Download OpenAPI specification:Download
The IONOS S3 Object Storage API is a REST-based API that allows developers and applications to interact directly with IONOS' scalable storage solution, leveraging the S3 protocol for object storage operations. Its design ensures seamless compatibility with existing tools and libraries tailored for S3 systems.
Location | Region name | Endpoints |
---|---|---|
Frankfurt, Germany | de | https://s3-eu-central-1.ionoscloud.com , s3 legacy endpoint: https://s3-de-central.profitbricks.com |
Berlin, Germany | eu-central-2 | https://s3-eu-central-2.ionoscloud.com |
Logrono, Spain | eu-south-2 | https://s3-eu-south-2.ionoscloud.com |
Retrieves the Access Control List (ACL) of a bucket.
Make sure you have one of the following permissions:
READ_ACP
access for the bucket using Bucket ACL.s3:GetBucketAcl
operation using Bucket Policies.A bucket owner can grant this permission to others by using Bucket ACL or Bucket Policies.
Bucket required | string (BucketName) [ 3 .. 63 ] characters Specifies the S3 bucket whose ACL is being requested. |
acl required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> <AccessControlList> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>783fa49356820b211a4283526fe24343</ID> <DisplayName>some@email.com</DisplayName> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"> <URI>http://acs.amazonaws.com/groups/s3/LogDelivery</URI> </Grantee> <Permission>WRITE</Permission> </Grant> </AccessControlList> </AccessControlPolicy>
Sets the permissions for an existing bucket using Access Control Lists (ACL).
You can use one of the following two ways to set a bucket's permissions:
Note: You cannot specify access permission using both the body and the request headers.
Make sure you have one of the following permissions:
WRITE_ACP
access for the bucket using Bucket ACL.s3:PutBucketAcl
operation using Bucket Policies.A bucket owner can grant this permission to others by using Bucket ACL or Bucket Policies.
Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket to which to apply the ACL. |
acl required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
x-amz-acl | string Enum: "private" "public-read" "public-read-write" "authenticated-read" "log-delivery-write" Refers to the canned ACL to apply to the bucket.
Note: You can specify only one of these canned ACLs in your request. Also, you can use either a canned ACL or specify access permissions explicitly. You cannot do both. |
x-amz-grant-full-control | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343", uri="http://acs.amazonaws.com/groups/s3/LogDelivery" Allows grantee the read, write, read ACP, and write ACP permissions on the bucket. You specify each grantee as a type="value" pair, where type is one of the following:
|
x-amz-grant-read | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343", uri="http://acs.amazonaws.com/groups/global/AllUsers" Allows grantee to list the objects in the bucket. You specify each grantee as a type="value" pair, where type is one of the following:
|
x-amz-grant-read-acp | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343", uri="http://acs.amazonaws.com/groups/global/AllUsers" Allows grantee to read the bucket ACL. You specify each grantee as a type="value" pair, where type is one of the following:
|
x-amz-grant-write | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343", uri="http://acs.amazonaws.com/groups/s3/LogDelivery" Allows grantee to create new objects in the bucket. The owners of existing objects can also delete and overwrite these objects. You specify each grantee as a type="value" pair, where type is one of the following:
|
x-amz-grant-write-acp | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343" Allows grantee to write the ACL for the applicable bucket. |
object Contains the elements that set the ACL permissions for a bucket per grantee. |
<?xml version="1.0" encoding="UTF-8"?> <AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> <AccessControlList> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>d243114c20ba8aa6fb69fc041b529ac7</ID> <DisplayName>some@email.com</DisplayName> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"> <URI>http://acs.amazonaws.com/groups/s3/LogDelivery</URI> </Grantee> <Permission>WRITE</Permission> </Grant> </AccessControlList> </AccessControlPolicy>
null
Returns the access control list (ACL) of an object.
Make sure you have one of the following permissions:
READ_ACP
access for the object using Bucket ACL.s3:GetObjectAcl
operation using Bucket Policies.A bucket owner can grant this permission to others by using Bucket ACL or Bucket Policies.
versionId
query variable is not supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket name that contains the object for which to get the ACL information. |
Key required | string non-empty The key of the object for which to get the ACL information. |
acl required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> <AccessControlList> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>783fa49356820b211a4283526fe24343</ID> <DisplayName>some@email.com</DisplayName> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"> <URI>http://acs.amazonaws.com/groups/s3/LogDelivery</URI> </Grantee> <Permission>WRITE</Permission> </Grant> </AccessControlList> </AccessControlPolicy>
Sets the permissions for an existing object using Access Control Lists (ACL).
You can use one of the following two ways to set an object's permissions:
Note: You cannot specify access permission using both the body and the request headers.
Make sure you have one of the following permissions:
WRITE_ACP
access for the object using Bucket ACL.s3:PutObjectAcl
operation using Bucket Policies.A bucket owner can grant this permission to others by using Bucket ACL or Bucket Policies.
versionId
query variable is not supported.Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket name that contains the object to which you want to attach the ACL. |
Key required | string non-empty Key for which the PUT operation is initiated. |
acl required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
x-amz-acl | string Enum: "private" "public-read" "public-read-write" "authenticated-read" "bucket-owner-read" "bucket-owner-full-control" "log-delivery-write" Refers to the canned ACL to apply to the object:
Note: You can specify only one of these canned ACLs in your request. Also You can use either a canned ACL or specify access permissions explicitly. You cannot do both. |
x-amz-grant-full-control | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343", uri="http://acs.amazonaws.com/groups/s3/LogDelivery" Allows grantee the READ, READ_ACP, and WRITE_ACP permissions on the object. You specify each grantee as a type="value" pair, where type is one of the following:
|
x-amz-grant-read | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343", uri="http://acs.amazonaws.com/groups/global/AllUsers" Allows grantee to read the object data and its metadata. You specify each grantee as a type="value" pair, where type is one of the following:
|
x-amz-grant-read-acp | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343", uri="http://acs.amazonaws.com/groups/global/AllUsers" Allows grantee to read the object ACL. You specify each grantee as a type="value" pair, where type is one of the following:
|
x-amz-grant-write-acp | string Example: id="59f872571f7c7a56c83785751a1e858c", id="783fa49356820b211a4283526fe24343" Allows grantee to write the ACL for the applicable object. |
object Contains the elements that set the ACL permissions for an object per grantee. |
<?xml version="1.0" encoding="UTF-8"?> <AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> <AccessControlList> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>783fa49356820b211a4283526fe24343</ID> <DisplayName>some@email.com</DisplayName> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"> <URI>http://acs.amazonaws.com/groups/s3/LogDelivery</URI> </Grantee> <Permission>WRITE</Permission> </Grant> </AccessControlList> </AccessControlPolicy>
null
Creates a copy of an object that is already stored in IONOS S3 Object Storage.
You can store individual objects of up to 5 TB in IONOS S3 Object Storage. You create a copy of your object up to 5 GB in size in a single atomic operation using this API. However, to copy an object greater than 5 GB, you must use the multipart upload Upload Part - Copy API.
All copy requests must be authenticated. Additionally, you must have read access to the source object and write access to the destination bucket. Both the Region that you want to copy the object from and the Region that you want to copy the object to must be enabled for your account.
Bucket required | string The name of the destination bucket. |
Key required | string non-empty The key of the destination object. |
x-amz-acl | string Enum: "private" "public-read" "public-read-write" "authenticated-read" "bucket-owner-read" "bucket-owner-full-control" "log-delivery-write" The canned ACL to apply to the object. |
Cache-Control | string Specifies caching behavior along the request/reply chain. |
Content-Disposition | string Specifies presentational information for the object. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. |
Content-Language | string The language the content is in. |
Content-Type | string A standard MIME type describing the format of the object data. |
x-amz-copy-source required | string\/.+\/.+ Specifies the source object for the copy operation. |
x-amz-copy-source-if-match | string Copies the object if its entity tag (ETag) matches the specified tag. |
x-amz-copy-source-if-modified-since | string <date-time> Copies the object if it has been modified since the specified time. |
x-amz-copy-source-if-none-match | string Copies the object if its entity tag (ETag) is different than the specified ETag. |
x-amz-copy-source-if-unmodified-since | string <date-time> Copies the object if it hasn't been modified since the specified time. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. |
x-amz-grant-full-control | string Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. |
x-amz-grant-read | string Allows grantee to read the object data and its metadata. |
x-amz-grant-read-acp | string Allows grantee to read the object ACL. |
x-amz-grant-write-acp | string Allows grantee to write the ACL for the applicable object. |
x-amz-metadata-directive | string Enum: "COPY" "REPLACE" Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. |
x-amz-tagging-directive | string Enum: "COPY" "REPLACE" Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" IONOS S3 Object Storage uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. |
x-amz-server-side-encryption-customer-algorithm | string Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-copy-source-server-side-encryption-customer-algorithm | string Specifies the algorithm to use when decrypting the source object (AES256). |
x-amz-copy-source-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created. |
x-amz-copy-source-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-tagging | string The tag-set for the object destination object this value must be used in conjunction with the |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" The Object Lock mode that you want to apply to the copied object. |
x-amz-object-lock-retain-until-date | string <date-time> The date and time when you want the copied object's Object Lock to expire. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether you want to apply a Legal Hold to the copied object. |
object A map of metadata to store with the object in S3. |
Creates a new S3 bucket. To create a bucket, you must register with IONOS S3 Object Storage and have a valid Access Key ID to authenticate requests. Anonymous requests are never allowed to create buckets. By creating the bucket, you become the bucket owner.
Not every string is an acceptable bucket name. For information about bucket naming restrictions, see Bucket naming rules.
Buckets are created in the location specified in the endpoint used to make the request. Once a bucket is created, it can be accessed at that location. Any requests targeting an existing bucket using an endpoint with an incorrect location will result in a 404 NoSuchkey
.
When creating a bucket using this operation, you can optionally specify the accounts or groups that should be granted specific permissions on the bucket. There are two ways to grant the appropriate permissions using the request headers.
Specify a canned ACL using the x-amz-acl
request header. IONOS S3 Object Storage supports a set of predefined ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees and permissions. For more information, see Canned ACL.
Specify access permissions explicitly using the x-amz-grant-read
, x-amz-grant-write
, x-amz-grant-read-acp
, x-amz-grant-write-acp
, and x-amz-grant-full-control
headers. These headers map to the set of permissions IONOS S3 Object Storage supports in an ACL.
You specify each grantee as a type=value pair, where the type is one of the following:
id
– if the value specified is the canonical user ID of an IONOS S3 Object Storage account
uri
– if you are granting permissions to a predefined group
emailAddress
– if the value specified is the email address of an IONOS S3 Object Storage account
Bucket required | string The name of the bucket to create. |
x-amz-acl | string Enum: "private" "public-read" "public-read-write" "authenticated-read" "log-delivery-write" The canned ACL to apply to the bucket. |
x-amz-grant-full-control | string Allows grantee the read, write, read ACP, and write ACP permissions on the bucket. |
x-amz-grant-read | string Allows grantee to list the objects in the bucket. |
x-amz-grant-read-acp | string Allows grantee to read the bucket ACL. |
x-amz-grant-write | string Allows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects. |
x-amz-grant-write-acp | string Allows grantee to write the ACL for the applicable bucket. |
x-amz-bucket-object-lock-enabled | boolean Default: false Specifies whether you want S3 Object Lock enabled for the new bucket. After bucket creation, you must apply the Object Lock configuration. |
object The configuration information for the bucket. |
<?xml version="1.0" encoding="UTF-8"?> <CreateBucketConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <LocationConstraint>eu-central-2</LocationConstraint> </CreateBucketConfiguration>
<?xml version="1.0" encoding="UTF-8"?> <Error> <Code>BucketAlreadyOwnedByYou</Code> <Message>Your previous request to create the named bucket succeeded and you already own it.</Message> <RequestId>2b6a4179-0e8d-1f52-872e-3cecef384be2</RequestId> <HostId>6de8da2aad0d4aa39bb147b7ef3381ac</HostId> </Error>
Deletes the bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted.
Bucket required | string Specifies the bucket being deleted. |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
Retrieves metadata and verifies the existence of a specific bucket. This operation checks for the presence of the specified bucket without returning the actual content of the bucket.
Bucket names are globally unique across all users of the service. If the bucket exists and the requester
has permission to access it, the server returns a 200 OK
HTTP status code with no accompanying response body.
If the bucket does not exist or if the requester does not have permission to access it, the server returns a relevant error code:
403 Forbidden
: The requester does not have permission to access the bucket.404 Not Found
: The bucket does not exist.You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:ListBucket
operation using Bucket Policies.
Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket name. |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
Returns some or all (up to 1,000) of the objects in a bucket. You can use the request parameters as selection criteria to return a subset of the objects in a bucket. A 200 OK response can contain valid or invalid XML. Be sure to design your application to parse the contents of the response and handle it appropriately.
Bucket required | string The name of the bucket containing the objects. |
delimiter | string A delimiter is a character you use to group keys. |
encoding-type | string Value: "url" |
marker | string Marker is where you want IONOS S3 Object Storage to start listing from. IONOS S3 Object Storage starts listing after this specified key. Marker can be any key in the bucket. |
max-keys | integer Sets the maximum number of keys returned in the response. By default the operation returns up to 1,000 key names. The response might contain fewer keys but will never contain more. |
prefix | string Limits the response to keys that begin with the specified prefix. |
MaxKeys | string Pagination limit |
Marker | string Pagination token |
x-amz-request-payer | string Value: "requester" Confirms that the requester knows that she or he will be charged for the list objects request. Bucket owners need not specify this parameter in their requests. |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
<?xml version="1.0" encoding="UTF-8"?> <ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Name>bucket-name</Name> <Prefix/> <Marker/> <MaxKeys>1000</MaxKeys> <IsTruncated>false</IsTruncated> <Contents> <Key>object-name.zip</Key> <LastModified>2023-07-19T09:37:01.863Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>6</Size> <ETag>"d58e3582afa99040e27b92b13c8f2280"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> </Owner> </Contents> <Contents> <Key>folder-name/</Key> <LastModified>2023-07-18T10:00:36.181Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>0</Size> <ETag>"d41d8cd98f00b204e9800998ecf8427e"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> </Owner> </Contents> <Contents> <Key>another-object.png</Key> <LastModified>2023-02-22T10:13:37.616Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>425135</Size> <ETag>"ca44f112b6ef4e74813b2f9cd79ad9e9"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> </Owner> </Contents> </ListBucketResult>
This API is used to issue a preflight request to the IONOS S3 Object Storage to determine if it can send an actual request with the specific origin, HTTP method, and headers.
Bucket required | string The bucket name. |
Origin required | string Identifies the origin of the cross-origin request to the IONOS S3 Object Storage. |
Access-Control-Request-Method required | string Identifies what HTTP method will be used in the actual request. |
Access-Control-Request-Headers | string A comma-delimited list of HTTP headers that will be sent in the actual request. For example, to put an object with server-side encryption, this preflight request will determine if it can include the |
The POST operation adds an object to a specified bucket using HTML forms. POST is an alternate form of PUT that enables browser-based uploads of objects into buckets. Parameters passed to PUT via HTTP Headers are instead passed to POST as form fields in the multipart/form-data encoded message body.
Bucket required | string The bucket name to which the POST operation was initiated. |
Key required | string non-empty Key name of the object to post. |
Cache-Control | string Can be used to specify caching behavior along the request/reply chain. For more information, see Cache-Control. |
Content-Disposition | string Specifies presentational information for the object. For more information, see Content-Disposition. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see Content-Encoding. |
Content-Language | string The language the content is in. |
Content-Length | integer Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see Content-Length. |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
Content-Type | string A standard MIME type describing the format of the contents. For more information, see Content-Type. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. For more information, see Expires. |
x-amz-grant-full-control | string Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. |
x-amz-grant-read | string Allows grantee to read the object data and its metadata. |
x-amz-grant-read-acp | string Allows grantee to read the object ACL. |
x-amz-grant-write-acp | string Allows grantee to write the ACL for the applicable object. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" IONOS S3 Object Storage uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket: In the following example, the request header sets the object redirect to another website: |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-server-side-encryption-context | string <password> Specifies the IONOS S3 Object Storage Encryption Context to use for object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs. |
x-amz-server-side-encryption-bucket-key-enabled | boolean Specifies whether IONOS S3 Object Storage should use an S3 Bucket Key for object encryption with server-side encryption. Setting this header to Specifying this header with a PUT operation doesn’t affect bucket-level settings for S3 Bucket Key. |
x-amz-request-payer | string Value: "requester" |
x-amz-tagging | string The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1") |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" The Object Lock mode that you want to apply to this object. |
x-amz-object-lock-retain-until-date | string <date-time> The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether a legal hold will be applied to this object. |
Body | string Object data. |
object A map of metadata to store with the object in S3. |
Removes the null version (if there is one) of an object and inserts a delete marker, which becomes the latest version of the object. This operation is final - there is no way to recover a deleted object. Data stored in IONOS S3 Object Storage is erasure coded and distributed to multiple individual storage devices in multiple data centers. When data is deleted, various mechanisms exist which prevent recovery or reconstruction of the deleted objects.
Deletion of an object undergoes various stages. First, the metadata is marked to indicate the object is deleted, then, the data is removed. Eventually, deleted metadata is overwritten and the deleted data blocks are overwritten with new data in the course of normal operations. As soon as the metadata is marked deleted, it is not possible to read an object remotely.
Bucket required | string The bucket name of the bucket containing the object. |
Key required | string non-empty Key name of the object to delete. |
versionId | string VersionId used to reference a specific version of the object. |
x-amz-mfa | string The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA Delete enabled. |
x-amz-bypass-governance-retention | boolean Indicates whether S3 Object Lock should bypass Governance-mode restrictions to process this operation. To use this header, you must have the |
Retrieves objects from IONOS S3 Object Storage. To use GET
, you must have READ
access to the object. If you grant READ
access to the anonymous user, you can return the object without using an authorization header.
An IONOS S3 Object Storage bucket has no directory hierarchy such as you would find in a typical computer file system. You can, however, create a logical hierarchy by using object key names that imply a folder structure. For example, instead of naming an object test.jpg
, you can name it photos/2022/July/test.jpg
.
To get an object from such a logical hierarchy, specify the full key name for the object in the GET
operation. For a virtual hosted-style request example, if you have the object photos/2022/July/test.jpg
, specify the resource as /photos/2022/July/test.jpg
. For a path-style request example, if you have the object photos/2022/July/test.jpg
in the bucket named examplebucket
, specify the resource as /examplebucket/photos/2022/July/test.jpg
.
This operation returns an InvalidObjectStateError
error.
If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in IONOS S3 Object Storage, then when you GET the object, you must use the following headers:
x-amz-server-side-encryption-customer-algorithm
x-amz-server-side-encryption-customer-key
x-amz-server-side-encryption-customer-key-MD5
Assuming you have the relevant permission to read object tags, the response also returns the x-amz-tagging-count
header that provides the count of number of tags associated with the object.
Permissions
You need the relevant read object (or version) permission for this operation. If the object you request does not exist, the error IONOS S3 Object Storage returns depends on whether you also have the ListBucket
permission.
If you have the ListBucket
permission on the bucket, IONOS S3 Object Storage will return an HTTP status code 404 ("no such key") error.
If you don’t have the ListBucket
permission, IONOS S3 Object Storage will return an HTTP status code 403 ("access denied") error.
Versioning
By default, the GET operation returns the current version of an object. To return a different version, use the versionId
subresource.
You need the GetObjectVersion
permission to access a specific version of an object.
If the current version of the object is a delete marker, IONOS S3 Object Storage behaves as if the object was deleted and includes x-amz-delete-marker: true
in the response.
Overriding Response Header Values
There are times when you want to override certain response header values in a GET response. For example, you might override the Content-Disposition response header value in your GET request.
You can override values for a set of response headers using the following query parameters. These response header values are sent only on a successful request, that is, when status code 200 OK is returned. The set of headers you can override using these parameters is a subset of the headers that IONOS S3 Object Storage accepts when you create an object. The response headers that you can override for the GET response are Content-Type
, Content-Language
, Expires
, Cache-Control
, Content-Disposition
, and Content-Encoding
. To override these header values in the GET response, you use the following request parameters.
You must sign the request, either using an Authorization header or a presigned URL, when using these parameters. They cannot be used with an unsigned (anonymous) request.
partNumber
versionId
response-content-type
response-content-language
response-expires
response-cache-control
response-content-disposition
response-content-encoding
Additional Considerations about Request Headers
If both of the If-Match
and If-Unmodified-Since
headers are present in the request as follows: If-Match
condition evaluates to true
, and; If-Unmodified-Since
condition evaluates to false
; then, S3 returns 200 OK and the data requested.
If both of the If-None-Match
and If-Modified-Since
headers are present in the request as follows: If-None-Match
condition evaluates to false
, and; If-Modified-Since
condition evaluates to true
; then, S3 returns 304 Not Modified response code.
For more information about conditional requests, see RFC 7232.
Bucket required | string The bucket containing the object. |
Key required | string non-empty Key of the object to get. Possible values: length ≥ 1 |
response-cache-control | string Sets the |
response-content-disposition | string Sets the |
response-content-encoding | string Sets the |
response-content-language | string Sets the |
response-content-type | string Sets the |
response-expires | string <date-time> Sets the |
versionId | string VersionId used to reference a specific version of the object. |
partNumber | integer Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' GET request for the part specified. Useful for downloading just a part of an object. |
If-Match | string Return the object only if its entity tag (ETag) is the same as the one specified, otherwise return a 412 (precondition failed). |
If-Modified-Since | string <date-time> Return the object only if it has been modified since the specified time, otherwise return a 304 (not modified). |
If-None-Match | string Return the object only if its entity tag (ETag) is different from the one specified, otherwise return a 304 (not modified). |
If-Unmodified-Since | string <date-time> Return the object only if it has not been modified since the specified time, otherwise return a 412 (precondition failed). |
Range | string Downloads the specified range bytes of an object. For more information about the HTTP Range header, see Range. IONOS S3 Object Storage doesn't support retrieving multiple ranges of data per |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when decrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage used to encrypt the data. This value is used to decrypt the object when recovering it and must match the one used when storing the data. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
The HEAD operation retrieves metadata from an object without returning the object itself. This operation is useful if you're only interested in an object's metadata. To use HEAD, you must have READ access to the object.
A HEAD
request has the same options as a GET
operation on an object. The response is identical to the GET
response except that there is no response body. Because of this, if the HEAD
request generates an error, it returns a generic 404 Not Found
or 403 Forbidden
code. It is not possible to retrieve the exact exception beyond these error codes.
If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in IONOS S3 Object Storage, then when you retrieve the metadata from the object, you must use the following headers:
x-amz-server-side-encryption-customer-algorithm
= AES256
x-amz-server-side-encryption-customer-key
x-amz-server-side-encryption-customer-key-MD5
Encryption request headers, like x-amz-server-side-encryption
, should not be sent for GET requests if your object uses the server-side encryption with IONOS S3 Object Storage–managed encryption keys (SSE-S3). If your object does use this type of keys, you’ll get an HTTP 400 BadRequest error.
The last modified property in this case is the creation date of the object.
Request headers are limited to 8 KB in size.
Consider the following when using request headers:
Consideration 1 – If both of the If-Match
and If-Unmodified-Since
headers are present in the request as follows:
If-Match
condition evaluates to true
, and;
If-Unmodified-Since
condition evaluates to false
;
Then IONOS S3 Object Storage returns 200 OK
and the data requested.
Consideration 2 – If both of the If-None-Match
and If-Modified-Since
headers are present in the request as follows:
If-None-Match
condition evaluates to false
, and;
If-Modified-Since
condition evaluates to true
;
Then IONOS S3 Object Storage returns the 304 Not Modified
response code.
For more information about conditional requests, see RFC 7232.
Permissions
You need the relevant read object (or version) permission for this operation. If the object you request does not exist, the error IONOS S3 Object Storage returns depends on whether you also have the ListBucket permission.
If you have the ListBucket
permission on the bucket, IONOS S3 Object Storage returns an HTTP status code 404 ("no such key") error.
If you don’t have the ListBucket
permission, IONOS S3 Object Storage returns an HTTP status code 403 ("access denied") error.
Bucket required | string The name of the bucket containing the object. |
Key required | string non-empty The object key. |
versionId | string VersionId used to reference a specific version of the object. |
partNumber | integer Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' HEAD request for the part specified. Useful querying about the size of the part and the number of parts in this object. |
If-Match | string Return the object only if its entity tag (ETag) is the same as the one specified, otherwise return a 412 (precondition failed). |
If-Modified-Since | string <date-time> Return the object only if it has been modified since the specified time, otherwise return a 304 (not modified). |
If-None-Match | string Return the object only if its entity tag (ETag) is different from the one specified, otherwise return a 304 (not modified). |
If-Unmodified-Since | string <date-time> Return the object only if it has not been modified since the specified time, otherwise return a 412 (precondition failed). |
Range | string Downloads the specified range bytes of an object. For more information about the HTTP Range header, see Range. IONOS S3 Object Storage doesn't support retrieving multiple ranges of data per |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
Adds an object to a bucket. You must have WRITE permissions on a bucket to add an object to it.
IONOS S3 Object Storage never adds partial objects; if you receive a success response, IONOS S3 Object Storage added the entire object to the bucket.
IONOS S3 Object Storage is a distributed system. If it receives multiple write requests for the same object simultaneously, it overwrites all but the last object written. IONOS S3 Object Storage does not provide object locking; if you need this, make sure to build it into your application layer or use versioning instead.
To ensure that data is not corrupted traversing the network, use the Content-MD5
header. When you use this header, IONOS S3 Object Storage checks the object against the provided MD5 value and, if they do not match, returns an error. Additionally, you can calculate the MD5 while putting an object to IONOS S3 Object Storage and compare the returned ETag to the calculated MD5 value.
To successfully complete the PutObject
request, you must have the PutObject
in your permissions.
To successfully change the objects acl of your PutObject
request, you must have the PutObjectAcl
in your permissions.
The Content-MD5
header is required for any request to upload an object with a retention period configured using IONOS S3 Object Storage Object Lock .
Versioning
If you enable versioning for a bucket, IONOS S3 Object Storage automatically generates a unique version ID for the object being stored. IONOS S3 Object Storage returns this ID in the response. When you enable versioning for a bucket, if IONOS S3 Object Storage receives multiple write requests for the same object simultaneously, it stores all of the objects.
Access Control List (ACL)-Specific Request Headers
You can use headers to grant ACL- based permissions. By default, all objects are private. Only the owner has full access control. When adding a new object, you can grant permissions to individual IONOS S3 Object Storage accounts or to predefined groups defined by IONOS S3 Object Storage. These permissions are then added to the ACL on the object.
Server-side Encryption with IONOS S3 managed keys (SSE-S3)
You can optionally request server-side encryption. With server-side encryption, IONOS S3 Object Storage encrypts your data as it writes it to disks in its data centers and decrypts the data when you access it.
PutObject
operation.AES256
. This can be skipped if the default encryption has been set up for the bucket as described in the previous clause.Server-side Encryption with customer managed keys (SSE-C)
In order to apply encryption with customer-provided keys (SSE-C) to the uploading object add these headers to the request:x-amz-server-side-encryption-customer-algorithm
= AES256
x-amz-server-side-encryption-customer-key
— the 256-bit, base64-encoded encryption key to use to encrypt and decrypt your data. You might use these commands to generate it: openssl rand 32 -out my-key.key
openssl enc -base64 -in my-key.key
, the example of the output: 4ZRNYBCCvL0YZeqo3f2+9qDyIfnLdbg5S99R2XWr0aw=
.x-amz-server-side-encryption-customer-key-MD5
— the base64-encoded 128-bit MD5 digest of the encryption key. Generate it with the following command: echo my-key.key | openssl dgst -md5 -binary | openssl enc -base64
.bPU7G1zD2MlOi5gqnkRqZg==
.NOTE:
Bucket required | string The bucket name to which the PUT operation was initiated. |
Key required | string non-empty Object key for which the PUT operation was initiated. |
Cache-Control | string Can be used to specify caching behavior along the request/reply chain. For more information, see Cache-Control. |
Content-Disposition | string Specifies presentational information for the object. For more information, see Content-Disposition. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see Content-Encoding. |
Content-Language | string The language the content is in. |
Content-Length | integer Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see Content-Length. |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
Content-Type | string A standard MIME type describing the format of the contents. For more information, see Content-Type. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. For more information, see Expires. |
x-amz-grant-full-control | string Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. |
x-amz-grant-read | string Allows grantee to read the object data and its metadata. |
x-amz-grant-read-acp | string Allows grantee to read the object ACL. |
x-amz-grant-write-acp | string Allows grantee to write the ACL for the applicable object. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" The valid value is |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket: In the following example, the request header sets the object redirect to another website: |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object. The valid option is |
x-amz-server-side-encryption-customer-key | string <password> Specifies the 256-bit, base64-encoded encryption key to use to encrypt and decrypt your data. For example, |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. For example, |
x-amz-server-side-encryption-context | string <password> Specifies the IONOS S3 Object Storage Encryption Context to use for object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs. |
x-amz-request-payer | string Value: "requester" |
x-amz-tagging | string The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1") |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" The Object Lock mode that you want to apply to this object. |
x-amz-object-lock-retain-until-date | string <date-time> The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether a legal hold will be applied to this object. |
Body | string Object data. |
object A map of metadata to store with the object in S3. |
PUT /{Bucket}/{Key} HTTP/1.1 Host: s3-eu-central-1.ionoscloud.com Accept: */* Authorization: authorization string Date: Tue, 04 Apr 2023 19:36:53 GMT x-amz-server-side-encryption: AES256
HTTP/1.1 200 OK x-amz-request-id: 9a4f31b7-fed2-1fff-a148-3cecef3849fe date: Tue, 04 Apr 2023 19:36:53 GMT etag: "4f8d2c12500d851ed55fc08df311e868" x-amz-server-side-encryption-customer-algorithm: AES256 x-amz-server-side-encryption-customer-key-MD5: r4C1SZrweqvPoGPMtR6jTA== content-length: 0
This operation enables you to delete multiple objects from a bucket using a single HTTP request. If you know the object keys that you want to delete, then this operation provides a suitable alternative to sending individual delete requests, reducing per-request overhead.
The request contains a list of up to 1000 keys that you want to delete. In the XML, you provide the object key names, and optionally, version IDs if you want to delete a specific version of the object from a versioning-enabled bucket. For each key, IONOS S3 Object Storage performs a delete operation and returns the result of that delete, success, or failure, in the response. Note that if the object specified in the request is not found, IONOS S3 Object Storage returns the result as deleted.
The operation supports two modes for the response: verbose and quiet. By default, the operation uses verbose mode in which the response includes the result of deletion of each key in your request. In quiet mode the response includes only keys where the delete operation encountered an error. For a successful deletion, the operation does not return any information about the delete in the response body.
Bucket required | string The bucket name containing the objects to delete. |
delete required | boolean Value: true |
x-amz-mfa | string The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA Delete enabled. |
x-amz-bypass-governance-retention | boolean Specifies whether you want to delete this object even if it has a Governance-type Object Lock in place. To use this header, you must have the |
required | object Container for the objects to delete. |
<Delete xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Object> <Key>folder/object1.zip</Key> </Object> <Object> <Key>folder/object2.zip</Key> </Object> </Delete>
<?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>folder/object1.zip</Key> </Deleted> <Deleted> <Key>folder/object2.zip</Key> </Deleted> </DeleteResult>
Lists all the buckets owned by the authenticated sender of the request. This operation does not list the buckets shared with you by other users.
To use this operation, you must have the s3:ListAllMyBuckets
permission. The bucket owner has it by default.
<?xml version="1.0" encoding="UTF-8"?> <ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Owner> <ID>fb202d54c82981a9ed3208e1fe6eea2f</ID> <DisplayName></DisplayName> </Owner> <Buckets> <Bucket> <Name>my-bucket</Name> <CreationDate>2023-02-09T15:27:55.452Z</CreationDate> </Bucket> <Bucket> <Name>my-bucket-2</Name> <CreationDate>2023-03-20T16:41:04.326Z</CreationDate> </Bucket> <Bucket> <Name>my-bucket-3</Name> <CreationDate>2022-12-30T20:01:25.203Z</CreationDate> </Bucket> </Buckets> </ListAllMyBucketsResult>
Retrieves a partial or complete list (with a maximum of 1000 objects per request) from a specified bucket. The request parameters can serve as selection criteria to filter and return a subset of objects from the bucket.
A 200 OK
response can contain either valid or invalid XML, so it's crucial to construct your application
in such a way that it can correctly parse and handle the response content. In the resulting list, objects
are organized in ascending order according to their key names.
Make sure you have one of the following permissions:
s3:ListBucket
operation using Bucket Policies.A bucket owner can grant this permission to others by using Bucket ACL or Bucket Policies.
Bucket required | string Bucket name to list. |
list-type required | string Value: "2" |
delimiter | string Example: delimiter=/ A delimiter is a character you use to group keys. |
encoding-type | string Value: "url" Encoding type used by IONOS S3 Object Storage to encode object keys in the response. |
max-keys | integer [ 1 .. 1000 ] Default: 1000 Sets the maximum number of keys returned in the response. By default the operation returns up to 1000 key names. The response might contain fewer keys but will never contain more. |
prefix | string [ 0 .. 1024 ] characters Example: prefix=folder/subfolder/ Limits the response to keys that begin with the specified prefix. |
continuation-token | string ContinuationToken indicates IONOS S3 Object Storage that the list is being continued on this bucket with a token. ContinuationToken is obfuscated and is not a real key. |
fetch-owner | boolean Enum: false true The owner field is not present in listV2 by default, if you want to return owner field with each key in the result then set the fetch owner field to true. |
start-after | string StartAfter is where you want to start listing from. IONOS S3 Object Storage starts listing after this specified key. StartAfter can be any key in the bucket. |
<?xml version="1.0" encoding="UTF-8"?> <ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Name>my-bucket</Name> <Prefix/> <MaxKeys>1000</MaxKeys> <IsTruncated>false</IsTruncated> <KeyCount>2</KeyCount> <Contents> <Key>my-object.txt</Key> <LastModified>2023-02-20T16:24:08.841Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>3843225</Size> <ETag>"698d51a19d8a121ce581499d7b701668"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </Contents> <Contents> <Key>my_folder/</Key> <LastModified>2023-02-22T11:08:37.535Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>0</Size> <ETag>"d41d8cd98f00b204e9800998ecf8427e"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </Contents> </ListBucketResult>
Restores an archived copy of an object back into IONOS S3 Object Storage
This operation performs the following types of requests:
select
- Perform a select query on an archived object
restore an archive
- Restore an archived object
To use this operation, you must have permissions to perform the RestoreObject
operation. The bucket owner has this permission by default and can grant this permission to others.
Bucket required | string The bucket name containing the object to restore. |
Key required | string non-empty Object key for which the operation was initiated. |
versionId | string VersionId used to reference a specific version of the object. |
restore required | boolean Value: true |
object Container for restore job parameters. |
Deletes the CORS
configuration information set for the bucket.
To use this operation, you must have permission to perform the PutBucketCORS
operation. The bucket owner has this permission by default and can grant this permission to others.
Bucket required | string Specifies the bucket whose |
cors required | boolean Value: true |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
Returns the cors configuration information set for the bucket.
To use this operation, you must have permission to perform the GetBucketCORS operation. By default, the bucket owner has this permission and can grant it to others.
Bucket required | string The bucket name for which to get the cors configuration. |
cors required | boolean Value: true |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
<CORSConfiguration> <CORSRule> <AllowedOrigin>https://www.domain.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>
Sets the CORS
configuration for your bucket. If the configuration exists, it will be overwritten and replaced.
To use this operation, you must be allowed to perform the PutBucketCORS
operation. By default, the bucket owner has this permission and can grant it to others.
You set this configuration on a bucket so that the bucket can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com
to access your IONOS S3 Object Storage bucket at my.example.bucket.com
by using the browser's XMLHttpRequest
capability.
To enable cross-origin resource sharing (CORS) on a bucket, you add the cors
subresource to the bucket. The cors
subresource is an XML document in which you configure rules that identify origins and the HTTP methods that can be executed on your bucket. The document is limited to 64 KB in size.
When IONOS S3 Object Storage receives a cross-origin request (or a pre-flight OPTIONS request) against a bucket, it evaluates the cors
configuration on the bucket and uses the first CORSRule
rule that matches the incoming browser request to enable a cross-origin request. For a rule to match, the following conditions must be met:
The request's Origin
header must match AllowedOrigin
elements.
The request method (for example, GET, PUT, HEAD, and so on) or the Access-Control-Request-Method
header in case of a pre-flight OPTIONS
request must be one of the AllowedMethod
elements.
Every header specified in the Access-Control-Request-Headers
request header of a pre-flight request must match an AllowedHeader
element.
Bucket required | string Specifies the bucket impacted by the |
cors required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Describes the cross-origin access configuration for objects in an IONOS S3 Object Storage bucket. |
<CORSConfiguration> <CORSRule> <AllowedOrigin>https://www.domain.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>
This implementation of the DELETE operation removes default encryption from the bucket.
In the current version, only the bucket owner is allowed to perform this operation. We currently do not support the use of bucket policies to extend bucket encryption permissions to users other than the bucket owner.
Bucket required | string The name of the bucket containing the server-side encryption configuration to delete. |
encryption required | boolean Value: true |
Returns the default encryption configuration for the bucket.
In the current version, only the bucket owner is allowed to perform this operation. We currently do not support the use of bucket policies to extend bucket encryption permissions to users other than the bucket owner.
If the bucket does not have a default encryption configuration, GetBucketEncryption returns 404 ServerSideEncryptionConfigurationNotFoundError
.
Bucket required | string The name of the bucket from which the server-side encryption configuration is retrieved. |
encryption required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Rule> <ApplyServerSideEncryptionByDefault> <SSEAlgorithm>AES256</SSEAlgorithm> </ApplyServerSideEncryptionByDefault> </Rule> </ServerSideEncryptionConfiguration>
Sets the AES256 server-side encryption for a bucket with IONOS S3 managed keys (SSE-S3).
With server-side encryption, S3 encrypts a newly uploaded object in the bucket before saving it to disk and decrypts it when you download the object. Encryption doesn't change the way that you access data as an authorized user. It only further protects your data.
In the current version, only the bucket owner is allowed to perform this operation. We do not currently support the use of bucket policies to extend bucket encryption permissions to users other than the bucket owner.
IONOS S3 confirms that your object is stored with SSE-S3 encryption by returning the response header `x-amz-server-side-encryption` for the Object Read operation.
You can also apply encryption with a customer-provided key (SSE-C) to each object at the time of uploading. In this case, SSE-C encryption will override the SSE-S3 encryption.
Bucket required | string Specifies default encryption for a bucket using server-side encryption with IONOS S3 Object Storage-managed keys (SSE-S3). |
encryption required | boolean Value: true |
required | object Specifies the default server-side-encryption configuration. The valid value is AES256. |
<ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Rule> <ApplyServerSideEncryptionByDefault> <SSEAlgorithm>AES256</SSEAlgorithm> </ApplyServerSideEncryptionByDefault> </Rule> </ServerSideEncryptionConfiguration>
Deletes the lifecycle configuration from the specified bucket. As a result, objects within the bucket will neither expire nor be automatically deleted based on any rules from the deleted configuration.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutLifecycleConfiguration
operation using Bucket Policies.
Note: A brief delay may occur before the lifecycle configuration deletion is fully propagated across all IONOS S3 Object Storage systems. During this time, lifecycle rules may remain temporarily active.
Bucket required | string The bucket name of the lifecycle to delete. |
lifecycle required | boolean Value: true |
Returns the lifecycle configuration for the specified S3 bucket.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetLifecycleConfiguration
operation using Bucket Policies.
Bucket required | string The name of the bucket for which to get the lifecycle information. |
lifecycle required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <LifecycleConfiguration> <Rule> <ID>Delete logs after 30 days with size between 104857600 and 1073741824 bytes</ID> <Filter> <ObjectSizeGreaterThan>104857600</ObjectSizeGreaterThan> <ObjectSizeLessThan>1073741824</ObjectSizeLessThan> <Prefix>logs/</Prefix> </Filter> <Status>Enabled</Status> <Expiration> <Days>30</Days> </Expiration> </Rule> <Rule> <ID>Delete objects 60 days after becoming non-current for bucket with Versioning enabled</ID> <Filter> <Prefix>temp/</Prefix> </Filter> <Status>Enabled</Status> <NoncurrentVersionExpiration> <NoncurrentDays>60</NoncurrentDays> </NoncurrentVersionExpiration> </Rule> <Rule> <ID>Remove incomplete multipart uploads after 5 days</ID> <Filter> <Prefix /> </Filter> <Status>Enabled</Status> <AbortIncompleteMultipartUpload> <DaysAfterInitiation>5</DaysAfterInitiation> </AbortIncompleteMultipartUpload> </Rule> </LifecycleConfiguration>
Creates a new lifecycle configuration for a specified bucket, or replaces an existing configuration.
This lifecycle configuration allows automatic management of the objects within the bucket. Typical actions can include the deletion of objects after a certain period or deletion of non-current versions of objects.You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutLifecycleConfiguration
operation using Bucket Policies.
NewerNoncurrentVersions
setting is not supported for the NoncurrentVersionExpiration
option.Transition
and the NoncurrentVersionTransition
options are omitted as only the STANDARD
storage class is currenly supported.Bucket required | string |
lifecycle required | boolean Value: true |
Content-MD5 required | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object Container for lifecycle rules. You can add as many as 1000 rules. |
<?xml version="1.0" encoding="UTF-8"?> <LifecycleConfiguration> <Rule> <ID>Delete logs after 30 days with size between 104857600 and 1073741824 bytes</ID> <Filter> <ObjectSizeGreaterThan>104857600</ObjectSizeGreaterThan> <ObjectSizeLessThan>1073741824</ObjectSizeLessThan> <Prefix>logs/</Prefix> </Filter> <Status>Enabled</Status> <Expiration> <Days>30</Days> </Expiration> </Rule> <Rule> <ID>Delete objects 60 days after becoming non-current for bucket with Versioning enabled</ID> <Filter> <Prefix>temp/</Prefix> </Filter> <Status>Enabled</Status> <NoncurrentVersionExpiration> <NoncurrentDays>60</NoncurrentDays> </NoncurrentVersionExpiration> </Rule> <Rule> <ID>Remove incomplete multipart uploads after 5 days</ID> <Filter> <Prefix /> </Filter> <Status>Enabled</Status> <AbortIncompleteMultipartUpload> <DaysAfterInitiation>5</DaysAfterInitiation> </AbortIncompleteMultipartUpload> </Rule> </LifecycleConfiguration>
Returns the region the bucket resides in.
We recommend using HeadBucket to get the region that a bucket resides in.
For backward compatibility, IONOS continues to support GetBucketLocation
.
The operation behaves as follows:
GetBucketLocation
request resides in a non-default service region, the response indicates the name of the service region - eu-central-2
or eu-south-2
.GetBucketLocation
request resides in the default service region de
, the response returns a null or empty value.IONOS S3 Object Storage's behavior of returning a null or empty value if the bucket is in the default region
is the same as AWS' implementation of the GetBucketLocation
operation. Some S3 client applications - such as Veeam -
are unable to handle the return of a null or empty region value, and may display an error if the actual default region name
is set within the client application. The work-around is to not set the region in the client application, or else set it
to the AWS default region name: us-east-1
.
Bucket required | string (BucketName) [ 3 .. 63 ] characters The name of the bucket for which to get the location. |
location required | boolean Value: true |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
<?xml version="1.0" encoding="UTF-8"?> <LocationConstraint xmlns="http://s3.amazonaws.com/doc/2006-03-01/">eu-central-2</LocationConstraint>
Retrieves the Object Lock configuration for a bucket.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetBucketObjectLockConfiguration
operation using Bucket Policies.
Bucket required | string The bucket whose lock policy you want to retrieve. |
object-lock required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ObjectLockConfiguration> <ObjectLockEnabled>Enabled</ObjectLockEnabled> <Rule> <DefaultRetention> <Mode>GOVERNANCE</Mode> <Days>10</Days> </DefaultRetention> </Rule> </ObjectLockConfiguration>
Applies an Object Lock configuration on the specified bucket, which requires the Object Lock feature to have been enabled during its creation. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket.
Note:
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutBucketObjectLockConfiguration
operation using Bucket Policies.
Bucket required | string The bucket whose Object Lock configuration you want to create or replace. |
object-lock required | boolean Value: true |
Content-MD5 required | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object A container for an object lock configuration. |
<?xml version="1.0" encoding="UTF-8"?> <ObjectLockConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <ObjectLockEnabled>Enabled</ObjectLockEnabled> <Rule> <DefaultRetention> <Mode>GOVERNANCE</Mode> <Days>15</Days> </DefaultRetention> </Rule> </ObjectLockConfiguration>
Retrieves an object's retention configuration.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetObjectRetention
operation using Bucket Policies.
Bucket required | string The bucket name containing the object whose retention settings you want to retrieve. |
Key required | string non-empty The key name of the object whose retention settings you want to retrieve. |
retention required | boolean Value: true |
versionId | string The version ID of the object whose retention settings you want to retrieve. |
<?xml version="1.0" encoding="UTF-8"?> <Retention xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Mode>GOVERNANCE</Mode> <RetainUntilDate>2023-08-09T09:01:01Z</RetainUntilDate> </Retention>
Places an Object Retention configuration on an object.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutObjectRetention
operation using Bucket Policies.
Bypassing a Governance Retention configuration also requires the s3:BypassGovernanceRetention
permission.
Bucket required | string The name of the bucket that contains the object to which you want to apply the Object Retention configuration. |
Key required | string non-empty The key name of the object to which you want to apply the Object Retention configuration. |
retention required | boolean Value: true |
versionId | string The version ID of the object to which you want to apply the Object Retention configuration. |
x-amz-bypass-governance-retention | boolean Default: false Indicates whether this operation should bypass Governance mode's restrictions. |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object A Retention configuration for an object. |
<?xml version="1.0" encoding="UTF-8"?> <Retention xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Mode>GOVERNANCE</Mode> <RetainUntilDate>2023-08-10T09:01:01Z</RetainUntilDate> </Retention>
null
Gets an object's current Legal Hold status.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetObjectLegalHold
operation using Bucket Policies.
Bucket required | string The bucket name containing the object whose Legal Hold status you want to retrieve. |
Key required | string non-empty The key name of the object whose Legal Hold status you want to retrieve. |
legal-hold required | boolean Value: true |
versionId | string The version ID of the object whose Legal Hold status you want to retrieve. |
<?xml version="1.0" encoding="UTF-8"?> <LegalHold xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Status>ON</Status> </LegalHold>
Applies a Legal Hold configuration to the specified object.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutObjectLegalHold
operation using Bucket Policies.
Bucket required | string The name of the bucket that contains the object on which the Legal Hold must be placed. |
Key required | string non-empty The key name of the object on which you want to place a Legal Hold. |
legal-hold required | boolean Value: true |
versionId | string The version ID of the object on which you want to place a Legal Hold. |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
object Legal Hold configuration for an object. |
<?xml version="1.0" encoding="UTF-8"?> <LegalHold xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Status>ON</Status> </LegalHold>
null
Returns the logging status of a bucket and the permissions users have to view and modify that status. To use GET, you must be the bucket owner.
Bucket required | string The bucket name for which to get the logging information. |
logging required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01"> <LoggingEnabled> <TargetBucket>my-destination-bucket</TargetBucket> <TargetPrefix>mylogs/</TargetPrefix> </LoggingEnabled> </BucketLoggingStatus>
Set the logging parameters for a bucket and to specify permissions for who can view and modify the logging parameters. All logs are saved to buckets in the same IONOS S3 Object Storage Region as the source bucket. To set the logging status of a bucket, you must be the bucket owner.
The bucket owner is automatically granted FULL_CONTROL to all logs. You use the Grantee
request element to grant access to other people. The Permissions
request element specifies the kind of access the grantee has to the logs.
Bucket required | string The name of the bucket for which to set the logging parameters. |
logging required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Container for logging status information. |
<?xml version="1.0" encoding="UTF-8"?> <BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01"> <LoggingEnabled> <TargetBucket>my-destination-bucket</TargetBucket> <TargetPrefix>mylogs/</TargetPrefix> </LoggingEnabled> </BucketLoggingStatus>
Deletes the policy of a specified bucket.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:DeleteBucketPolicy
operation using Bucket Policies.
Note: The bucket owner can always perform this operation, even if the policy explicitly denies access to it.
Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket name. |
policy required | boolean Value: true |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
null
Returns the policy of a specified bucket.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetBucketPolicy
operation using Bucket Policies.
Note: The bucket owner can always perform this operation, even if the policy explicitly denies access to it.
Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket name. |
policy required | boolean Value: true |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
{- "Id": "Delegate certain actions to another user",
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "Delegate certain actions to another user",
- "Action": [
- "s3:ListBucket",
- "s3:PutObject",
- "s3:GetObject"
], - "Effect": "Allow",
- "Resource": [
- "arn:aws:s3:::my-bucket",
- "arn:aws:s3:::my-bucket/*"
], - "Condition": {
- "IpAddress": {
- "aws:SourceIp": [
- "123.123.123.123/32"
]
}
}, - "Principal": {
- "CanonicalUser": "783fa49356820b211a4283526fe24343"
}
}
]
}
Applies a bucket policy to a bucket.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutBucketPolicy
operation using Bucket Policies.
Note: The bucket owner can always perform this operation, even if the policy explicitly denies access to it.
x-amz-confirm-remove-self-bucket-access
header isn't supported.The request body is a JSON-formatted bucket policy containing one or more policy statements. Within a policy's statement blocks, IONOS S3 Object Storage support for policy statement elements and their values is as follows:
Sid
: Custom string identifying the statement. For example, "Statement1" or "Only allow access from specific source IPs".Effect
: "Allow" or "Deny".Principal
:"*"
- Statement applies to all users (also known as "anonymous access").{"CanonicalUser": "<canonicalUserId>"}
- Statement applies to the specified IONOS S3 Object Storage user.{"CanonicalUser": ["<canonicalUserId>", "<canonicalUserId>",...]}
- Statement applies to the specified IONOS S3 Object Storage users.Action
: See section "Supported Action Values".Resource
: Must be one of the following:"arn:aws:s3:::<bucketName>"
- For bucket actions (such as s3:ListBucket
) and bucket subresource actions (such as s3:GetBucketAcl
)."arn:aws:s3:::<bucketName>/*"
or "arn:aws:s3:::<bucketName>/<objectName>"
- For object actions (such as s3:PutObject
).Condition
: See section "Supported Condition Values".Within the bucket policy statements, IONOS S3 Object Storage supports only the Action values listed below (also known as permission keywords).
IONOS S3 Object Storage supports the use of a wildcard in your Action configuration ("Action":["s3:*"]
).
When an Action wildcard is used together with an object-level Resource element ("arn:aws:s3:::<bucketName>/*"
or "arn:aws:s3:::<bucketName>/<objectName>"
), the wildcard denotes all supported Object actions.
When an Action wildcard is used together with bucket-level Resource element ("arn:aws:s3:::<bucketName>"
),
the wildcard denotes all the bucket actions and bucket subresource actions that IONOS S3 Object Storage supports.
Bucket Actions
Bucket Subresource Actions
Object actions
Within the bucket policy statements, IONOS S3 Object Storage supports only the following condition operators and keys.
Condition Operators
Condition Keys
Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket name. |
policy required | boolean Value: true |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
Policy required | string <json> The bucket policy as a JSON document. |
{- "Id": "Delegate certain actions to another user",
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "Delegate certain actions to another user",
- "Action": [
- "s3:ListBucket",
- "s3:PutObject",
- "s3:GetObject"
], - "Effect": "Allow",
- "Resource": [
- "arn:aws:s3:::my-bucket",
- "arn:aws:s3:::my-bucket/*"
], - "Condition": {
- "IpAddress": {
- "aws:SourceIp": [
- "123.123.123.123/32"
]
}
}, - "Principal": {
- "CanonicalUser": "783fa49356820b211a4283526fe24343"
}
}
]
}
null
Retrieves the policy status of a bucket, indicating whether the bucket is public.
IONOS S3 Object Storage considers a bucket policy to be "public" if any statement in the policy is public.
A statement is considered public if the Effect
is Allow
and the Principal
has a wildcard -- unless there
is an IpAddress:{aws:SourceIp}
condition associated with the statement that restricts the requesting
source IP to one or more specified IP addresses.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetBucketPolicyStatus
operation using Bucket Policies.
Bucket required | string (BucketName) [ 3 .. 63 ] characters The bucket name. |
policyStatus required | boolean Value: true |
x-amz-expected-bucket-owner | string (x-amz-expected-bucket-owner) The Canonical ID of the expected bucket owner. If the bucket is owned
by a different user, the request will fail with an HTTP |
<?xml version="1.0" encoding="UTF-8"?> <PolicyStatus> <IsPublic>false</IsPublic> </PolicyStatus>
Deletes the replication configuration from the bucket.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutReplicationConfiguration
operation using Bucket Policies.
Bucket required | string The bucket name. |
replication required | boolean Value: true |
Returns the replication configuration of a bucket.
The replication configuration may take a while to propagate to all IONOS S3 Object Storage systems. For example, when you apply a new configuration with a PUT request or delete a configuration using a DELETE request. Similarly, a GET request may retrieve the previous state of the configuration, or it may still exist if you use a DELETE request.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetReplicationConfiguration
operation using Bucket Policies.
The following options are not supported: DeleteMarkerReplication
, EncryptionConfiguration
, ReplicationTime
, ExistingObjectReplication
,
Filter
(use Prefix
instead), Priority
, SourceSelectionCriteria
, AccessControlTranslation
, Account
, and Metrics
.
Bucket required | string The bucket name for retrieving replication configuration. |
replication required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ReplicationConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Role>this field is ignored</Role> <Rule> <ID>My rule for replication</ID> <Status>Enabled</Status> <Prefix></Prefix> <Destination> <Bucket>arn:aws:s3:::my-destination-bucket</Bucket> </Destination> </Rule> </ReplicationConfiguration>
Creates a replication configuration or replaces an existing one. Once configured, the system will automatically replicate objects in a bucket to another bucket, asynchronously.
Include the replication configuration in the request body, ensuring it contains at least one and no more than 1,000 rules.
Each rule serves to identify a subset of objects for replication by filtering objects in the source bucket.
For each additional object subset for replication, incorporate a new rule. Prefixes used in the Filter
tags must be unique.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutReplicationConfiguration
operation using Bucket Policies.
The following options are not supported: DeleteMarkerReplication
, EncryptionConfiguration
, ReplicationTime
, ExistingObjectReplication
,
Filter
(use Prefix
instead), Priority
, SourceSelectionCriteria
, AccessControlTranslation
, Account
, and Metrics
.
Bucket required | string The name of the bucket |
replication required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object A container for replication rules. You can add up to 1000 rules. The maximum size of a replication configuration is 2 MB. |
<?xml version="1.0" encoding="UTF-8"?> <ReplicationConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Role>this field is ignored</Role> <Rule> <ID>My rule for replication</ID> <Status>Enabled</Status> <Prefix></Prefix> <Destination> <Bucket>arn:aws:s3:::my-destination-bucket</Bucket> </Destination> </Rule> </ReplicationConfiguration>
Deletes the tags from the bucket.
To use this operation, you must have permission to perform the PutBucketTagging
operation. By default, the bucket owner has this permission and can grant this permission to others.
Bucket required | string The bucket that has the tag set to be removed. |
tagging required | boolean Value: true |
Returns the tag set associated with the bucket.
To use this operation, you must have permission to perform the GetBucketTagging
operation. By default, the bucket owner has this permission and can grant this permission to others.
GetBucketTagging
has the following special error:
Error code: NoSuchTagSetError
Description: There is no tag set associated with the bucket.
Bucket required | string The name of the bucket for which to get the tagging information. |
tagging required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
Sets the tags for a bucket.
When this operation sets the tags for a bucket, it will overwrite any current tags the bucket already has. You cannot use this operation to add tags to an existing list of tags.
To use this operation, you must have permissions to perform the PutBucketTagging
operation. The bucket owner has this permission by default and can grant this permission to others.
PutBucketTagging
has the following special errors:
Error code: InvalidTagError
Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation.
Error code: MalformedXMLError
Description: The XML provided does not match the schema.
Error code: OperationAbortedError
Description: A conflicting conditional operation is currently in progress against this resource. Please try again.
Error code: InternalError
Description: The service was unable to apply the provided tag to the bucket.
Bucket required | string The bucket name. |
tagging required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Container for |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
Removes the entire tag set from the specified object.
To use this operation, you must have permission to perform the DeleteObjectTagging
operation.
To delete tags of a specific object version, add the versionId
query parameter in the request. You will need permission for the DeleteObjectVersionTagging
operation.
Bucket required | string The bucket name containing the objects from which to remove the tags. |
Key required | string non-empty The key that identifies the object in the bucket from which to remove all tags. |
versionId | string The versionId of the object that the tag-set will be removed from. |
tagging required | boolean Value: true |
Returns the tag-set of an object. You send the GET request against the tagging subresource associated with the object.
To use this operation, you must have permission to perform the GetObjectTagging
operation. By default, the GET operation returns information about current version of an object. For a versioned bucket, you can have multiple versions of an object in your bucket. To retrieve tags of any other version, use the versionId query parameter. You also need permission for the GetObjectVersionTagging
operation.
By default, the bucket owner has this permission and can grant this permission to others.
Bucket required | string The bucket name containing the object for which to get the tagging information. |
Key required | string non-empty Object key for which to get the tagging information. |
versionId | string The versionId of the object for which to get the tagging information. |
tagging required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
Sets the supplied tag-set to an object that already exists in a bucket.
A tag is a key-value pair. You can associate tags with an object by sending a PUT request against the tagging subresource that is associated with the object. You can retrieve tags by sending a GET request.
Note that IONOS S3 Object Storage limits the maximum number of tags to 10 tags per object.
To use this operation, you must have permission to perform the PutObjectTagging
operation. By default, the bucket owner has this permission and can grant this permission to others.
To put tags of any other version, use the versionId
query parameter. You also need permission for the PutObjectVersionTagging
operation.
Special Errors
Code: InvalidTagError
Cause: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation.
Code: MalformedXMLError
Cause: The XML provided does not match the schema.
Code: OperationAbortedError
Cause: A conflicting conditional operation is currently in progress against this resource. Please try again.
Code: InternalError
Cause: The service was unable to apply the provided tag to the object.
Bucket required | string The bucket name containing the object. |
Key required | string non-empty Name of the object key. |
versionId | string The versionId of the object that the tag-set will be added to. |
tagging required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Container for |
<?xml version="1.0" encoding="UTF-8"?> <Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <TagSet> <Tag> <Key>Project</Key> <Value>Project 1</Value> </Tag> <Tag> <Key>Client</Key> <Value>Client 1</Value> </Tag> </TagSet> </Tagging>
This operation aborts a multipart upload. After a multipart upload is aborted, no additional parts can be uploaded using that upload ID. The storage consumed by any previously uploaded parts will be freed. However, if any part uploads are currently in progress, those part uploads might or might not succeed. As a result, it might be necessary to abort a given multipart upload multiple times in order to completely free all storage consumed by all parts.
Bucket required | string The bucket name to which the upload was taking place. |
Key required | string non-empty Key of the object for which the multipart upload was initiated. Possible values: length ≥ 1 |
uploadId required | string Upload ID that identifies the multipart upload. |
Completes a multipart upload by assembling previously uploaded parts.
After successfully uploading all relevant parts of an upload, you call this operation to complete the upload. When IONOS S3 Object Storage receives this request, it concatenates all the parts in ascending order by part number to create a new object. The parts list must be included in the Complete Multipart Upload request. You must ensure that the parts list is complete. This operation concatenates the parts that you provide in the list. For each part in the list, you must provide the part number and the ETag
value, returned after that part was uploaded.
A Complete Multipart Upload request could take several minutes to process. After IONOS S3 Object Storage begins processing the request, it sends an HTTP response header indicating a 200 OK response. While processing is in progress, IONOS S3 Object Storage sends white space characters on a regular basis to keep the connection from timing out. Because a request may fail after receiving the initial 200 OK response, it is advisable to check the response body to establish whether the request was successful.
CompleteMultipartUpload
has the following special errors:
Error code: EntityTooSmall
Description: Your proposed upload is smaller than the minimum allowed object size. Each part must be at least 5 MB in size, except the last part.
400 Bad Request
Error code: InvalidPart
Description: One or more of the specified parts could not be found. The part might not have been uploaded, or the specified entity tag might not have matched the part's entity tag.
400 Bad Request
Error code: InvalidPartOrder
Description: The list of parts was not in ascending order. The parts list must be specified in order by part number.
400 Bad Request
Error code: NoSuchUpload
Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed.
404 Not Found
Bucket required | string Name of the bucket to which the multipart upload was initiated. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
uploadId required | string ID for the initiated multipart upload. |
object The container for the completed multipart upload details. |
<CompleteMultipartUpload> <Part> <PartNumber>1</PartNumber> <ETag>"e5f418115de697af0d466b971e24f3ef"</ETag> </Part> <Part> <PartNumber>2</PartNumber> <ETag>"b14f0bc5827d7168afc8b4c1ef3b7899"</ETag> </Part> <Part> <PartNumber>3</PartNumber> <ETag>"c597dd54bd9338b1f1814a3813bd731d"</ETag> </Part> </CompleteMultipartUpload>
<?xml version="1.0" encoding="UTF-8"?> <CompleteMultipartUploadResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Location>my-bucket/video.mp4</Location> <Bucket>my-bucket</Bucket> <Key>video.mp4</Key> <ETag>"afc02e5be55ba0d2336909c1567dbcf9-3"</ETag> </CompleteMultipartUploadResult>
Lists the parts that have been uploaded for a specific multipart upload. This operation must include the upload ID, which you obtain by sending the initiate multipart upload request. This request returns a maximum of 1,000 uploaded parts. The default number of parts returned is 1,000 parts. You can restrict the number of parts returned by specifying the max-parts
request parameter. If your multipart upload consists of more than 1,000 parts, the response returns an IsTruncated
field with the value of true, and a NextPartNumberMarker
element. In subsequent ListParts
requests you can include the part-number-marker query string parameter and set its value to the NextPartNumberMarker
field value from the previous response.
Bucket required | string The name of the bucket to which the parts are being uploaded. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
max-parts | integer Sets the maximum number of parts to return. |
part-number-marker | integer Specifies the part after which listing should begin. Only parts with higher part numbers will be listed. |
uploadId required | string Upload ID identifying the multipart upload whose parts are being listed. |
PartNumberMarker | string Pagination token |
<?xml version="1.0" encoding="UTF-8"?> <ListPartsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Bucket>dmitry</Bucket> <Key>mytext.txt</Key> <UploadId>M2Y1YjZhODgwODE2OTM0MTE0NzU3MjM</UploadId> <Initiator> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> <DisplayName></DisplayName> </Initiator> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> <DisplayName></DisplayName> </Owner> <StorageClass>STANDARD</StorageClass> <PartNumberMarker>0</PartNumberMarker> <MaxParts>4</MaxParts> <IsTruncated>false</IsTruncated> <Part> <PartNumber>1</PartNumber> <LastModified>2023-08-30T16:04:35.723Z</LastModified> <ETag>"e5f418115de697af0d466b971e24f3ef"</ETag> <Size>37</Size> </Part> <Part> <PartNumber>2</PartNumber> <LastModified>2023-08-30T16:04:35.723Z</LastModified> <ETag>"b14f0bc5827d7168afc8b4c1ef3b7899"</ETag> <Size>81</Size> </Part> <Part> <PartNumber>3</PartNumber> <LastModified>2023-08-30T16:04:35.723Z</LastModified> <ETag>"c597dd54bd9338b1f1814a3813bd731d"</ETag> <Size>33</Size> </Part> </ListPartsResult>
Uploads a part in a multipart upload.
In this operation, you provide part data in your request. However, you have an option to specify your existing IONOS S3 Object Storage object as a data source for the part you are uploading. To upload a part from an existing object, you use the UploadPartCopy
operation.
You must initiate a multipart upload (see CreateMultipartUpload
) before you can upload any part. In response to your initiate request, IONOS S3 Object Storage returns an upload ID, a unique identifier, that you must include in your upload part request.
Part numbers can be any number from 1 to 10,000, inclusive. A part number uniquely identifies a part and also defines its position within the object being created. If you upload a new part using the same part number that was used with a previous part, the previously uploaded part is overwritten. Each part must be at least 5 MB in size, except the last part. There is no size limit on the last part of your multipart upload.
To ensure that data is not corrupted when traversing the network, specify the Content-MD5
header in the upload part request. IONOS S3 Object Storage checks the part data against the provided MD5 value. If they do not match, IONOS S3 Object Storage returns an error.
If the upload request is signed with Signature Version 4, then IONOS S3 Object Storage S3 uses the x-amz-content-sha256
header as a checksum instead of Content-MD5
.
Note: After you initiate multipart upload and upload one or more parts, you must either complete or abort multipart upload in order to stop getting charged for storage of the uploaded parts. Only after you either complete or abort multipart upload, IONOS S3 Object Storage frees up the parts storage and stops charging you for the parts storage.
Bucket required | string The name of the bucket to which the multipart upload was initiated. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
partNumber required | integer Part number of part being uploaded. This is a positive integer between 1 and 10,000. |
uploadId required | string Upload ID identifying the multipart upload whose part is being uploaded. |
Content-Length | integer Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
Body | string Object data. |
This operation initiates a multipart upload and returns an upload ID. This upload ID is used to associate all of the parts in the specific multipart upload. You specify this upload ID in each of your subsequent upload part requests. You also include this upload ID in the final request to either complete or abort the multipart upload request.
Bucket required | string The name of the bucket to which to initiate the upload |
Key required | string non-empty Object key for which the multipart upload is to be initiated. |
uploads required | boolean Value: true |
x-amz-acl | string Enum: "private" "public-read" "public-read-write" "authenticated-read" "log-delivery-write" "bucket-owner-read" "bucket-owner-full-control" The canned ACL to apply to the object. |
Cache-Control | string Specifies caching behavior along the request/reply chain. |
Content-Disposition | string Specifies presentational information for the object. |
Content-Encoding | string Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. |
Content-Type | string A standard MIME type describing the format of the object data. |
Expires | string <date-time> The date and time at which the object is no longer cacheable. |
x-amz-grant-full-control | string Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. |
x-amz-grant-read | string Allows grantee to read the object data and its metadata. |
x-amz-grant-read-acp | string Allows grantee to read the object ACL. |
x-amz-grant-write-acp | string Allows grantee to write the ACL for the applicable object. |
x-amz-server-side-encryption | string Value: "AES256" The server-side encryption algorithm used when storing this object in IONOS S3 Object Storage (AES256). |
x-amz-storage-class | string Value: "STANDARD" IONOS S3 Object Storage uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. |
x-amz-website-redirect-location | string If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. IONOS S3 Object Storage stores the value of this header in the object metadata. |
x-amz-server-side-encryption-customer-algorithm | string Specifies the algorithm to use to when encrypting the object (AES256). |
x-amz-server-side-encryption-customer-key | string <password> Specifies the customer-provided encryption key for IONOS S3 Object Storage to use in encrypting data. This value is used to store the object and then it is discarded; IONOS S3 Object Storage does not store the encryption key. The key must be appropriate for use with the algorithm specified in the |
x-amz-server-side-encryption-customer-key-MD5 | string Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. IONOS S3 Object Storage uses this header for a message integrity check to ensure that the encryption key was transmitted without error. |
x-amz-object-lock-mode | string Enum: "GOVERNANCE" "COMPLIANCE" Specifies the Object Lock mode that you want to apply to the uploaded object. |
x-amz-object-lock-retain-until-date | string <date-time> Specifies the date and time when you want the Object Lock to expire. |
x-amz-object-lock-legal-hold | string Enum: "ON" "OFF" Specifies whether you want to apply a Legal Hold to the uploaded object. |
x-amz-meta- | string (MetadataValue) A map of metadata to store with the object in S3. |
<?xml version="1.0" encoding="UTF-8"?> <InitiateMultipartUploadResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Bucket>my-bucket</Bucket> <Key>video.mp4</Key> <UploadId>M2ZiOTBhODgxNDE2OTM0MDU0NzQwNjQ</UploadId> </InitiateMultipartUploadResult>
This operation lists in-progress multipart uploads. An in-progress multipart upload is a multipart upload that has been initiated using the Initiate Multipart Upload request, but has not yet been completed or aborted.
This operation returns at most 1,000 multipart uploads in the response. 1,000 multipart uploads is the maximum number of uploads a response can include, which is also the default value. You can further limit the number of uploads in a response by specifying the max-uploads
parameter in the response. If additional multipart uploads satisfy the list criteria, the response will contain an IsTruncated
element with the value true. To list the additional multipart uploads, use the key-marker
and upload-id-marker
request parameters.
In the response, the uploads are sorted by key. If your application has initiated more than one multipart upload using the same object key, then uploads in the response are first sorted by key. Additionally, uploads are sorted in ascending order within each key by the upload initiation time.
Bucket required | string The name of the bucket to which the multipart upload was initiated. |
delimiter | string Character you use to group keys. All keys that contain the same string between the prefix, if specified, and the first occurrence of the delimiter after the prefix are grouped under a single result element, |
encoding-type | string Value: "url" |
key-marker | string Together with upload-id-marker, this parameter specifies the multipart upload after which listing should begin. If If |
max-uploads | integer Sets the maximum number of multipart uploads, from 1 to 1,000, to return in the response body. 1,000 is the maximum number of uploads that can be returned in a response. |
prefix | string Lists in-progress uploads only for those keys that begin with the specified prefix. You can use prefixes to separate a bucket into different grouping of keys. (You can think of using prefix to make groups in the same way you'd use a folder in a file system.) |
upload-id-marker | string Together with key-marker, specifies the multipart upload after which listing should begin. If key-marker is not specified, the upload-id-marker parameter is ignored. Otherwise, any multipart uploads for a key equal to the key-marker might be included in the list only if they have an upload ID lexicographically greater than the specified |
MaxUploads | string Pagination limit |
KeyMarker | string Pagination token |
UploadIdMarker | string Pagination token |
uploads required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ListMultipartUploadsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Bucket>my-bucket</Bucket> <KeyMarker/> <UploadIdMarker/> <NextKeyMarker/> <NextUploadIdMarker/> <MaxUploads>1000</MaxUploads> <IsTruncated>false</IsTruncated> <Upload> <Key>video.mp4</Key> <UploadId>M2ZiOTBhODgxNDE2OTM0MDU0NzQwNjQ</UploadId> <Initiator> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> <DisplayName></DisplayName> </Initiator> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> <DisplayName></DisplayName> </Owner> <StorageClass>STANDARD</StorageClass> <Initiated>2023-08-30T14:24:34.064Z</Initiated> </Upload> </ListMultipartUploadsResult>
Uploads a part by copying data from an existing object as data source. You specify the data source by adding the request header x-amz-copy-source
in your request and a byte range by adding the request header x-amz-copy-source-range
in your request.
The minimum allowable part size for a multipart upload is 5 MB.
Instead of using an existing object as part data, you might use the UploadPart
operation and provide data in your request.
You must initiate a multipart upload before you can upload any part. In response to your initiate request. IONOS S3 Object Storage returns a unique identifier, the upload ID, that you must include in your upload part request.
Bucket required | string The bucket name. |
Key required | string non-empty Object key for which the multipart upload was initiated. |
partNumber required | integer Part number of part being copied. This is a positive integer between 1 and 10,000. |
uploadId required | string Upload ID identifying the multipart upload whose part is being copied. |
x-amz-copy-source required | string\/.+\/.+ Specifies the source object for the copy operation. |
x-amz-copy-source-if-match | string Copies the object if its entity tag (ETag) matches the specified tag. |
x-amz-copy-source-if-modified-since | string <date-time> Copies the object if it has been modified since the specified time. |
x-amz-copy-source-if-none-match | string Copies the object if its entity tag (ETag) is different than the specified ETag. |
x-amz-copy-source-if-unmodified-since | string <date-time> Copies the object if it hasn't been modified since the specified time. |
x-amz-copy-source-range | string The range of bytes to copy from the source object. The range value must use the form bytes=first-last, where the first and last are the zero-based byte offsets to copy. For example, bytes=0-9 indicates that you want to copy the first 10 bytes of the source. You can copy a range only if the source object is greater than 5 MB. |
x-amz-server-side-encryption-customer-algorithm | string Value: "AES256" Specifies the algorithm to use to when encrypting the object (AES256). |
Returns metadata about all versions of the objects in a bucket. You can also use request parameters as selection criteria to return metadata about a subset of all the object versions.
To use this operation, you must have permissions to perform the ListBucketVersions
operation. Be aware of the name difference.
A 200 OK response can contain valid or invalid XML. Make sure to design your application to parse the contents of the response and handle it appropriately.
To use this operation, you must have READ access to the bucket.
Bucket required | string The bucket name that contains the objects. |
delimiter | string A delimiter is a character that you specify to group keys. All keys that contain the same string between the |
encoding-type | string Value: "url" |
key-marker | string Specifies the key to start with when listing objects in a bucket. |
max-keys | integer Sets the maximum number of keys returned in the response. By default the operation returns up to 1,000 key names. The response might contain fewer keys but will never contain more. If additional keys satisfy the search criteria, but were not returned because max-keys was exceeded, the response contains <isTruncated>true</isTruncated>. To return the additional keys, see key-marker and version-id-marker. |
prefix | string Use this parameter to select only those keys that begin with the specified prefix. You can use prefixes to separate a bucket into different groupings of keys. (You can think of using prefix to make groups in the same way you'd use a folder in a file system.) You can use prefix with delimiter to roll up numerous objects into a single result under CommonPrefixes. |
version-id-marker | string Specifies the object version you want to start listing from. |
MaxKeys | string Pagination limit |
KeyMarker | string Pagination token |
VersionIdMarker | string Pagination token |
versions required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <ListVersionsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Name>my-bucket</Name> <Prefix/> <KeyMarker/> <VersionIdMarker/> <MaxKeys>1000</MaxKeys> <IsTruncated>false</IsTruncated> <DeleteMarker> <Key>object-1.zip</Key> <VersionId>fe11db05-dc03-a0cf-94b0-3cecef38a474</VersionId> <IsLatest>true</IsLatest> <LastModified>2023-07-17T23:32:05.923Z</LastModified> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea8f</ID> </Owner> </DeleteMarker> <Version> <Key>object-1.zip</Key> <VersionId>null</VersionId> <IsLatest>false</IsLatest> <LastModified>2023-02-20T16:24:08.841Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>3</Size> <ETag>"698d51a19d8a121ce581499d7b701668"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </Version> <DeleteMarker> <Key>index.html</Key> <VersionId>fe11d973-96c2-558f-9f29-3cecef38a77e</VersionId> <IsLatest>true</IsLatest> <LastModified>2023-07-19T23:31:39.799Z</LastModified> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </DeleteMarker> <Version> <Key>index.html</Key> <VersionId>fe11de8c-e25b-ccbf-8f45-3cecef38a472</VersionId> <IsLatest>false</IsLatest> <LastModified>2023-07-13T11:47:59.732Z</LastModified> <StorageClass>STANDARD</StorageClass> <Size>3284412</Size> <ETag>"3228a3a58d8e13a2e83f6e19e8d540eb"</ETag> <Owner> <ID>fb201d53c82788a9ed3208e1fe6eea2f</ID> </Owner> </Version> </ListVersionsResult>
Returns the versioning state of a bucket.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:GetBucketVersioning
operation using Bucket Policies.
Bucket required | string The name of the bucket for which to get the versioning information. |
versioning required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <VersioningConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Status>Enabled</Status> </VersioningConfiguration>
Configures the versioning state of an S3 bucket. Versioning allows keeping multiple variants of an object in the same bucket.
The versioning state can be one of the following:
Enabled
: Activates versioning for the bucket. All objects added receive a unique version ID.Suspended
: Deactivates versioning. New objects get a null version ID. However, previously created version IDs persist.With Versioning, a bucket maintains one current version of an object and potentially multiple noncurrent (previous) versions, requiring additional management to handle noncurrent object version deletions using a Lifecycle Configuration.
You must be the bucket owner to perform this operation. If not, the bucket owner can grant you permission
to perform the s3:PutBucketVersioning
operation using Bucket Policies.
x-amz-mfa
header is not supported.MfaDelete
setting is ignored in the PUT request.Bucket required | string The bucket name. |
versioning required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Describes the versioning state of the bucket. |
<?xml version="1.0" encoding="UTF-8"?> <VersioningConfiguration> <Status>Enabled</Status> <MfaDelete>Disabled</MfaDelete> </VersioningConfiguration>
This operation removes the website configuration for a bucket. IONOS S3 Object Storage returns a 200 OK
response upon successfully deleting a website configuration on the specified bucket. You will get a 200 OK
response if the website configuration you are trying to delete does not exist on the bucket. IONOS S3 Object Storage returns a 404
response if the bucket specified in the request does not exist.
This DELETE operation requires the DeleteBucketWebsite
permission. By default, only the bucket owner can delete the website configuration attached to a bucket. However, bucket owners can grant other users permission to delete the website configuration by writing a bucket policy granting them the DeleteBucketWebsite
permission.
Bucket required | string The bucket name for which you want to remove the website configuration. |
website required | boolean Value: true |
Returns the website configuration for a bucket.
This GET operation requires the GetBucketWebsite
permission. By default, only the bucket owner can read the bucket website configuration. However, bucket owners can allow other users to read the website configuration by writing a bucket policy granting them the GetBucketWebsite
permission.
Bucket required | string The bucket name for which to get the website configuration. |
website required | boolean Value: true |
<?xml version="1.0" encoding="UTF-8"?> <WebsiteConfiguration xmlns="xmlns='http://s3.amazonaws.com/doc/2006-03-01/'"> <IndexDocument> <Suffix>index.html</Suffix> </IndexDocument> <ErrorDocument> <Key>error.html</Key> </ErrorDocument> </WebsiteConfiguration>
Sets the configuration of the website that is specified in the website
subresource. To configure a bucket as a website, you can add this subresource on the bucket with website configuration information such as the file name of the index document and any redirect rules.
This PUT operation requires the PutBucketWebsite
permission. By default, only the bucket owner can configure the website attached to a bucket; however, bucket owners can allow other users to set the website configuration by writing a bucket policy that grants them the PutBucketWebsite
permission.
To redirect all website requests sent to the bucket's website endpoint, you add a website configuration with the following elements. Because all requests are sent to another website, you don't need to provide index document name for the bucket.
WebsiteConfiguration
RedirectAllRequestsTo
HostName
Protocol
If you want granular control over redirects, you can use the following elements to add routing rules that describe conditions for redirecting requests and information about the redirect destination. In this case, the website configuration must provide an index document for the bucket, because some requests might not be redirected.
WebsiteConfiguration
IndexDocument
Suffix
ErrorDocument
Key
RoutingRules
RoutingRule
Condition
HttpErrorCodeReturnedEquals
KeyPrefixEquals
Redirect
Protocol
HostName
ReplaceKeyPrefixWith
ReplaceKeyWith
HttpRedirectCode
Bucket required | string The bucket name. |
website required | boolean Value: true |
Content-MD5 | string The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864. |
required | object Specifies website configuration parameters for an IONOS S3 Object Storage bucket. |
<?xml version="1.0" encoding="UTF-8"?> <WebsiteConfiguration xmlns="xmlns='http://s3.amazonaws.com/doc/2006-03-01/'"> <IndexDocument> <Suffix>index.html</Suffix> </IndexDocument> <ErrorDocument> <Key>error.html</Key> </ErrorDocument> </WebsiteConfiguration>