awscrt.s3

S3 client

class awscrt.s3.CrossProcessLock(lock_scope_name)

Class representing an exclusive cross-process lock, scoped by lock_scope_name

Recommended usage is to either explicitly call acquire() followed by release() when the lock is no longer required, or use this in a ‘with’ statement.

acquire() will throw a RuntimeError with AWS_MUTEX_CALLER_NOT_OWNER as the error code, if the lock could not be acquired.

If the lock has not been explicitly released when the process exits, it will be released by the operating system.

Keyword Arguments:

lock_scope_name (str) – Unique string identifying the caller holding the lock.

class awscrt.s3.S3RequestType(value)

The type of the AWS S3 request

DEFAULT = 0

Default type, for all S3 request types other than GET_OBJECT/PUT_OBJECT.

GET_OBJECT = 1

Get Object S3 request

PUT_OBJECT = 2

Put Object S3 request

class awscrt.s3.S3RequestTlsMode(value)

TLS mode for S3 request

ENABLED = 0

Enable TLS for S3 request.

DISABLED = 1

Disable TLS for S3 request.

class awscrt.s3.S3ChecksumAlgorithm(value)

Checksum algorithm used to verify object integrity. https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html

CRC32C = 1

CRC32C

CRC32 = 2

CRC32

SHA1 = 3

SHA-1

SHA256 = 4

SHA-256

class awscrt.s3.S3ChecksumLocation(value)

Where to put the checksum.

HEADER = 1

Add checksum as a request header field. The checksum is calculated before any part of the request is sent to the server.

TRAILER = 2

Add checksum as a request trailer field. The checksum is calculated as the body is streamed to the server, then added as a trailer field. This may be more efficient than HEADER, but can only be used with “streaming” requests that support it.

class awscrt.s3.S3ChecksumConfig(algorithm: S3ChecksumAlgorithm | None = None, location: S3ChecksumLocation | None = None, validate_response: bool = False)

Configures how the S3Client calculates and verifies checksums.

algorithm: S3ChecksumAlgorithm | None = None

If set, the S3Client will calculate a checksum using this algorithm and add it to the request. If you set this, you must also set location.

location: S3ChecksumLocation | None = None

Where to put the request checksum.

validate_response: bool = False

Whether to retrieve and validate response checksums.

class awscrt.s3.S3Client(*, bootstrap=None, region, tls_mode=None, signing_config=None, credential_provider=None, tls_connection_options=None, part_size=None, multipart_upload_threshold=None, throughput_target_gbps=None, enable_s3express=False, memory_limit=None, network_interface_names: Sequence[str] | None = None)

S3 client

Keyword Arguments:

• bootstrap (Optional [ClientBootstrap]) – Client bootstrap to use when initiating socket connection. If None is provided, the default singleton is used.

• region (str) – Region that the S3 bucket lives in.

• tls_mode (Optional[S3RequestTlsMode]) –

  How TLS should be used while performing the request

  If this is S3RequestTlsMode.ENABLED:

  If tls_connection_options is set, then those TLS options will be used If tls_connection_options is unset, then default TLS options will be used

  If this is S3RequestTlsMode.DISABLED:

  No TLS options will be used, regardless of tls_connection_options value.

• signing_config (Optional[AwsSigningConfig]) –

  Configuration for signing of the client. Use create_default_s3_signing_config() to create the default config.

  If not set, a default config will be used with anonymous credentials and skip signing the request.

  If set:

  Credentials provider is required. Other configs are all optional, and will be default to what

  needs to sign the request for S3, only overrides when Non-zero/Not-empty is set.

  S3 Client will derive the right config for signing process based on this.

  Notes

  1. For SIGV4_S3EXPRESS, S3 client will use the credentials in the config to derive the S3 Express

     credentials that are used in the signing process.

  2. Client may make modifications to signing config before passing it on to signer.

• credential_provider (Optional[AwsCredentialsProvider]) – Deprecated, prefer signing_config instead. Credentials providers source the AwsCredentials needed to sign an authenticated AWS request. If None is provided, the request will not be signed.

• tls_connection_options (Optional[TlsConnectionOptions]) – Optional TLS Options to be used for each connection, unless tls_mode is S3RequestTlsMode.DISABLED

• part_size (Optional[int]) – Size, in bytes, of parts that files will be downloaded or uploaded in. Note: for S3RequestType.PUT_OBJECT request, client will adjust the part size to meet the service limits. (max number of parts per upload is 10,000, minimum upload part size is 5 MiB)

• multipart_upload_threshold (Optional[int]) – The size threshold in bytes, for when to use multipart uploads. This only affects S3RequestType.PUT_OBJECT request. Uploads over this size will use the multipart upload strategy. Uploads this size or less will use a single request. If not set, maximal of part_size and 5 MiB will be used.

• throughput_target_gbps (Optional[float]) – Throughput target in Gigabits per second (Gbps) that we are trying to reach. You can also use get_recommended_throughput_target_gbps() to get recommended value for your system. 10.0 Gbps by default (may change in future)

• enable_s3express (Optional[bool]) – To enable S3 Express support for the client. The typical usage for a S3 Express request is to set this to true and let the request to be signed with AwsSigningAlgorithm.V4_S3EXPRESS, either from the client-level signing_config or the request-level override.

• memory_limit (Optional[int]) – Memory limit, in bytes, of how much memory client can use for buffering data for requests. Default values scale with target throughput and are currently between 2GiB and 8GiB (may change in future)

• network_interface_names – (Optional[Sequence(str)]) THIS IS AN EXPERIMENTAL AND UNSTABLE API. A sequence of network interface names. The client will distribute the connections across network interfaces. If any interface name is invalid, goes down, or has any issues like network access, you will see connection failures. This option is only supported on Linux, MacOS, and platforms that have either SO_BINDTODEVICE or IP_BOUND_IF. It is not supported on Windows. AWS_ERROR_PLATFORM_NOT_SUPPORTED will be raised on unsupported platforms. On Linux, SO_BINDTODEVICE is used and requires kernel version >= 5.7 or root privileges.

make_request(*, type, request, operation_name=None, recv_filepath=None, send_filepath=None, signing_config=None, credential_provider=None, checksum_config=None, part_size=None, multipart_upload_threshold=None, on_headers=None, on_body=None, on_done=None, on_progress=None)

Create the Request to the the S3 server, GET_OBJECT/PUT_OBJECT requests are split it into multi-part requests under the hood for acceleration.

Keyword Arguments:

• type (S3RequestType) – The type of S3 request passed in, GET_OBJECT/PUT_OBJECT can be accelerated

• request (HttpRequest) – The overall outgoing API request for S3 operation. If the request body is a file, set send_filepath for better performance.

• operation_name (Optional[str]) –

  S3 operation name (e.g. “CreateBucket”). This MUST be set when type is DEFAULT. It is ignored for other types, since the operation is implicitly known. See S3 API documentation for the canonical list of names.

  This name is used to fill out details in metrics and error reports. It also drives some operation-specific behavior. If you pass the wrong name, you risk getting the wrong behavior.

  For example, every operation except “GetObject” has its response checked for error, even if the HTTP status-code was 200 OK (see knowledge center). If you used the DEFAULT type to do GetObject, but mis-named it “Download”, and the object looked like XML with an error code, then the request would fail. You risk logging the full response body, and leaking sensitive data.

• recv_filepath (Optional[str]) – Optional file path. If set, the response body is written directly to a file and the on_body callback is not invoked. This should give better performance than writing to file from the on_body callback.

• send_filepath (Optional[str]) – Optional file path. If set, the request body is read directly from a file and the request’s body_stream is ignored. This should give better performance than reading a file from a stream.

• signing_config (Optional[AwsSigningConfig]) –

  Configuration for signing of the request to override the configuration from client. Use create_default_s3_signing_config() to create the default config.

  If None is provided, the client configuration will be used.

  If set:

  All fields are optional. The credentials will be resolve from client if not set. S3 Client will derive the right config for signing process based on this.

  Notes

  1. For SIGV4_S3EXPRESS, S3 client will use the credentials in the config to derive the S3 Express

     credentials that are used in the signing process.

  2. Client may make modifications to signing config before passing it on to signer.

• credential_provider (Optional[AwsCredentialsProvider]) – Deprecated, prefer signing_config instead. Credentials providers source the AwsCredentials needed to sign an authenticated AWS request, for this request only. If None is provided, the client configuration will be used.

• checksum_config (Optional[S3ChecksumConfig]) – Optional checksum settings.

• part_size (Optional[int]) – Size, in bytes, of parts that files will be downloaded or uploaded in. If not set, the part size configured for the client will be used. Note: for S3RequestType.PUT_OBJECT request, client will adjust the part size to meet the service limits. (max number of parts per upload is 10,000, minimum upload part size is 5 MiB)

• multipart_upload_threshold (Optional[int]) – The size threshold in bytes, for when to use multipart uploads. This only affects S3RequestType.PUT_OBJECT request. Uploads over this size will use the multipart upload strategy. Uploads this size or less will use a single request. If set, this should be at least part_size. If not set, part_size adjusted by client will be used as the threshold. If both part_size and multipart_upload_threshold are not set, the values from aws_s3_client_config are used.

• on_headers –

  Optional callback invoked as the response received, and even the API request has been split into multiple parts, this callback will only be invoked once as it’s just making one API request to S3. The function should take the following arguments and return nothing:

  • status_code (int): Response status code.

  • headers (List[Tuple[str, str]]): Response headers as a list of (name,value) pairs.

  • **kwargs (dict): Forward-compatibility kwargs.

• on_body –

  Optional callback invoked 0+ times as the response body received from S3 server. If simply writing to a file, use recv_filepath instead of on_body for better performance. The function should take the following arguments and return nothing:

  • chunk (buffer): Response body data (not necessarily a whole “chunk” of chunked encoding).

  • offset (int): The offset of the chunk started in the whole body.

  • **kwargs (dict): Forward-compatibility kwargs.

• on_done –

  Optional callback invoked when the request has finished the job. The function should take the following arguments and return nothing:

  • error (Optional[Exception]): None if the request was successfully sent and valid response received, or an Exception if it failed.

  • error_headers (Optional[List[Tuple[str, str]]]): If request failed because server side sent an unsuccessful response, the headers of the response is provided here. Else None will be returned.

  • error_body (Optional[bytes]): If request failed because server side sent an unsuccessful response, the body of the response is provided here. Else None will be returned.

  • error_operation_name (Optional[str]): If request failed because server side sent and unsuccessful response, this is the name of the S3 operation it was responding to. For example, if a PUT_OBJECT fails this could be “PutObject”, “CreateMultipartUpload”, “UploadPart”, “CompleteMultipartUpload”, or others. For DEFAULT, this is the operation_name passed to S3Client.make_request(). This will be None if the request failed for another reason, or the S3 operation name is unknown.

  • status_code (Optional[int]): HTTP response status code (if available). If request failed because server side sent an unsuccessful response, this is its status code. If the operation was successful, this is the final response’s status code. If the operation failed for another reason, None is returned.

  • did_validate_checksum (bool):

    Was the server side checksum compared against a calculated checksum of the response body. This may be false even if S3ChecksumConfig.validate_response was set because the object was uploaded without a checksum, or downloaded differently from how it’s uploaded.

  • checksum_validation_algorithm (Optional[S3ChecksumAlgorithm]): The checksum algorithm used to validate the response.

  • **kwargs (dict): Forward-compatibility kwargs.

• on_progress –

  Optional callback invoked when part of the transfer is done to report the progress. The function should take the following arguments and return nothing:

  • progress (int): Number of bytes of data that just get transferred

  • **kwargs (dict): Forward-compatibility kwargs.

Returns:

S3Request

class awscrt.s3.S3Request(*, client, type, request, operation_name=None, recv_filepath=None, send_filepath=None, signing_config=None, credential_provider=None, checksum_config=None, part_size=None, multipart_upload_threshold=None, on_headers=None, on_body=None, on_done=None, on_progress=None, region=None)

S3 request Create a new S3Request with S3Client.make_request()

finished_future

Future that will resolve when the s3 request has finished successfully. If the error happens, the Future will contain an exception indicating why it failed. Note: Future will set before on_done invoked

Type:

concurrent.futures.Future

shutdown_event

Signals when underlying threads and structures have all finished shutting down. Shutdown begins when the S3Request object is destroyed.

Type:

threading.Event

exception awscrt.s3.S3ResponseError(*, code: int, name: str, message: str, status_code: List[Tuple[str, str]] | None = None, headers: List[Tuple[str, str]] | None = None, body: bytes | None = None, operation_name: str | None = None)

An error response from S3.

Subclasses awscrt.exceptions.AwsCrtError.

status_code

HTTP response status code.

Type:

int

headers

Headers from HTTP response.

Type:

list[tuple[str, str]]

body

Body of HTTP response (if any). This is usually XML. It may be None in the case of a HEAD response.

Type:

Optional[bytes]

operation_name

Name of the S3 operation that failed. For example, if a PUT_OBJECT fails this could be “PutObject”, “CreateMultipartUpload”, “UploadPart”, “CompleteMultipartUpload”, or others. For DEFAULT, this is the operation_name passed to S3Client.make_request().

code

CRT error code.

Type:

int

name

CRT error name.

Type:

str

message

CRT error message.

Type:

str

awscrt.s3.create_default_s3_signing_config(*, region: str, credential_provider: AwsCredentialsProvider, **kwargs)

Create a default AwsSigningConfig for S3 service.

awscrt.s3.region

The region to sign against.

Type:

str

awscrt.s3.credential_provider

Credentials provider to fetch signing credentials with.

Type:

AwsCredentialsProvider

`**kwargs`

Forward compatibility kwargs.

Returns:

AwsSigningConfig

awscrt.s3.get_ec2_instance_type()

First this function will check it’s running on EC2 via. attempting to read DMI info to avoid making IMDS calls.

If the function detects it’s on EC2, and it was able to detect the instance type without a call to IMDS it will return it.

Finally, it will call IMDS and return the instance type from there. Note that in the case of the IMDS call, a new client stack is spun up using 1 background thread. The call is made synchronously with a 1 second timeout: It’s not cheap. To make this easier, the underlying result is cached internally and will be freed when this module is unloaded is called.

Returns:

A string indicating the instance type or None if it could not be determined.

awscrt.s3.is_optimized_for_system()

Returns:

true if the current build of this module has an optimized configuration for the current system.

awscrt.s3.get_optimized_platforms()

Returns:

A list[str] of platform identifiers, such as EC2 instance types, for which S3 client is pre-optimized and have a recommended throughput_target_gbps. You can use get_recommended_throughput_target_gbps() to obtain the recommended throughput_target_gbps for those platforms.

awscrt.s3.get_recommended_throughput_target_gbps() → float | None

Returns:

Recommended throughput, in gigabits per second, based on detected system configuration. If the best throughput configuration is unknown, returns None. Use this as the S3Client’s throughput_target_gbps.