{},"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/Error"}}}}},"parameters":[{"name":"Bucket","in":"path","required":true,"schema":{"$ref":"#/components/schemas/BucketName"}},{"name":"policy","in":"query","required":true,"schema":{"type":"boolean","enum":[true]},"allowEmptyValue":true}]}}}}
```