Download OpenAPI specification:Download
The IONOS S3 Object Storage API for contract-owned buckets is a REST-based API that allows developers and applications to interact directly with IONOS' scalable storage solution, leveraging the S3 protocol for object storage operations. Its design ensures seamless compatibility with existing tools and libraries tailored for S3 systems.
Location | Region Name | Bucket Type | Endpoint |
---|---|---|---|
Berlin, Germany | eu-central-3 | Contract-owned | https://s3.eu-central-3.ionoscloud.com |
Lists all the buckets of the contract.
This operation is available for all users of the contract.
<?xml version="1.0" encoding="UTF-8"?> <ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Owner> <ID>31000000</ID> <DisplayName>Some Name</DisplayName> </Owner> <Buckets> <Bucket> <Name>my-bucket-1</Name> <CreationDate>2024-03-10T16:48:19.364Z</CreationDate> </Bucket> <Bucket> <Name>my-bucket-2</Name> <CreationDate>2024-03-13T16:48:38.181Z</CreationDate> </Bucket> </Buckets> </ListAllMyBucketsResult>
Creates a new S3 bucket.
To create a bucket, you must register with IONOS S3 Object Storage and have a valid Access Key ID to authenticate requests.
Not every string is an acceptable bucket name. For information about bucket naming restrictions, see Bucket naming rules.
Buckets are created in the location specified in the endpoint used to make the request.
Once a bucket is created, it can be accessed at that location. Any requests
targeting an existing bucket using an endpoint with an incorrect location will result in a 404 NoSuchkey
.
Any user of the contract is allowed to create a bucket. But further operations with the bucket must be allowed by Bucket Policy which must be set by the contract owner or an administrator.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
x-amz-bucket-object-lock-enabled | boolean Default: false Specifies whether you want S3 Object Lock enabled for the new bucket. After bucket creation, you must apply the Object Lock configuration. |
object The configuration information for the bucket. |
<?xml version="1.0" encoding="UTF-8"?> <CreateBucketConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <LocationConstraint>eu-central-3</LocationConstraint> </CreateBucketConfiguration>
Retrieves metadata and verifies the existence of a specific bucket. This operation checks for the presence of the specified bucket without returning the actual content of the bucket.
Bucket names are globally unique across all users of the service. If the bucket exists and the requester
has permission to access it, the server returns a 200 OK
HTTP status code with no accompanying response body.
If the bucket does not exist or if the requester does not have permission to access it, the server returns a relevant error code:
403 Forbidden
: The requester does not have permission to access the bucket.404 Not Found
: The bucket does not exist.You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:ListBucket
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Deletes the bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:DeleteBucket
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Returns the region the bucket resides in.
This operation is available for all users of the contract.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
location required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?><LocationConstraint xmlns="http://s3.amazonaws.com/doc/2006-03-01/">eu-central-3</LocationConstraint>
Retrieves a partial or complete list (with a maximum of 1000 objects per request) from a specified bucket. The request parameters can serve as selection criteria to filter and return a subset of objects from the bucket.
A 200 OK
response can contain either valid or invalid XML, so it's crucial to construct your application
in such a way that it can correctly parse and handle the response content. In the resulting list, objects
are organized in ascending order according to their key names.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:ListBucket
operation using Bucket Policy.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
list-type required | string Value: "2" |
delimiter | string Example: delimiter=/ A delimiter is a character you use to group keys. |
encoding-type | string Value: "url" Encoding type used by IONOS S3 Object Storage to encode object keys in the response. |
max-keys | integer [ 1 .. 1000 ] Default: 1000 Sets the maximum number of keys returned in the response. By default the operation returns up to 1000 key names. The response might contain fewer keys but will never contain more. |
prefix | string [ 0 .. 1024 ] characters Example: prefix=folder/subfolder/ Limits the response to keys that begin with the specified prefix. |
continuation-token | string ContinuationToken indicates IONOS S3 Object Storage that the list is being continued on this bucket with a token. ContinuationToken is obfuscated and is not a real key. |
fetch-owner | boolean Default: false Enum: false true The owner field is not present in listV2 by default, if you want to return owner field with each key in the result then set the fetch owner field to true. |
start-after | string StartAfter is where you want to start listing from. IONOS S3 Object Storage starts listing after this specified key. StartAfter can be any key in the bucket. |
<?xml version="1.0" encoding="UTF-8"?> <ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Name>my-bucket</Name> <Prefix></Prefix> <MaxKeys>1000</MaxKeys> <IsTruncated>false</IsTruncated> <Contents> <Key>my-image-1.png</Key> <LastModified>2024-02-15T16:43:41.459Z</LastModified> <ETag>"d41d8cd98f00b204e9800998ecf8427e"</ETag> <Size>0</Size> <StorageClass>STANDARD</StorageClass> <Type>Normal</Type> </Contents> <Contents> <Key>my-image-2.png</Key> <LastModified>2024-03-13T15:53:14.199Z</LastModified> <ETag>"994e15aa13aa642f3d82801c8f57b81b"</ETag> <Size>2797180</Size> <StorageClass>STANDARD</StorageClass> <Type>Normal</Type> </Contents> <KeyCount>2</KeyCount> </ListBucketResult>
Returns some or all (up to 1,000) of the objects in a bucket. You can use the request parameters as selection criteria to return a subset of the objects in a bucket. A 200 OK response can contain valid or invalid XML. Be sure to design your application to parse the contents of the response and handle it appropriately.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:ListBucket
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
delimiter | string A delimiter is a character you use to group keys. |
encoding-type | string Value: "url" |
marker | string Marker is where you want IONOS S3 Object Storage to start listing from. IONOS S3 Object Storage starts listing after this specified key. Marker can be any key in the bucket. |
max-keys | integer Sets the maximum number of keys returned in the response. By default the operation returns up to 1,000 key names. The response might contain fewer keys but will never contain more. |
prefix | string Limits the response to keys that begin with the specified prefix. |
MaxKeys | string Pagination limit |
Marker | string Pagination token |
x-amz-request-payer | string Value: "requester" Confirms that the requester knows that she or he will be charged for the list objects request. Bucket owners need not specify this parameter in their requests. |
<?xml version="1.0" encoding="UTF-8"?> <ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Name>my-bucket</Name> <Prefix></Prefix> <MaxKeys>1000</MaxKeys> <IsTruncated>false</IsTruncated> <Contents> <Key>my-image-1.png</Key> <LastModified>2024-02-15T16:43:41.459Z</LastModified> <ETag>"d41d8cd98f00b204e9800998ecf8427e"</ETag> <Size>0</Size> <StorageClass>STANDARD</StorageClass> <Owner> <ID>31000000</ID> <DisplayName>Some Name</DisplayName> </Owner> <Type>Normal</Type> </Contents> <Contents> <Key>my-image-2.png</Key> <LastModified>2024-03-13T15:53:14.199Z</LastModified> <ETag>"994e15aa13aa642f3d82801c8f57b81b"</ETag> <Size>2797180</Size> <StorageClass>STANDARD</StorageClass> <Owner> <ID>31000000</ID> <DisplayName>Some Name</DisplayName> </Owner> <Type>Normal</Type> </Contents> <Marker></Marker> </ListBucketResult>
This API is used to issue a preflight request to the IONOS S3 Object Storage to determine if it can send an actual request with the specific origin, HTTP method, and headers.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Origin required | string Identifies the origin of the cross-origin request to the IONOS S3 Object Storage. |
Access-Control-Request-Method required | string Identifies what HTTP method will be used in the actual request. |
Access-Control-Request-Headers | string A comma-delimited list of HTTP headers that will be sent in the actual request. For example, to put an object with server-side encryption, this preflight request will determine if it can include the `x-amz-server-side-encryption` header with the request. |
Retrieves objects from IONOS S3 Object Storage.
An IONOS S3 Object Storage bucket has no directory hierarchy such as you would find in a typical computer
file system. You can, however, create a logical hierarchy by using object key names that imply a folder structure.
For example, instead of naming an object test.jpg
, you can name it photos/2022/July/test.jpg
.
To get an object from such a logical hierarchy, specify the full key name for the object
in the GET
operation:
photos/2022/July/test.jpg
, specify the resource as
/photos/2022/July/test.jpg
. photos/2022/July/test.jpg
in the bucket named
my-bucket
, specify the resource as /my-bucket/photos/2022/July/test.jpg
.This operation returns an InvalidObjectStateError
error.
If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in IONOS S3 Object Storage, then when you GET the object, you must use the following headers:
You must be the contract owner or an administrator to perform this operation.
If not, they can grant you permission to perform the s3:ListBucket
operation using Bucket Policy.
If the object you request does not exist, the error IONOS S3 Object Storage returns depends
on whether you also have the ListBucket
permission:
ListBucket
permission on the bucket, IONOS S3 Object Storage will
return an HTTP status code 404
.ListBucket
permission, IONOS S3 Object Storage
will return an HTTP status code 403
("Access denied") error.By default, the GET operation returns the current version of an object. To return a different version,
use the versionId
subresource.
GetObjectVersion
permission to access a
specific version of an object.x-amz-delete-marker: true
in the
response.There are times when you want to override certain response header values in a GET
response. For example, you might override the Content-Disposition
response header value in your GET
request.
You can override values for a set of response headers using the following query
parameters. These response header values are sent only on a successful
request, that is, when status code 200 OK
is returned. The set of
headers you can override using these parameters is a subset of the
headers that IONOS S3 Object Storage accepts when you create an object.
The response headers that you can override for the GET response are the following:
Content-Type
Content-Language
Expires
Cache-Control
,Content-Disposition
Content-Encoding
.To override these header values in the GET
response, you use the following request parameters:
partNumber
versionId
response-content-type
response-content-language
response-expires
response-cache-control
response-content-disposition
response-content-encoding
You must sign the request, either using an Authorization header or a presigned URL, when using these parameters. They cannot be used with an unsigned (anonymous) request.
If a Etag value sent in the If-Match
header doesn't match the object's ETag, then the Precondition Failed
error is returned.
If both of the If-Match
and If-Unmodified-Since
headers are present in the request as follows: If-Match
condition evaluates to true
, and; If-Unmodified-Since
condition evaluates to false
; then,
S3 returns 200 OK and the data requested.
If both of the If-None-Match
and If-Modified-Since
headers are present in the request as
follows: If-None-Match
condition evaluates to false
, and; If-Modified-Since
condition
evaluates to true
; then, S3 returns 304 Not Modified
response code.
For more information about conditional requests, see RFC 7232.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Key of the object to get. Possible values: length ≥ 1 |
response-cache-control | string Sets the |
response-content-disposition | string Sets the |
response-content-encoding | string Sets the |
response-content-language | string Sets the |
response-content-type | string Sets the |
response-expires | string <date-time> Sets the |
versionId | string VersionId used to reference a specific version of the object. |
partNumber | integer [ 1 .. 10000 ] Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' GET request for the part specified. Useful for downloading just a part of an object. |
If-Match | string Return the object only if its entity tag (ETag) is the same as the one specified, otherwise return a 412 (precondition failed). |
If-Modified-Since | string <date-time> Return the object only if it has been modified since the specified time, otherwise return a 304 (not modified). |
If-None-Match | string Return the object only if its entity tag (ETag) is different from the one specified, otherwise return a 304 (not modified). |
If-Unmodified-Since | string <date-time> Return the object only if it has not been modified since the specified time, otherwise return a 412 (precondition failed). |
Range | string Downloads the specified range bytes of an object. For more information about the HTTP Range header, see Range. IONOS S3 Object Storage doesn't support retrieving multiple ranges of data per `GET` request. |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when decrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage used to encrypt the data. This value is used to decrypt the object when recovering it and must match the one used when storing the data. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
<?xml version="1.0" encoding="UTF-8"?> <Error> <Code>NoSuchBucket</Code> <Message></Message> <BucketName>my-bucket</BucketName> <RequestId>tx00000de260b1aaeb17b29-006602cf2c-66f989d-eu-central-1</RequestId> <HostId>66f989d-eu-central-1-eu-central-3</HostId> </Error>
The POST operation adds an object to a specified bucket using HTML forms. POST is an alternate form of PUT that enables browser-based uploads of objects into buckets. Parameters passed to PUT via HTTP Headers are instead passed to POST as form fields in the multipart/form-data encoded message body.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Key name of the object to post. |
Cache-Control | string Can be used to specify caching behavior along the request/reply chain. For more information, see Cache-Control. |
Content-Disposition | string Specifies presentational information for the object. For more information, see Content-Disposition. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see Content-Encoding. |
Content-Language | string The language the content is in. |
Content-Length | integer Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see Content-Length. |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
Content-Type | string A standard MIME type describing the format of the contents. For more information, see Content-Type. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. For more information, see Expires. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" IONOS S3 Object Storage uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket: `x-amz-website-redirect-location: /anotherPage.html` In the following example, the request header sets the object redirect to another website: `x-amz-website-redirect-location: http://www.example.com/` |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-server-side-encryption-context | string <password> Specifies the IONOS S3 Object Storage Encryption Context to use for object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs. |
x-amz-server-side-encryption-bucket-key-enabled | boolean Specifies whether IONOS S3 Object Storage should use an S3 Bucket Key for object encryption with server-side encryption. Setting this header to `true` causes IONOS S3 Object Storage to use an S3 Bucket Key for object encryption. Specifying this header with a PUT operation doesn’t affect bucket-level settings for S3 Bucket Key. |
x-amz-request-payer | string Value: "requester" |
x-amz-tagging | string The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1") |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" The Object Lock mode that you want to apply to this object. |
x-amz-object-lock-retain-until-date | string <date-time> The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether a legal hold will be applied to this object. |
Body | string Object data. |
object A map of metadata to store with the object in S3. |
The HEAD operation retrieves metadata from an object without returning the object itself. This operation is useful if you're only interested in an object's metadata. To use HEAD, you must have READ access to the object.
A `HEAD` request has the same options as a `GET` operation on an object. The response is identical to the `GET` response except that there is no response body. Because of this, if the `HEAD` request generates an error, it returns a generic `404 Not Found` or `403 Forbidden` code. It is not possible to retrieve the exact exception beyond these error codes.
If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in IONOS S3 Object Storage, then when you retrieve the metadata from the object, you must use the following headers:
`x-amz-server-side-encryption-customer-algorithm` = `AES256`
`x-amz-server-side-encryption-customer-key`
`x-amz-server-side-encryption-customer-key-MD5`
Encryption request headers, like `x-amz-server-side-encryption`, should not be sent for GET requests if your object uses the server-side encryption with IONOS S3 Object Storage–managed encryption keys (SSE-S3). If your object does use this type of keys, you’ll get an HTTP 400 BadRequest error.
The last modified property in this case is the creation date of the object.
Request headers are limited to 8 KB in size.
Consider the following when using request headers:
Consideration 1 – If both of the `If-Match` and `If-Unmodified-Since` headers are present in the request as follows:
`If-Match` condition evaluates to `true`, and;
`If-Unmodified-Since` condition evaluates to `false`;
Then IONOS S3 Object Storage returns `200 OK` and the data requested.
Consideration 2 – If both of the `If-None-Match` and `If-Modified-Since` headers are present in the request as follows:
`If-None-Match` condition evaluates to `false`, and;
`If-Modified-Since` condition evaluates to `true`;
Then IONOS S3 Object Storage returns the `304 Not Modified` response code.
For more information about conditional requests, see RFC 7232.
Permissions
You need the relevant read object (or version) permission for this operation. If the object you request does not exist, the error IONOS S3 Object Storage returns depends on whether you also have the ListBucket permission.
If you have the `ListBucket` permission on the bucket, IONOS S3 Object Storage returns an HTTP status code 404 ("no such key") error.
If you don’t have the `ListBucket` permission, IONOS S3 Object Storage returns an HTTP status code 403 ("access denied") error.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty The object key. |
versionId | string VersionId used to reference a specific version of the object. |
partNumber | integer Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' HEAD request for the part specified. Useful querying about the size of the part and the number of parts in this object. |
If-Match | string Return the object only if its entity tag (ETag) is the same as the one specified, otherwise return a 412 (precondition failed). |
If-Modified-Since | string <date-time> Return the object only if it has been modified since the specified time, otherwise return a 304 (not modified). |
If-None-Match | string Return the object only if its entity tag (ETag) is different from the one specified, otherwise return a 304 (not modified). |
If-Unmodified-Since | string <date-time> Return the object only if it has not been modified since the specified time, otherwise return a 412 (precondition failed). |
Range | string Downloads the specified range bytes of an object. For more information about the HTTP Range header, see Range. IONOS S3 Object Storage doesn't support retrieving multiple ranges of data per `GET` request. |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
Adds an object to a bucket. You must have WRITE permissions on a bucket to add an object to it.
IONOS S3 Object Storage never adds partial objects; if you receive a success response, IONOS S3 Object Storage added the entire object to the bucket.
IONOS S3 Object Storage is a distributed system. If it receives multiple write requests for the same object simultaneously, it overwrites all but the last object written. IONOS S3 Object Storage does not provide object locking; if you need this, make sure to build it into your application layer or use versioning instead.
To ensure that data is not corrupted traversing the network, use the `Content-MD5` header. When you use this header, IONOS S3 Object Storage checks the object against the provided MD5 value and, if they do not match, returns an error. Additionally, you can calculate the MD5 while putting an object to IONOS S3 Object Storage and compare the returned ETag to the calculated MD5 value.
To successfully complete the `PutObject` request, you must have the `PutObject` in your permissions.
To successfully change the objects acl of your `PutObject` request, you must have the `PutObjectAcl` in your permissions.
The `Content-MD5` header is required for any request to upload an object with a retention period configured using IONOS S3 Object Storage Object Lock .
Versioning
If you enable versioning for a bucket, IONOS S3 Object Storage automatically generates a unique version ID for the object being stored. IONOS S3 Object Storage returns this ID in the response. When you enable versioning for a bucket, if IONOS S3 Object Storage receives multiple write requests for the same object simultaneously, it stores all of the objects.
Server-side Encryption with IONOS S3 managed keys (SSE-S3)
You can optionally request server-side encryption. With server-side encryption, IONOS S3 Object Storage encrypts your data as it writes it to disks in its data centers and decrypts the data when you access it.
Server-side Encryption with customer managed keys (SSE-C)
In order to apply encryption with customer-provided keys (SSE-C) to the uploading object add these headers to the request:NOTE:
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Object key for which the PUT operation was initiated. |
Cache-Control | string Can be used to specify caching behavior along the request/reply chain. For more information, see Cache-Control. |
Content-Disposition | string Specifies presentational information for the object. For more information, see Content-Disposition. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see Content-Encoding. |
Content-Language | string The language the content is in. |
Content-Length | integer Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see Content-Length. |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
Content-Type | string A standard MIME type describing the format of the contents. For more information, see Content-Type. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. For more information, see Expires. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" The valid value is |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket: `x-amz-website-redirect-location: /anotherPage.html` In the following example, the request header sets the object redirect to another website: `x-amz-website-redirect-location: http://www.example.com/` |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object. The valid option is |
x-amz-server-side-encryption-customer-key | string <password> Specifies the 256-bit, base64-encoded encryption key to use to encrypt and decrypt your data. For example, |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. For example, |
x-amz-server-side-encryption-context | string <password> Specifies the IONOS S3 Object Storage Encryption Context to use for object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs. |
x-amz-request-payer | string Value: "requester" |
x-amz-tagging | string The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1") |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" The Object Lock mode that you want to apply to this object. |
x-amz-object-lock-retain-until-date | string <date-time> The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether a legal hold will be applied to this object. |
Body | string Object data. |
object A map of metadata to store with the object in S3. |
PUT /{Bucket}/{Key} HTTP/1.1 Host: s3.eu-central-3.ionoscloud.com Accept: */* Authorization: authorization string Date: Tue, 04 Apr 2023 19:36:53 GMT x-amz-server-side-encryption: AES256
HTTP/1.1 200 OK x-amz-request-id: 9a4f31b7-fed2-1fff-a148-3cecef3849fe date: Tue, 04 Apr 2023 19:36:53 GMT etag: "4f8d2c12500d851ed55fc08df311e868" x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key-MD5: r4C1SZrweqvPoGPMtR6jTA== content-length: 0
Removes the null version (if there is one) of an object and inserts a delete marker, which becomes the latest version of the object. This operation is final - there is no way to recover a deleted object. Data stored in IONOS S3 Object Storage is erasure coded and distributed to multiple individual storage devices in multiple data centers. When data is deleted, various mechanisms exist which prevent recovery or reconstruction of the deleted objects.
Deletion of an object undergoes various stages. First, the metadata is marked to indicate the object is deleted, then, the data is removed. Eventually, deleted metadata is overwritten and the deleted data blocks are overwritten with new data in the course of normal operations. As soon as the metadata is marked deleted, it is not possible to read an object remotely.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Key name of the object to delete. |
versionId | string VersionId used to reference a specific version of the object. |
x-amz-mfa | string The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA Delete enabled. |
x-amz-bypass-governance-retention | boolean Indicates whether S3 Object Lock should bypass Governance-mode restrictions to process this operation. To use this header, you must have the |
Creates a copy of an object that is already stored in IONOS S3 Object Storage.
You can store individual objects of up to 5 TB in IONOS S3 Object Storage. You create a copy of your object up to 5 GB in size in a single atomic operation using this API. However, to copy an object greater than 5 GB, you must use the multipart upload Upload Part - Copy API.
All copy requests must be authenticated. Additionally, you must have read access to the source object and write access to the destination bucket. Both the Region that you want to copy the object from and the Region that you want to copy the object to must be enabled for your account.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty The key of the destination object. |
Cache-Control | string Specifies caching behavior along the request/reply chain. |
Content-Disposition | string Specifies presentational information for the object. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. |
Content-Language | string The language the content is in. |
Content-Type | string A standard MIME type describing the format of the object data. |
x-amz-copy-source required | string\/.+\/.+ Specifies the source object for the copy operation. |
x-amz-copy-source-if-match | string Copies the object if its entity tag (ETag) matches the specified tag. |
x-amz-copy-source-if-modified-since | string <date-time> Copies the object if it has been modified since the specified time. |
x-amz-copy-source-if-none-match | string Copies the object if its entity tag (ETag) is different than the specified ETag. |
x-amz-copy-source-if-unmodified-since | string <date-time> Copies the object if it hasn't been modified since the specified time. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. |
x-amz-metadata-directive | string Enum: "COPY" "REPLACE" Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. |
x-amz-tagging-directive | string Enum: "COPY" "REPLACE" Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" IONOS S3 Object Storage uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. |
x-amz-server-side-encryption-customer-algorithm | string Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-copy-source-server-side-encryption-customer-algorithm | string Specifies the algorithm to use when decrypting the source object (AES256). |
x-amz-copy-source-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created. |
x-amz-copy-source-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-tagging | string The tag-set for the object destination object this value must be used in conjunction with the |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" The Object Lock mode that you want to apply to the copied object. |
x-amz-object-lock-retain-until-date | string <date-time> The date and time when you want the copied object's Object Lock to expire. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether you want to apply a Legal Hold to the copied object. |
object A map of metadata to store with the object in S3. |
This operation enables you to delete multiple objects from a bucket using a single HTTP request. If you know the object keys that you want to delete, then this operation provides a suitable alternative to sending individual delete requests, reducing per-request overhead.
The request contains a list of up to 1000 keys that you want to delete. In the XML, you provide the object key names, and optionally, version IDs if you want to delete a specific version of the object from a versioning-enabled bucket. For each key, IONOS S3 Object Storage performs a delete operation and returns the result of that delete, success, or failure, in the response. Note that if the object specified in the request is not found, IONOS S3 Object Storage returns the result as deleted.
The operation supports two modes for the response: verbose and quiet. By default, the operation uses verbose mode in which the response includes the result of deletion of each key in your request. In quiet mode the response includes only keys where the delete operation encountered an error. For a successful deletion, the operation does not return any information about the delete in the response body.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
delete required | boolean Value: true |
x-amz-mfa | string The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA Delete enabled. |
x-amz-bypass-governance-retention | boolean Specifies whether you want to delete this object even if it has a Governance-type Object Lock in place. To use this header, you must have the |
required | object Container for the objects to delete. |
<Delete xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Object> <Key>folder/object1.zip</Key> </Object> <Object> <Key>folder/object2.zip</Key> </Object> </Delete>
<?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>folder/object1.zip</Key> </Deleted> <Deleted> <Key>folder/object2.zip</Key> </Deleted> </DeleteResult>
Returns the cors configuration information set for the bucket. To use this operation, you must have permission to perform the GetBucketCORS operation. By default, the bucket owner has this permission and can grant it to others.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
cors required | boolean Value: true |
<CORSConfiguration> <CORSRule> <AllowedOrigin>https://www.domain.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>
Sets the `CORS` configuration for your bucket. If the configuration exists, it will be overwritten and replaced.
To use this operation, you must be allowed to perform the `PutBucketCORS` operation. By default, the bucket owner has this permission and can grant it to others.
You set this configuration on a bucket so that the bucket can service cross-origin requests. For example, you might want to enable a request whose origin is `http://www.example.com` to access your IONOS S3 Object Storage bucket at `my.example.bucket.com` by using the browser's `XMLHttpRequest` capability.
To enable cross-origin resource sharing (CORS) on a bucket, you add the `cors` subresource to the bucket. The `cors` subresource is an XML document in which you configure rules that identify origins and the HTTP methods that can be executed on your bucket. The document is limited to 64 KB in size.
When IONOS S3 Object Storage receives a cross-origin request (or a pre-flight OPTIONS request) against a bucket, it evaluates the `cors` configuration on the bucket and uses the first `CORSRule` rule that matches the incoming browser request to enable a cross-origin request. For a rule to match, the following conditions must be met:
The request's `Origin` header must match `AllowedOrigin` elements.
The request method (for example, GET, PUT, HEAD, and so on) or the `Access-Control-Request-Method` header in case of a pre-flight `OPTIONS` request must be one of the `AllowedMethod` elements.
Every header specified in the `Access-Control-Request-Headers` request header of a pre-flight request must match an `AllowedHeader` element.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
cors required | boolean Value: true |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Describes the cross-origin access configuration for objects in an IONOS S3 Object Storage bucket. |
<CORSConfiguration> <CORSRule> <AllowedOrigin>https://www.domain.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>
Deletes the `CORS` configuration information set for the bucket.
To use this operation, you must have permission to perform the `PutBucketCORS` operation. The bucket owner has this permission by default and can grant this permission to others.
#### S3 API Compatibility - The `x-amz-expected-bucket-owner` header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
cors required | boolean Value: true |
Returns the default encryption configuration for the bucket.
In the current version, only the bucket owner is allowed to perform this operation. We currently do not support the use of bucket policies to extend bucket encryption permissions to users other than the bucket owner.
If the bucket does not have a default encryption configuration, GetBucketEncryption returns `404 ServerSideEncryptionConfigurationNotFoundError`.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
encryption required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Rule> <ApplyServerSideEncryptionByDefault> <SSEAlgorithm>AES256</SSEAlgorithm> </ApplyServerSideEncryptionByDefault> </Rule> </ServerSideEncryptionConfiguration>
Sets the AES256 server-side encryption for a bucket with IONOS S3 managed keys (SSE-S3).
With server-side encryption, S3 encrypts a newly uploaded object in the bucket before saving it to disk and decrypts it when you download the object. Encryption doesn't change the way that you access data as an authorized user. It only further protects your data.
In the current version, only the bucket owner is allowed to perform this operation. We do not currently support the use of bucket policies to extend bucket encryption permissions to users other than the bucket owner.
IONOS S3 confirms that your object is stored with SSE-S3 encryption by returning the response header `x-amz-server-side-encryption` for the Object Read operation.
You can also apply encryption with a customer-provided key (SSE-C) to each object at the time of uploading. In this case, SSE-C encryption will override the SSE-S3 encryption.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
encryption required | boolean Value: true |
required | object Specifies the default server-side-encryption configuration. The valid value is AES256. |
<ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Rule> <ApplyServerSideEncryptionByDefault> <SSEAlgorithm>AES256</SSEAlgorithm> </ApplyServerSideEncryptionByDefault> </Rule> </ServerSideEncryptionConfiguration>
This implementation of the DELETE operation removes default encryption from the bucket.
In the current version, only the bucket owner is allowed to perform this operation. We currently do not support the use of bucket policies to extend bucket encryption permissions to users other than the bucket owner.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
encryption required | boolean Value: true |
Returns the lifecycle configuration for the specified S3 bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetLifecycleConfiguration
operation using Bucket Policy.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
lifecycle required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <LifecycleConfiguration> <Rule> <ID>Delete logs after 30 days with size between 104857600 and 1073741824 bytes</ID> <Filter> <ObjectSizeGreaterThan>104857600</ObjectSizeGreaterThan> <ObjectSizeLessThan>1073741824</ObjectSizeLessThan> <Prefix>logs/</Prefix> </Filter> <Status>Enabled</Status> <Expiration> <Days>30</Days> </Expiration> </Rule> <Rule> <ID>Delete objects 60 days after becoming non-current for bucket with Versioning enabled</ID> <Filter> <Prefix>temp/</Prefix> </Filter> <Status>Enabled</Status> <NoncurrentVersionExpiration> <NoncurrentDays>60</NoncurrentDays> </NoncurrentVersionExpiration> </Rule> <Rule> <ID>Remove incomplete multipart uploads after 5 days</ID> <Filter> <Prefix /> </Filter> <Status>Enabled</Status> <AbortIncompleteMultipartUpload> <DaysAfterInitiation>5</DaysAfterInitiation> </AbortIncompleteMultipartUpload> </Rule> </LifecycleConfiguration>
Creates a new lifecycle configuration for a specified bucket, or replaces an existing configuration.
This lifecycle configuration allows automatic management of the objects within the bucket. Typical actions can include the deletion of objects after a certain period or deletion of non-current versions of objects.You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutLifecycleConfiguration
operation using Bucket Policy.
NewerNoncurrentVersions
setting is not supported for the NoncurrentVersionExpiration
option.Transition
and the NoncurrentVersionTransition
options are omitted as only the STANDARD
storage class is currenly supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
lifecycle required | boolean Value: true |
Content-MD5 required | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object Container for lifecycle rules. You can add as many as 1000 rules. |
<?xml version="1.0" encoding="UTF-8"?> <LifecycleConfiguration> <Rule> <ID>Delete logs after 30 days with size between 104857600 and 1073741824 bytes</ID> <Filter> <ObjectSizeGreaterThan>104857600</ObjectSizeGreaterThan> <ObjectSizeLessThan>1073741824</ObjectSizeLessThan> <Prefix>logs/</Prefix> </Filter> <Status>Enabled</Status> <Expiration> <Days>30</Days> </Expiration> </Rule> <Rule> <ID>Delete objects 60 days after becoming non-current for bucket with Versioning enabled</ID> <Filter> <Prefix>temp/</Prefix> </Filter> <Status>Enabled</Status> <NoncurrentVersionExpiration> <NoncurrentDays>60</NoncurrentDays> </NoncurrentVersionExpiration> </Rule> <Rule> <ID>Remove incomplete multipart uploads after 5 days</ID> <Filter> <Prefix /> </Filter> <Status>Enabled</Status> <AbortIncompleteMultipartUpload> <DaysAfterInitiation>5</DaysAfterInitiation> </AbortIncompleteMultipartUpload> </Rule> </LifecycleConfiguration>
Deletes the lifecycle configuration from the specified bucket. As a result, objects within the bucket will neither expire nor be automatically deleted based on any rules from the deleted configuration.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutLifecycleConfiguration
operation using Bucket Policy.
Note: A brief delay may occur before the lifecycle configuration deletion is fully propagated across all IONOS S3 Object Storage systems. During this time, lifecycle rules may remain temporarily active.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
lifecycle required | boolean Value: true |
Retrieves the Object Lock configuration for a bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetBucketObjectLockConfiguration
operation using Bucket Policy.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
object-lock required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ObjectLockConfiguration> <ObjectLockEnabled>Enabled</ObjectLockEnabled> <Rule> <DefaultRetention> <Mode>GOVERNANCE</Mode> <Days>10</Days> </DefaultRetention> </Rule> </ObjectLockConfiguration>
Applies an Object Lock configuration on the specified bucket, which requires the Object Lock feature to have been enabled during its creation. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket.
Note:
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutBucketObjectLockConfiguration
operation using Bucket Policy.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
object-lock required | boolean Value: true |
Content-MD5 required | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object A container for an object lock configuration. |
<?xml version="1.0" encoding="UTF-8"?> <ObjectLockConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <ObjectLockEnabled>Enabled</ObjectLockEnabled> <Rule> <DefaultRetention> <Mode>GOVERNANCE</Mode> <Days>15</Days> </DefaultRetention> </Rule> </ObjectLockConfiguration>
Retrieves an object's retention configuration.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetObjectRetention
operation using Bucket Policy.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty The key name of the object whose retention settings you want to retrieve. |
retention required | boolean Value: true |
versionId | string The version ID of the object whose retention settings you want to retrieve. |
<?xml version="1.0" encoding="UTF-8"?> <Retention xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Mode>GOVERNANCE</Mode> <RetainUntilDate>2023-08-09T09:01:01Z</RetainUntilDate> </Retention>
Places an Object Retention configuration on an object.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutObjectRetention
operation using Bucket Policy.
Bypassing a Governance Retention configuration also requires the s3:BypassGovernanceRetention
permission.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty The key name of the object to which you want to apply the Object Retention configuration. |
retention required | boolean Value: true |
versionId | string The version ID of the object to which you want to apply the Object Retention configuration. |
x-amz-bypass-governance-retention | boolean Default: false Indicates whether this operation should bypass Governance mode's restrictions. |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object A Retention configuration for an object. |
<?xml version="1.0" encoding="UTF-8"?> <Retention xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Mode>GOVERNANCE</Mode> <RetainUntilDate>2023-08-10T09:01:01Z</RetainUntilDate> </Retention>
null
Gets an object's current Legal Hold status.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetObjectLegalHold
operation using Bucket Policy.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty The key name of the object whose Legal Hold status you want to retrieve. |
legal-hold required | boolean Value: true |
versionId | string The version ID of the object whose Legal Hold status you want to retrieve. |
<?xml version="1.0" encoding="UTF-8"?> <LegalHold xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Status>ON</Status> </LegalHold>
Applies a Legal Hold configuration to the specified object.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutObjectLegalHold
operation using Bucket Policy.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty The key name of the object on which you want to place a Legal Hold. |
legal-hold required | boolean Value: true |
versionId | string The version ID of the object on which you want to place a Legal Hold. |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object Legal Hold configuration for an object. |
<?xml version="1.0" encoding="UTF-8"?> <LegalHold xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Status>ON</Status> </LegalHold>
null
Returns the policy of a specified bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetBucketPolicy
operation using Bucket Policy.
Note: The bucket owner can always perform this operation, even if the policy explicitly denies access to it.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
policy required | boolean Value: true |
{- "Id": "Delegate certain actions to another user",
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "Delegate certain actions to another user",
- "Action": [
- "s3:ListBucket",
- "s3:PutObject",
- "s3:GetObject"
], - "Effect": "Allow",
- "Resource": [
- "arn:aws:s3:::my-bucket",
- "arn:aws:s3:::my-bucket/*"
], - "Condition": {
- "IpAddress": {
- "aws:SourceIp": [
- "123.123.123.123/32",
- "199.199.199.199/32"
]
}
}, - "Principal": {
- "AWS": "arn:aws:iam:::user/31000000:9acd8251-2857-410e-b1fd-ca86462bdcec"
}
}
]
}
Applies a bucket policy to a bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutBucketPolicy
operation using Bucket Policy.
Note: The bucket owner can always perform this operation, even if the policy explicitly denies access to it.
x-amz-expected-bucket-owner
header isn't supported.x-amz-confirm-remove-self-bucket-access
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
policy required | boolean Value: true |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
Id | string Specifies an optional identifier for the policy. |
Version | string Value: "2012-10-17" Policy version |
required | Array of objects |
{- "Id": "Delegate certain actions to another user",
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "Delegate certain actions to another user",
- "Action": [
- "s3:ListBucket",
- "s3:PutObject",
- "s3:GetObject"
], - "Effect": "Allow",
- "Resource": [
- "arn:aws:s3:::my-bucket",
- "arn:aws:s3:::my-bucket/*"
], - "Condition": {
- "IpAddress": {
- "aws:SourceIp": [
- "123.123.123.123/32"
]
}
}, - "Principal": {
- "AWS": "arn:aws:iam:::user/31000000:9acd8251-2857-410e-b1fd-ca86462bdcec"
}
}
]
}
null
Deletes the policy of a specified bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:DeleteBucketPolicy
operation using Bucket Policy.
Note: The bucket owner can always perform this operation, even if the policy explicitly denies access to it.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
policy required | boolean Value: true |
null
Retrieves the policy status of a bucket, indicating whether the bucket is public.
IONOS S3 Object Storage considers a bucket policy to be "public" if any statement in the policy is public.
A statement is considered public if the Effect
is Allow
and the Principal
has a wildcard -- unless there
is an IpAddress:{aws:SourceIp}
condition associated with the statement that restricts the requesting
source IP to one or more specified IP addresses.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetBucketPolicyStatus
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
policyStatus required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <PolicyStatus xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <IsPublic>true</IsPublic> </PolicyStatus>
Retrieves the public access configuration for a bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetBucketPublicAccessBlock
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
policy required | boolean Value: true |
"<?xml version=\"1.0\" encoding=\"UTF-8\"?> <BlockPublicAccessBlockConfiguration> <BlockPublicAcls>true</BlockPublicAcls> <IgnorePublicAcls>true</IgnorePublicAcls> <BlockPublicPolicy>false</BlockPublicPolicy> <RestrictPublicBuckets>true</RestrictPublicBuckets> </BlockPublicAccessBlockConfiguration>"
Blocks public access to an S3 bucket based on the specified parameters.
This operation modifies the bucket's settings to either prevent public access entirely or impose restrictions based on specific conditions.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutBucketPublicAccessBlock
operation using Bucket Policy.
Note: The bucket owner can always perform this operation, even if the policy explicitly denies access to it.
x-amz-expected-bucket-owner
header isn't supported.x-amz-confirm-remove-self-bucket-access
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
policy required | boolean Value: true |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
BlockPublicAcls | boolean Default: false Indicates that access to the bucket via Access Control Lists (ACLs) that grant public access is blocked. In other words, ACLs that allow public access are not permitted. |
IgnorePublicAcls | boolean Default: false Instructs the system to ignore any ACLs that grant public access. Even if ACLs are set to allow public access, they will be disregarded. |
BlockPublicPolicy | boolean Default: false Blocks public access to the bucket via bucket policies. Bucket policies that grant public access will not be allowed. |
RestrictPublicBuckets | boolean Default: false Restricts access to buckets that have public policies. Buckets with policies that grant public access will have their access restricted. |
<?xml version="1.0" encoding="UTF-8"?> <PublicAccessBlockConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <BlockPublicAcls>true</BlockPublicAcls> <IgnorePublicAcls>true</IgnorePublicAcls> <BlockPublicPolicy>true</BlockPublicPolicy> <RestrictPublicBuckets>true</RestrictPublicBuckets> </PublicAccessBlockConfiguration>
null
Deletes the public access configuration for an S3 bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:DeleteBucketPublicAccessBlock
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
policy required | boolean Value: true |
null
Returns the replication configuration of a bucket.
The replication configuration may take a while to propagate to all IONOS S3 Object Storage systems. For example, when you apply a new configuration with a PUT request or delete a configuration using a DELETE request. Similarly, a GET request may retrieve the previous state of the configuration, or it may still exist if you use a DELETE request.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetBucketReplication
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
replication required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ReplicationConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Role>this field is ignored</Role> <Rule> <ID>My rule for replication</ID> <Status>Enabled</Status> <Prefix></Prefix> <Destination> <Bucket>arn:aws:s3:::my-destination-bucket</Bucket> </Destination> </Rule> </ReplicationConfiguration>
Returns the tag set associated with the bucket.
To use this operation, you must have permission to perform the `GetBucketTagging` operation. By default, the bucket owner has this permission and can grant this permission to others.
`GetBucketTagging` has the following special error:
Error code: `NoSuchTagSetError`
Description: There is no tag set associated with the bucket.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
tagging required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
Sets the tags for a bucket.
When this operation sets the tags for a bucket, it will overwrite any current tags the bucket already has. You cannot use this operation to add tags to an existing list of tags.
To use this operation, you must have permissions to perform the `PutBucketTagging` operation. The bucket owner has this permission by default and can grant this permission to others.
`PutBucketTagging` has the following special errors:
Error code: `InvalidTagError`
Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation.
Error code: `MalformedXMLError`
Description: The XML provided does not match the schema.
Error code: `OperationAbortedError `
Description: A conflicting conditional operation is currently in progress against this resource. Please try again.
Error code: `InternalError`
Description: The service was unable to apply the provided tag to the bucket.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
tagging required | boolean Value: true |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Container for |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
Deletes the tags from the bucket.
To use this operation, you must have permission to perform the `PutBucketTagging` operation. By default, the bucket owner has this permission and can grant this permission to others.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
tagging required | boolean Value: true |
Returns the tag-set of an object. You send the GET request against the tagging subresource associated with the object.
To use this operation, you must have permission to perform the `GetObjectTagging` operation. By default, the GET operation returns information about current version of an object. For a versioned bucket, you can have multiple versions of an object in your bucket. To retrieve tags of any other version, use the versionId query parameter. You also need permission for the `GetObjectVersionTagging` operation.
By default, the bucket owner has this permission and can grant this permission to others.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Object key for which to get the tagging information. |
versionId | string The versionId of the object for which to get the tagging information. |
tagging required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
Sets the supplied tag-set to an object that already exists in a bucket.
A tag is a key-value pair. You can associate tags with an object by sending a PUT request against the tagging subresource that is associated with the object. You can retrieve tags by sending a GET request.
Note that IONOS S3 Object Storage limits the maximum number of tags to 10 tags per object.
To use this operation, you must have permission to perform the `PutObjectTagging` operation. By default, the bucket owner has this permission and can grant this permission to others.
To put tags of any other version, use the `versionId` query parameter. You also need permission for the `PutObjectVersionTagging` operation.
Special Errors
Code: InvalidTagError
Cause: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation.
Code: MalformedXMLError
Cause: The XML provided does not match the schema.
Code: OperationAbortedError
Cause: A conflicting conditional operation is currently in progress against this resource. Please try again.
Code: InternalError
Cause: The service was unable to apply the provided tag to the object.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Name of the object key. |
versionId | string The versionId of the object that the tag-set will be added to. |
tagging required | boolean Value: true |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Container for |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
Removes the entire tag set from the specified object.
To use this operation, you must have permission to perform the `DeleteObjectTagging` operation.
To delete tags of a specific object version, add the `versionId` query parameter in the request. You will need permission for the `DeleteObjectVersionTagging` operation.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty The key that identifies the object in the bucket from which to remove all tags. |
versionId | string The versionId of the object that the tag-set will be removed from. |
tagging required | boolean Value: true |
This operation initiates a multipart upload and returns an upload ID. This upload ID is used to associate all of the parts in the specific multipart upload. You specify this upload ID in each of your subsequent upload part requests. You also include this upload ID in the final request to either complete or abort the multipart upload request.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Object key for which the multipart upload is to be initiated. |
uploads required | boolean Value: true |
Cache-Control | string Specifies caching behavior along the request/reply chain. |
Content-Disposition | string Specifies presentational information for the object. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. |
Content-Type | string A standard MIME type describing the format of the object data. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" IONOS S3 Object Storage uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. |
x-amz-server-side-encryption-customer-algorithm | string Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" Specifies the Object Lock mode that you want to apply to the uploaded object. |
x-amz-object-lock-retain-until-date | string <date-time> Specifies the date and time when you want the Object Lock to expire. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether you want to apply a Legal Hold to the uploaded object. |
x-amz-meta- | string A map of metadata to store with the object in S3. |
<?xml version="1.0" encoding="UTF-8"?> <InitiateMultipartUploadResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Bucket>my-bucket</Bucket> <Key>video.mp4</Key> <UploadId>M2ZiOTBhODgxNDE2OTM0MDU0NzQwNjQ</UploadId> </InitiateMultipartUploadResult>
Completes a multipart upload by assembling previously uploaded parts.
After successfully uploading all relevant parts of an upload, you call this operation to complete the upload. When IONOS S3 Object Storage receives this request, it concatenates all the parts in ascending order by part number to create a new object. The parts list must be included in the Complete Multipart Upload request. You must ensure that the parts list is complete. This operation concatenates the parts that you provide in the list. For each part in the list, you must provide the part number and the `ETag` value, returned after that part was uploaded.
A Complete Multipart Upload request could take several minutes to process. After IONOS S3 Object Storage begins processing the request, it sends an HTTP response header indicating a 200 OK response. While processing is in progress, IONOS S3 Object Storage sends white space characters on a regular basis to keep the connection from timing out. Because a request may fail after receiving the initial 200 OK response, it is advisable to check the response body to establish whether the request was successful.
`CompleteMultipartUpload` has the following special errors:
Error code: `EntityTooSmall`
Description: Your proposed upload is smaller than the minimum allowed object size. Each part must be at least 5 MB in size, except the last part.
400 Bad Request
Error code: `InvalidPart`
Description: One or more of the specified parts could not be found. The part might not have been uploaded, or the specified entity tag might not have matched the part's entity tag.
400 Bad Request
Error code: `InvalidPartOrder`
Description: The list of parts was not in ascending order. The parts list must be specified in order by part number.
400 Bad Request
Error code: `NoSuchUpload`
Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed.
404 Not Found
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
uploadId required | string ID for the initiated multipart upload. |
object The container for the completed multipart upload details. |
<CompleteMultipartUpload> <Part> <PartNumber>1</PartNumber> <ETag>"e5f418115de697af0d466b971e24f3ef"</ETag> </Part> <Part> <PartNumber>2</PartNumber> <ETag>"b14f0bc5827d7168afc8b4c1ef3b7899"</ETag> </Part> <Part> <PartNumber>3</PartNumber> <ETag>"c597dd54bd9338b1f1814a3813bd731d"</ETag> </Part> </CompleteMultipartUpload>
<?xml version="1.0" encoding="UTF-8"?> <CompleteMultipartUploadResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Location>my-bucket/video.mp4</Location> <Bucket>my-bucket</Bucket> <Key>video.mp4</Key> <ETag>"afc02e5be55ba0d2336909c1567dbcf9-3"</ETag> </CompleteMultipartUploadResult>
Lists the parts that have been uploaded for a specific multipart upload. This operation must include the upload ID, which you obtain by sending the initiate multipart upload request. This request returns a maximum of 1,000 uploaded parts. The default number of parts returned is 1,000 parts. You can restrict the number of parts returned by specifying the `max-parts` request parameter. If your multipart upload consists of more than 1,000 parts, the response returns an `IsTruncated` field with the value of true, and a `NextPartNumberMarker` element. In subsequent `ListParts` requests you can include the part-number-marker query string parameter and set its value to the `NextPartNumberMarker` field value from the previous response.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
max-parts | integer Sets the maximum number of parts to return. |
part-number-marker | integer Specifies the part after which listing should begin. Only parts with higher part numbers will be listed. |
uploadId required | string Upload ID identifying the multipart upload whose parts are being listed. |
PartNumberMarker | string Pagination token |
<?xml version="1.0" encoding="UTF-8"?> <ListPartsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Bucket>my-bucket</Bucket> <Key>mytext.txt</Key> <UploadId>M2Y1YjZhODgwODE2OTM0MTE0NzU3MjM</UploadId> <Initiator> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> <DisplayName></DisplayName> </Initiator> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> <DisplayName></DisplayName> </Owner> <StorageClass>STANDARD</StorageClass> <PartNumberMarker>0</PartNumberMarker> <MaxParts>4</MaxParts> <IsTruncated>false</IsTruncated> <Part> <PartNumber>1</PartNumber> <LastModified>2023-08-30T16:04:35.723Z</LastModified> <ETag>"e5f418115de697af0d466b971e24f3ef"</ETag> <Size>37</Size> </Part> <Part> <PartNumber>2</PartNumber> <LastModified>2023-08-30T16:04:35.723Z</LastModified> <ETag>"b14f0bc5827d7168afc8b4c1ef3b7899"</ETag> <Size>81</Size> </Part> <Part> <PartNumber>3</PartNumber> <LastModified>2023-08-30T16:04:35.723Z</LastModified> <ETag>"c597dd54bd9338b1f1814a3813bd731d"</ETag> <Size>33</Size> </Part> </ListPartsResult>
Uploads a part in a multipart upload.
In this operation, you provide part data in your request. However, you have an option to specify your existing IONOS S3 Object Storage object as a data source for the part you are uploading. To upload a part from an existing object, you use the `UploadPartCopy` operation.
You must initiate a multipart upload (see `CreateMultipartUpload`) before you can upload any part. In response to your initiate request, IONOS S3 Object Storage returns an upload ID, a unique identifier, that you must include in your upload part request.
Part numbers can be any number from 1 to 10,000, inclusive. A part number uniquely identifies a part and also defines its position within the object being created. If you upload a new part using the same part number that was used with a previous part, the previously uploaded part is overwritten. Each part must be at least 5 MB in size, except the last part. There is no size limit on the last part of your multipart upload.
To ensure that data is not corrupted when traversing the network, specify the `Content-MD5` header in the upload part request. IONOS S3 Object Storage checks the part data against the provided MD5 value. If they do not match, IONOS S3 Object Storage returns an error.
If the upload request is signed with Signature Version 4, then IONOS S3 Object Storage S3 uses the `x-amz-content-sha256` header as a checksum instead of `Content-MD5`.
Note: After you initiate multipart upload and upload one or more parts, you must either complete or abort multipart upload in order to stop getting charged for storage of the uploaded parts. Only after you either complete or abort multipart upload, IONOS S3 Object Storage frees up the parts storage and stops charging you for the parts storage.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
partNumber required | integer Part number of part being uploaded. This is a positive integer between 1 and 10,000. |
uploadId required | string Upload ID identifying the multipart upload whose part is being uploaded. |
Content-Length | integer Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
Body | string Object data. |
This operation aborts a multipart upload. After a multipart upload is aborted, no additional parts can be uploaded using that upload ID. The storage consumed by any previously uploaded parts will be freed. However, if any part uploads are currently in progress, those part uploads might or might not succeed. As a result, it might be necessary to abort a given multipart upload multiple times in order to completely free all storage consumed by all parts.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Key of the object for which the multipart upload was initiated. Possible values: length ≥ 1 |
uploadId required | string Upload ID that identifies the multipart upload. |
This operation lists in-progress multipart uploads. An in-progress multipart upload is a multipart upload that has been initiated using the Initiate Multipart Upload request, but has not yet been completed or aborted.
This operation returns at most 1,000 multipart uploads in the response. 1,000 multipart uploads is the maximum number of uploads a response can include, which is also the default value. You can further limit the number of uploads in a response by specifying the `max-uploads` parameter in the response. If additional multipart uploads satisfy the list criteria, the response will contain an `IsTruncated` element with the value true. To list the additional multipart uploads, use the `key-marker` and `upload-id-marker` request parameters.
In the response, the uploads are sorted by key. If your application has initiated more than one multipart upload using the same object key, then uploads in the response are first sorted by key. Additionally, uploads are sorted in ascending order within each key by the upload initiation time.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
delimiter | string Character you use to group keys. All keys that contain the same string between the prefix, if specified, and the first occurrence of the delimiter after the prefix are grouped under a single result element, `CommonPrefixes`. If you don't specify the prefix parameter, then the substring starts at the beginning of the key. The keys that are grouped under `CommonPrefixes` result element are not returned elsewhere in the response. |
encoding-type | string Value: "url" |
key-marker | string Together with upload-id-marker, this parameter specifies the multipart upload after which listing should begin. If `upload-id-marker` is not specified, only the keys lexicographically greater than the specified `key-marker` will be included in the list. If `upload-id-marker` is specified, any multipart uploads for a key equal to the `key-marker` might also be included, provided those multipart uploads have upload IDs lexicographically greater than the specified `upload-id-marker`. |
max-uploads | integer Sets the maximum number of multipart uploads, from 1 to 1,000, to return in the response body. 1,000 is the maximum number of uploads that can be returned in a response. |
prefix | string Lists in-progress uploads only for those keys that begin with the specified prefix. You can use prefixes to separate a bucket into different grouping of keys. (You can think of using prefix to make groups in the same way you'd use a folder in a file system.) |
upload-id-marker | string Together with key-marker, specifies the multipart upload after which listing should begin. If key-marker is not specified, the upload-id-marker parameter is ignored. Otherwise, any multipart uploads for a key equal to the key-marker might be included in the list only if they have an upload ID lexicographically greater than the specified |
MaxUploads | string Pagination limit |
KeyMarker | string Pagination token |
UploadIdMarker | string Pagination token |
uploads required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ListMultipartUploadsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Bucket>my-bucket</Bucket> <KeyMarker/> <UploadIdMarker/> <NextKeyMarker/> <NextUploadIdMarker/> <MaxUploads>1000</MaxUploads> <IsTruncated>false</IsTruncated> <Upload> <Key>video.mp4</Key> <UploadId>M2ZiOTBhODgxNDE2OTM0MDU0NzQwNjQ</UploadId> <Initiator> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> <DisplayName></DisplayName> </Initiator> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> <DisplayName></DisplayName> </Owner> <StorageClass>STANDARD</StorageClass> <Initiated>2023-08-30T14:24:34.064Z</Initiated> </Upload> </ListMultipartUploadsResult>
Uploads a part by copying data from an existing object as data source. You specify the data source by adding the request header `x-amz-copy-source` in your request and a byte range by adding the request header `x-amz-copy-source-range` in your request.
The minimum allowable part size for a multipart upload is 5 MB.
Instead of using an existing object as part data, you might use the `UploadPart` operation and provide data in your request.
You must initiate a multipart upload before you can upload any part. In response to your initiate request. IONOS S3 Object Storage returns a unique identifier, the upload ID, that you must include in your upload part request.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
partNumber required | integer Part number of part being copied. This is a positive integer between 1 and 10,000. |
uploadId required | string Upload ID identifying the multipart upload whose part is being copied. |
x-amz-copy-source required | string\/.+\/.+ Specifies the source object for the copy operation. |
x-amz-copy-source-if-match | string Copies the object if its entity tag (ETag) matches the specified tag. |
x-amz-copy-source-if-modified-since | string <date-time> Copies the object if it has been modified since the specified time. |
x-amz-copy-source-if-none-match | string Copies the object if its entity tag (ETag) is different than the specified ETag. |
x-amz-copy-source-if-unmodified-since | string <date-time> Copies the object if it hasn't been modified since the specified time. |
x-amz-copy-source-range | string The range of bytes to copy from the source object. The range value must use the form bytes=first-last, where the first and last are the zero-based byte offsets to copy. For example, bytes=0-9 indicates that you want to copy the first 10 bytes of the source. You can copy a range only if the source object is greater than 5 MB. |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
Returns metadata about all versions of the objects in a bucket. You can also use request parameters as selection criteria to return metadata about a subset of all the object versions.
To use this operation, you must have permissions to perform the `ListBucketVersions` operation. Be aware of the name difference.
A 200 OK response can contain valid or invalid XML. Make sure to design your application to parse the contents of the response and handle it appropriately.
To use this operation, you must have READ access to the bucket.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
delimiter | string A delimiter is a character that you specify to group keys. All keys that contain the same string between the |
encoding-type | string Value: "url" |
key-marker | string Specifies the key to start with when listing objects in a bucket. |
max-keys | integer Sets the maximum number of keys returned in the response. By default the operation returns up to 1,000 key names. The response might contain fewer keys but will never contain more. If additional keys satisfy the search criteria, but were not returned because max-keys was exceeded, the response contains <isTruncated>true</isTruncated>. To return the additional keys, see key-marker and version-id-marker. |
prefix | string Use this parameter to select only those keys that begin with the specified prefix. You can use prefixes to separate a bucket into different groupings of keys. (You can think of using prefix to make groups in the same way you'd use a folder in a file system.) You can use prefix with delimiter to roll up numerous objects into a single result under CommonPrefixes. |
version-id-marker | string Specifies the object version you want to start listing from. |
MaxKeys | string Pagination limit |
KeyMarker | string Pagination token |
VersionIdMarker | string Pagination token |
versions required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ListVersionsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Name>my-bucket</Name> <Prefix/> <KeyMarker/> <VersionIdMarker/> <MaxKeys>1000</MaxKeys> <IsTruncated>false</IsTruncated> <DeleteMarker> <Key>object-1.zip</Key> <VersionId>fe11db05-dc03-a0cf-94b0-3cecef38a474</VersionId> <IsLatest>true</IsLatest> <LastModified>2023-07-17T23:32:05.923Z</LastModified> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> </Owner> </DeleteMarker> <Version> <Key>object-1.zip</Key> <VersionId>null</VersionId> <IsLatest>false</IsLatest> <LastModified>2023-02-20T16:24:08.841Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>3</Size> <ETag>"698d51a19d8a121ce581499d7b701668"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </Version> <DeleteMarker> <Key>index.html</Key> <VersionId>fe11d973-96c2-558f-9f29-3cecef38a77e</VersionId> <IsLatest>true</IsLatest> <LastModified>2023-07-19T23:31:39.799Z</LastModified> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </DeleteMarker> <Version> <Key>index.html</Key> <VersionId>fe11de8c-e25b-ccbf-8f45-3cecef38a472</VersionId> <IsLatest>false</IsLatest> <LastModified>2023-07-13T11:47:59.732Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>3284412</Size> <ETag>"3228a3a58d8e13a2e83f6e19e8d540eb"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </Version> </ListVersionsResult>
Returns the versioning state of a bucket.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:GetBucketVersioning
operation using Bucket Policy.
x-amz-expected-bucket-owner
header isn't supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
versioning required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <VersioningConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Status>Enabled</Status> </VersioningConfiguration>
Configures the versioning state of an S3 bucket. Versioning allows keeping multiple variants of an object in the same bucket.
The versioning state can be one of the following:
Enabled
: Activates versioning for the bucket. All objects added receive a unique version ID.Suspended
: Deactivates versioning. New objects get a null version ID. However, previously created version IDs persist.With Versioning, a bucket maintains one current version of an object and potentially multiple noncurrent (previous) versions, requiring additional management to handle noncurrent object version deletions using a Lifecycle Configuration.
You must be the contract owner or an administrator to perform this operation. If not, they can grant you permission
to perform the s3:PutBucketVersioning
operation using Bucket Policy.
x-amz-mfa
header is not supported.MfaDelete
setting is ignored in the PUT request.Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
versioning required | boolean Value: true |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Describes the versioning state of the bucket. |
<?xml version="1.0" encoding="UTF-8"?> <VersioningConfiguration> <Status>Enabled</Status> <MfaDelete>Disabled</MfaDelete> </VersioningConfiguration>
Returns the website configuration for a bucket.
This GET operation requires the `GetBucketWebsite` permission. By default, only the bucket owner can read the bucket website configuration. However, bucket owners can allow other users to read the website configuration by writing a bucket policy granting them the `GetBucketWebsite` permission.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
website required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <WebsiteConfiguration xmlns="xmlns='http://s3.amazonaws.com/doc/2006-03-01/'"> <IndexDocument> <Suffix>index.html</Suffix> </IndexDocument> <ErrorDocument> <Key>error.html</Key> </ErrorDocument> </WebsiteConfiguration>
Sets the configuration of the website that is specified in the `website` subresource. To configure a bucket as a website, you can add this subresource on the bucket with website configuration information such as the file name of the index document and any redirect rules.
This PUT operation requires the `PutBucketWebsite` permission. By default, only the bucket owner can configure the website attached to a bucket; however, bucket owners can allow other users to set the website configuration by writing a bucket policy that grants them the `PutBucketWebsite` permission.
To redirect all website requests sent to the bucket's website endpoint, you add a website configuration with the following elements. Because all requests are sent to another website, you don't need to provide index document name for the bucket.
`WebsiteConfiguration`
`RedirectAllRequestsTo`
`HostName`
`Protocol`
If you want granular control over redirects, you can use the following elements to add routing rules that describe conditions for redirecting requests and information about the redirect destination. In this case, the website configuration must provide an index document for the bucket, because some requests might not be redirected.
`WebsiteConfiguration`
`IndexDocument`
`Suffix`
`ErrorDocument`
`Key`
`RoutingRules`
`RoutingRule`
`Condition`
`HttpErrorCodeReturnedEquals`
`KeyPrefixEquals`
`Redirect`
`Protocol`
`HostName`
`ReplaceKeyPrefixWith`
`ReplaceKeyWith`
`HttpRedirectCode`
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
website required | boolean Value: true |
Content-MD5 | string (Content-MD5) The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Specifies website configuration parameters for an IONOS S3 Object Storage bucket. |
<?xml version="1.0" encoding="UTF-8"?> <WebsiteConfiguration xmlns="xmlns='http://s3.amazonaws.com/doc/2006-03-01/'"> <IndexDocument> <Suffix>index.html</Suffix> </IndexDocument> <ErrorDocument> <Key>error.html</Key> </ErrorDocument> </WebsiteConfiguration>
This operation removes the website configuration for a bucket. IONOS S3 Object Storage returns a `200 OK` response upon successfully deleting a website configuration on the specified bucket. You will get a `200 OK` response if the website configuration you are trying to delete does not exist on the bucket. IONOS S3 Object Storage returns a `404` response if the bucket specified in the request does not exist.
This DELETE operation requires the `DeleteBucketWebsite` permission. By default, only the bucket owner can delete the website configuration attached to a bucket. However, bucket owners can grant other users permission to delete the website configuration by writing a bucket policy granting them the `DeleteBucketWebsite` permission.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Example: my-bucket The bucket name. |
website required | boolean Value: true |