S3
KakaoCloud's Object Storage provides compatibility with the S3 API.
Before you start
For prerequisites required to use the API, refer to the API preparation guide.
Compatible S3 tools and SDK versions
KakaoCloud supports compatibility with the following versions of S3 SDKs and CLI tools.
Using versions higher than listed may result in failed requests.
Tool | Maximum compatible version |
---|---|
S3 CLI | 2.22.0 |
Python boto3 | 1.35.99 |
JavaScript SDK | v3.726.1 |
Authentication
Temporary credentials
Currently, only AssumeRoleWithWebIdentity
is supported.
You can issue temporary credentials with the same permissions as the token user using an OpenStack token.
The issued credentials inherit the roles of the project where the token was issued.
Request syntax
curl -X POST 'https://objectstorage.kr-central-2.kakaocloud.com/' \
--header 'Accept: */*' \
--header 'Content-Type: application/json' \
--data-raw '{
"Action" : "AssumeRoleWithWebIdentity",
"DurationSeconds" : 1800,
"ProviderId" : "iam.kakaocloud.com",
"WebIdentityToken" : "{x-auth-token}"
}'
Method | Request URL |
---|---|
POST | https://objectstorage.kr-central-2.kakaocloud.com/ |
Request elements
Query | Type | Required | Description |
---|---|---|---|
Action | String | Yes | Type of action to perform. Only AssumeRoleWithWebIdentity is supported. |
DurationSeconds | Int | No | Validity duration for the temporary credentials (in seconds) |
ProviderId | String | No | Identity provider, currently only iam.kakaocloud.com is supported |
WebIdentityToken | String | Yes | Token issued by OpenStack |
Response syntax
<AssumeRoleWithWebIdentityResponse>
<AssumeRoleWithWebIdentityResult>
<SubjectFromWebIdentityToken>{user_id}</SubjectFromWebIdentityToken>
<Credentials>
<SessionToken>{session_token}</SessionToken>
<SecretAccessKey>{session_secret_key}</SecretAccessKey>
<Expiration>{expiration}</Expiration>
<AccessKeyId>{session_access_key}</AccessKeyId>
</Credentials>
<Provider>iam.kakaocloud.com</Provider>
</AssumeRoleWithWebIdentityResult>
<ResponseMetadata>
<RequestId>{request_id}</RequestId>
</ResponseMetadata>
</AssumeRoleWithWebIdentityResponse>
Response elements
Field | Type | Description |
---|---|---|
user_id | String | ID of the user associated with the credentials |
session_token | String | Temporary session token |
session_secret_key | String | Secret access key for the session |
session_access_key | String | Access key ID for the session |
expiration | Timestamp | Expiration time of the temporary credentials |
HTTP status codes
HTTP Status | Message | Description |
---|---|---|
200 | OK | Success |
400 | BadRequest | Invalid request format or parameters |
403 | Forbidden | Permission denied |
Using temporary credentials with S3 requests
Refer to AWS documentation on using temporary credentials with S3.
Issue credentials
You can issue EC2-style credentials via OpenStack's EC2 credential command.
Request syntax
openstack ec2 credentials create --project {project-id}
Argument | Type | Required | Description |
---|---|---|---|
project_id | String | Yes | ID of the project to issue credentials for |
Response syntax
+------------+-----------------+
| Field | Value |
+------------+-----------------+
| access | {access_key_id} |
| project_id | {project_id} |
| secret | {secret_key} |
| user_id | {user_id} |
+------------+-----------------+
Response elements
Field | Type | Description |
---|---|---|
access_key_id | String | Use as aws_access_key_id |
secret_key | String | Use as aws_secret_access_key |
user_id | String | ID of the user who issued the credential |
project_id | String | The project ID the credential is valid for |
The issued access
and secret
can be used as AWS credentials.
Supported features
Note: The ExpectedOwner
feature is not supported.
S3 API support by region
When using CORS features or accessing a publicly available bucket via the S3 endpoint, include your project ID in the URL as shown:
https://objectstorage.kr-central-2.kakaocloud.com/{project-id}:{bucket-name}/{object-path}
Feature | API supported | Description |
---|---|---|
ListBuckets | Supported | |
SecurityTokenService | Partially supported | AssumeRoleWithWebIdentity only |
HeadBucket | Supported | |
GetBucketAccelerateConfiguration | ||
GetBucketAcl | Supported | |
GetBucketAnalyticsConfiguration | ||
ListBucketAnalyticsConfigurations | ||
GetBucketCors | ||
GetBucketEncryption | Supported | |
GetBucketIntelligentTieringConfiguration | ||
ListBucketIntelligentTieringConfigurations | ||
GetBucketInventoryConfiguration | ||
ListBucketInventoryConfigurations | ||
GetBucketLifecycle | Supported | |
GetBucketLifecycleConfiguration | Supported | |
GetBucketLocation | Supported | |
GetBucketLogging | Supported | |
GetBucketMetricsConfiguration | ||
ListBucketMetricsConfigurations | ||
GetBucketNotification | ||
GetBucketNotificationConfiguration | ||
GetBucketOwnershipControls | ||
GetBucketPolicy | ||
GetBucketPolicyStatus | ||
GetBucketReplication | ||
GetBucketRequestPayment | ||
GetBucketTagging | ||
GetBucketVersioning | ||
GetBucketWebsite | ||
ListObjectVersions | ||
ListObjectsV2 | Supported | |
GetObjectLockConfiguration | ||
GetPublicAccessBlock | ||
ListMultipartUploads | Supported | |
ListObjects | Supported | |
PutBucketAccelerateConfiguration | ||
PutBucketAcl | Partially supported | 사용자 ID와 AllUsers URI 기반의 설정만 가능 |
PutBucketAnalyticsConfiguration | ||
PutBucketCors | ||
PutBucketEncryption | Partially supported | 버킷이 비어있는 경우에만 설정 가능 |
PutBucketIntelligentTieringConfiguration | ||
PutBucketInventoryConfiguration | ||
PutBucketLifecycle | Partial Supported | |
PutBucketLifecycleConfiguration | Partial Supported | |
PutBucketLogging | Supported | |
PutBucketMetricsConfiguration | ||
PutBucketNotification | ||
PutBucketNotificationConfiguration | ||
PutBucketOwnershipControls | ||
PutBucketPolicy | ||
PutBucketReplication | ||
PutBucketRequestPayment | ||
PutBucketTagging | ||
PutBucketVersioning | ||
PutBucketWebsite | ||
PutObjectLockConfiguration | ||
PutPublicAccessBlock | ||
CreateBucket | Supported | |
DeleteBucketAnalyticsConfiguration | ||
DeleteBucketCors | ||
DeleteBucketEncryption | ||
DeleteBucketIntelligentTieringConfiguration | ||
DeleteBucketInventoryConfiguration | ||
DeleteBucketLifecycle | Supported | |
DeleteBucketLifecycleConfiguration | Supported | |
DeleteBucketMetricsConfiguration | ||
DeleteBucketOwnershipControls | ||
DeleteBucketPolicy | ||
DeleteBucketReplication | ||
DeleteBucketTagging | ||
DeleteBucketWebsite | ||
DeletePublicAccessBlock | ||
DeleteBucket | Supported | |
DeleteObjects | Supported | |
HeadObject | Supported | |
GetObjectAcl | ||
GetObjectAttributes | ||
GetObjectLegalHold | ||
GetObjectRetention | ||
GetObjectTagging | Supported | |
GetObjectTorrent | ||
ListParts | Supported | |
GetObject | Supported | |
PutObjectAcl | ||
PutObjectLegalHold | ||
PutObjectRetention | ||
PutObjectTagging | Supported | |
UploadPartCopy | Supported | |
UploadPart | Supported | |
CopyObject | Supported | |
PutObject | Supported | |
AbortMultipartUpload | Supported | |
DeleteObjectTagging | Supported | |
DeleteObject | Supported | |
CompleteMultipartUpload | Supported | |
CreateMultipartUpload | Supported | |
RestoreObject | ||
SelectObjectContent | ||
WriteGetObjectResponse |
API guide
ListBuckets
Retrieves all buckets created within a project.
API request format
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/ |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash value of the request content |
X-Amz-Date | String | Required | Date and time of the AWS service request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: the calculated signature value (required) |
Request body
This request does not include a body.
Response syntax
If the operation succeeds, the service responds with HTTP 200 OK.
<?xml version="1.0" encoding="UTF-8"?>
<ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Owner>
<DisplayName>String</DisplayName>
<ID>String</ID>
</Owner>
<Buckets>
<Bucket>
<Name>String</Name>
<CreationDate>Timestamp</CreationDate>
</Bucket>
</Buckets>
</ListAllMyBucketsResult>
Response elements
Element | Type | Description |
---|---|---|
DisplayName | String | User ID |
ID | String | Unique user identifier |
Name | String | Bucket name |
CreationDate | Timestamp | Date the bucket was created |
HeadBucket
Checks whether a bucket exists and whether the caller has access to it.
API request format
Method | Request URL |
---|---|
HEAD | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash value of the request content |
X-Amz-Date | String | Required | Date and time of the AWS service request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: the calculated signature value (required) |
Request body
This request does not include a body.
Response syntax
If the operation succeeds, the service responds with HTTP 200 OK.
Response headers
Header | Description |
---|---|
Date | Time the response was generated |
Content-Length | Size of the response body |
Connection | Whether the connection can be reused |
X-Amz-Request-Id | Unique request ID |
X-Rgw-Bytes-Used | Total bytes used |
X-Rgw-Object-Count | Number of objects in the bucket |
X-Rgw-Quota-Bucket-Objects | Not in use |
X-Rgw-Quota-Bucket-Size | Not in use |
X-Rgw-Quota-Max-Buckets | Not in use |
X-Rgw-Quota-User-Objects | Not in use |
X-Rgw-Quota-User-Size | Not in use |
X-Content-Type-Options | Security header to prevent MIME type sniffing |
X-Frame-Options | Security header to prevent clickjacking |
X-XSS-Protection | Security header to detect and mitigate XSS attacks |
Strict-Transport-Security | Security header to enforce HTTPS communication only |
CreateBucket
Creates a bucket.
API request format
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request is sent to the AWS service |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope (required) - SignedHeaders: list of signed headers (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
On success, the service returns an HTTP 200 response.
DeleteBucket
Deletes a bucket.
API request format
Method | Request URL |
---|---|
DELETE | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request is sent to the AWS service |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope (required) - SignedHeaders: list of signed headers (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
On success, the service returns an HTTP 204 response.
GetBucketAcl
Retrieves the role-based access control (ACL) configuration of a bucket.
API request format
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?acl |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request is sent to the AWS service |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope (required) - SignedHeaders: list of signed headers (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
If successful, the service returns an HTTP 200 response.
<AccessControlPolicy>
<Owner>
<ID>string</ID>
<DisplayName>string</DisplayName>
</Owner>
<AccessControlList>
<Grant>
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group">
<ID>string</ID>
<DisplayName>string</DisplayName>
</Grantee>
<Permission>string</Permission>
</Grant>
</AccessControlList>
</AccessControlPolicy>
Response elements
Response | Type | Description |
---|---|---|
DisplayName | String | User ID |
ID | String | Unique user ID |
xsi | String | - CanonicalUser - Group : only AllUsers is supported |
Permission | String | - FULL_CONTROL - WRITE - WRITE_ACP - READ - READ_ACP |
PutBucketAcl
Sets role-based permissions (ACL) for a bucket.
ACL settings can be applied via either headers or the request body.
If both headers and the body contain ACL settings, the settings in the body take precedence.
API request format
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?acl |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | Must be text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request is sent to the AWS service |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope (required) - SignedHeaders: list of signed headers (required) - Signature: signature value (required) |
x-amz-acl | String | Optional | Canned ACL to apply to the bucket - private : does not allow public access. Grants only initial roles and storage.owner , revokes all other permissions - public-read : grants storage.objectReader to all users - public-read-write : grants storage.objectCreator to all users - authenticated-read : grants storage.objectReader to all IAM users |
Content-MD5 | String | Required | Base64-encoded MD5 digest of the request body content |
x-amz-grant-full-control | String | Optional | Grants storage.admin role to a specified user - User ID: id={user uuid} - AllUsers: uri=http://acs.amazonaws.com/groups/global/AllUsers |
x-amz-grant-read | String | Optional | Grants storage.objectReader role to a specified user - User ID: id={user uuid} - AllUsers: uri=http://acs.amazonaws.com/groups/global/AllUsers |
x-amz-grant-read-acp | String | Optional | Grants storage.policyReader role to a specified user - User ID: id={user uuid} - AllUsers: uri=http://acs.amazonaws.com/groups/global/AllUsers |
x-amz-grant-write | String | Optional | Grants storage.objectCreator role to a specified user - User ID: id={user uuid} - AllUsers: uri=http://acs.amazonaws.com/groups/global/AllUsers |
x-amz-grant-write-acp | String | Optional | Grants storage.policyWriter role to a specified user - User ID: id={user uuid} - AllUsers: uri=http://acs.amazonaws.com/groups/global/AllUsers |
Request Body
<AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<AccessControlList>
<Grant>
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
<ID>string</ID>
</Grantee>
<Permission>string</Permission>
</Grant>
</AccessControlList>
</AccessControlPolicy>
Request elements
Request | Type | Required | Description |
---|---|---|---|
ID | String | Optional | User UUID - Either ID or URI must be provided |
URI | String | Optional | Grants permission to the AllUsers group - Either ID or URI must be provided |
xsi | String | Required | - CanonicalUser - Group : only AllUsers is supported |
Permission | String | Optional | - FULL_CONTROL : grants storage.admin role - WRITE : grants storage.objectCreator role - WRITE-ACP : grants storage.policyWriter role - READ : grants storage.objectReader role - READ-ACP : grants storage.policyReader role |
Response syntax
HTTP status | Message | Description |
---|---|---|
200 | OK | Success |
401 | Unauthorized | Permission denied (invalid token) |
403 | Forbidden | No permission to modify |
404 | Not found | Bucket not found |
Get bucket encryption
Retrieves the encryption configuration of the specified bucket.
API request format
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?encryption |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | Must be text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request is sent to the AWS service |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope (required) - SignedHeaders: list of signed headers (required) - Signature: signature value (required) |
Request body
This request does not include a body.
Response syntax
If the request succeeds, the service returns an HTTP 200 response.
<?xml version="1.0" encoding="UTF-8"?>
<ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Rule>
<ApplyServerSideEncryptionByDefault>
<SSEAlgorithm>String</SSEAlgorithm>
</ApplyServerSideEncryptionByDefault>
</Rule>
</ServerSideEncryptionConfiguration>
Response elements
Response | Type | Description |
---|---|---|
SSEAlgorithm | String | AES256 |
PutBucketEncryption
Sets server-side encryption for a bucket.
Note: Encryption can only be enabled if the bucket is empty.
API request format
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?encryption |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-MD5 | String | Required | Base64-encoded MD5 digest of the request body for server-side encryption validation |
Content-Type | String | Required | Must be text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the request body |
X-Amz-Date | String | Required | Date and time the request was sent |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope (required) - SignedHeaders: list of signed headers (required) - Signature: signature value (required) |
Request body
<ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Rule>
<ApplyServerSideEncryptionByDefault>
<SSEAlgorithm>String</SSEAlgorithm>
</ApplyServerSideEncryptionByDefault>
</Rule>
</ServerSideEncryptionConfiguration>
Request elements
Request | Type | Required | Description |
---|---|---|---|
SSEAlgorithm | String | Required | Must be AES256 |
Response syntax
If successful, the service returns an HTTP 200 response.
GetBucketLifecycle
Retrieves the lifecycle configuration settings of a bucket.
API request format
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?lifecycle |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the request body |
X-Amz-Date | String | Required | Date and time of the request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: signature value |
Response syntax
If successful, the service returns an HTTP 200 response.
<?xml version="1.0" encoding="UTF-8"?>
<LifecycleConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Rule>
<Status>string</Status>
<Expiration>
<Days>integer</Days>
</Expiration>
<Filter>
<And>
<Prefix>string</Prefix>
<Tag>
<Key>string</Key>
<Value>string</Value>
</Tag>
</And>
</Filter>
<ID>string</ID>
</Rule>
</LifecycleConfiguration>
Response elements
Response | Type | Description |
---|---|---|
Status | String | - Enabled - Disabled |
Days | Integer | Retention period of the object |
Prefix | String | Prefix of the object name |
Key | String | Tag key |
Value | String | Tag value |
ID | String | Name of the lifecycle policy |
PutBucketLifecycle
Sets lifecycle rules for the specified bucket.
API request format
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?lifecycle |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-MD5 | String | Required | Base64-encoded MD5 digest of the request body |
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the request body |
X-Amz-Date | String | Required | Date and time of the request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: signature value |
Request Body
<?xml version="1.0" encoding="UTF-8"?>
<LifecycleConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Rule>
<Expiration>
<Days>integer</Days>
</Expiration>
<Filter>
<And>
<Prefix>string</Prefix>
<Tag>
<Key>string</Key>
<Value>string</Value>
</Tag>
</And>
</Filter>
<ID>string</ID>
<Status>string</Status>
</Rule>
</LifecycleConfiguration>
Request elements
Request | Type | Required | Description |
---|---|---|---|
Status | String | Required | - Enabled - Disabled |
Days | Integer | Optional | Retention period of the object |
Prefix | String | Required | Prefix of the object name |
Key | String | Required | Tag key |
Value | String | Required | Tag value |
ID | String | Optional | Name of the lifecycle policy |
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
DeleteBucketLifecycle
Deletes all lifecycle settings configured on the specified bucket.
API request format
Method | Request URL |
---|---|
DELETE | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?lifecycle |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the request body |
X-Amz-Date | String | Required | Date and time of the request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: signature value |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 204 response.
GetBucketLocation
Retrieves the region information of the specified bucket.
API request format
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?location |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the request body |
X-Amz-Date | String | Required | Date and time of the request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: signature value |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<?xml version="1.0" encoding="UTF-8"?>
<LocationConstraint xmlns="http://s3.amazonaws.com/doc/2006-03-01/">String</LocationConstraint>
Response Elements
Response | Type | Description |
---|---|---|
Region | String | Region information |
Getobject
Retrieves an object stored in the bucket.
API request format
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: signature value |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response and retrieves the requested object.
ListObjectsV2
Retrieves the list of objects in a bucket.
API request format
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?list-type=2 |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: signature value |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Tenant>String</Tenant>
<Name>String</Name>
<Prefix>String</Prefix>
<MaxKeys>Integer</MaxKeys>
<IsTruncated>Boolean</IsTruncated>
<Contents>
<Key>String</Key>
<LastModified>Timestamp</LastModified>
<ETag>String</ETag>
<Size>Long</Size>
<StorageClass>String</StorageClass>
</Contents>
<KeyCount>Integer</KeyCount>
</ListBucketResult>
Response elements
Response | Type | Description |
---|---|---|
Tenant | String | Project ID |
Name | String | Bucket name |
Prefix | String | Object key prefix |
MaxKeys | Integer | Maximum number of keys returned in the response |
IsTruncated | Boolean | false : all keys returned true : more keys available |
Key | String | Object key |
LastModified | Timestamp | Object creation time |
ETag | String | Object hash value |
Size | Long | Object size |
StorageClass | String | Storage class of the object |
KeyCount | Integer | Number of keys returned in the response |
HeadObject
Retrieves metadata of an object.
API call method
Method | Request URL |
---|---|
HEAD | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey} |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | Set to text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request is made |
Authorization | String | Required | AWS signature version 4 header including credential, signed headers, and signature |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
Response header
Key | Description |
---|---|
Date | Time the response was generated |
Content-Type | Type of the content in the body |
Content-Length | Size of the object |
Connection | Indicates connection reuse |
Accept-Ranges | Allows clients to request specific byte ranges |
ETag | Identifier for detecting changes to the resource |
Last-Modified | Last modified date |
X-Amz-Expiration | Expiration date set by lifecycle policy |
X-Amz-Request-Id | Unique request ID |
X-Rgw-Object-Type | Object type handled by RGW: only normal is used |
X-Content-Type-Options | Header to prevent MIME type sniffing |
X-Frame-Options | Header to prevent click-jacking |
X-XSS-Protection | Header indicating XSS protection behavior |
Strict-Transport-Security | Header enforcing HTTPS communication |
PutObject
Uploads a single object to a bucket.
API call method
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey} |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | Set to text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request is made |
Authorization | String | Required | AWS signature version 4 header including credential, signed headers, and signature |
X-Amz-Tagging | String | Optional | Object tag value (e.g., Key1=Value1&Key2=Value2 ) |
X-Amz-meta-key | String | Optional | Metadata value; replace key with the metadata key name and set the corresponding value |
Request body
Binary data of the file to be uploaded.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
CopyObject
Copies an object within a bucket.
API call method
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey} |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request was made |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: calculated signature |
x-amz-copy-source | String | Required | The object key of the source object to be copied |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<CopyObjectResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<ETag>String</ETag>
<LastModified>Timestamp</LastModified>
</CopyObjectResult>
Response elements
Response | Type | Description |
---|---|---|
ETag | String | Hash value of the object |
LastModified | Timestamp | Object creation timestamp |
DeleteObject
Deletes a single object.
API call method
Method | Request URL |
---|---|
DELETE | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey} |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request was made |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: calculated signature |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 204 response. HTTP/1.1 204
DeleteObjects
Deletes multiple objects in bulk.
API call method
Method | Request URL |
---|---|
POST | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/?delete |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request was made |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope - SignedHeaders: list of signed headers - Signature: calculated signature |
Request body
Enter the keys of the objects to be deleted in the request body.
<Delete xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Object>
<Key>String</Key>
</Object>
<Object>
<Key>String</Key>
</Object>
</Delete>
Request elements
Request | Type | Required | Description |
---|---|---|---|
Key | String | Required | Object key |
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Deleted>
<Key>String</Key>
</Deleted>
<Deleted>
<Key>String</Key>
</Deleted>
</DeleteResult>
Response elements
Response | Type | Required | Description |
---|---|---|---|
Key | String | Required | Object key |
CreateMultipartUpload
Initiates a multipart upload and returns an upload ID.
The upload ID is used to associate all parts of the multipart upload.
API request method
Method | Request URL |
---|---|
POST | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}/?uploads |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<InitiateMultipartUploadResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Tenant>String</Tenant>
<Bucket>String</Bucket>
<Key>multipart2</Key>
<UploadId>2~7HdUyr3lqN3Ze9MwWxCyxqGBVc_2BoU</UploadId>
</InitiateMultipartUploadResult>
Response elements
Response | Type | Description |
---|---|---|
Tenant | String | Project ID |
Bucket | String | Bucket name |
Key | String | Object key to upload |
UploadId | String | Multipart upload ID |
UploadPart
Uploads a part of a multipart upload.
API request method
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}?partNumber={Number}&uploadId={UploadID} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
ListParts
Retrieves the list of parts that have been uploaded for a specific multipart upload.
API request method
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}?uploadId={UploadID} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<ListPartsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Tenant>String</Tenant>
<Bucket>String</Bucket>
<Key>String</Key>
<UploadId>String</UploadId>
<StorageClass>String</StorageClass>
<PartNumberMarker>Integer</PartNumberMarker>
<NextPartNumberMarker>Integer</NextPartNumberMarker>
<MaxParts>Integer</MaxParts>
<IsTruncated>Boolean</IsTruncated>
<Owner>
<ID>String</ID>
<DisplayName>String</DisplayName>
</Owner>
<Part>
<LastModified>Timestamp</LastModified>
<PartNumber>Integer</PartNumber>
<ETag>String</ETag>
<Size>Long</Size>
</Part>
<Part>
<LastModified>Timestamp</LastModified>
<PartNumber>Integer</PartNumber>
<ETag>String</ETag>
<Size>Long</Size>
</Part>
<Part>
<LastModified>Timestamp</LastModified>
<PartNumber>Integer</PartNumber>
<ETag>String</ETag>
<Size>Long</Size>
</Part>
</ListPartsResult>
Response elements
Response | Type | Description |
---|---|---|
Tenant | String | Project ID |
Bucket | String | Bucket name |
Key | String | Object key to upload |
UploadId | String | Multipart upload ID |
StorageClass | String | Storage class |
PartNumberMarker | String | Starting value for the listing; only parts with a higher part number are listed |
NextPartNumberMarker | String | Value indicating the last part listed |
MaxParts | String | Maximum number of parts allowed in the response |
IsTruncated | String | Indicates whether the part list was truncated |
ID | String | Project ID |
DisplayName | String | Project name |
LastModified | String | Upload timestamp of the part |
PartNumber | String | Part identifier number (positive integer between 1 and 10,000) |
ETag | String | Entity tag of the uploaded part |
Size | String | Size of the uploaded part |
ListMultipartUploads
Lists ongoing multipart uploads in the bucket.
An ongoing multipart upload starts with a CreateMultipartUpload
request and remains active until it is either completed or aborted.
API request method
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{Buckets}?uploads&max-uploads={number} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<?xml version="1.0" encoding="UTF-8"?>
<ListMultipartUploadsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Tenant>String</Tenant>
<Bucket>String</Bucket>
<NextKeyMarker>String</NextKeyMarker>
<NextUploadIdMarker>String</NextUploadIdMarker>
<MaxUploads>Integer</MaxUploads>
<IsTruncated>Boolean</IsTruncated>
<Upload>
<Key>String</Key>
<UploadId>String</UploadId>
<Initiator>
<ID>String</ID>
<DisplayName>String</DisplayName>
</Initiator>
<Owner>
<ID>String</ID>
<DisplayName>String</DisplayName>
</Owner>
<StorageClass>String</StorageClass>
<Initiated>Timestamp</Initiated>
</Upload>
</ListMultipartUploadsResult>
Response elements
Response | Type | Description |
---|---|---|
Tenant | String | Project ID |
Bucket | String | Bucket name |
NextKeyMarker | String | Value to use for the key-marker parameter in the next request |
NextUploadIdMarker | String | Value to use for the upload-id-marker parameter in the next request |
MaxUploads | Integer | Maximum number of multipart uploads |
IsTruncated | String | Indicates whether the list of parts was truncated |
Key | String | Object key to be uploaded |
UploadId | String | Multipart upload ID |
ID | String | Project ID |
DisplayName | String | Project name |
StorageClass | String | Storage class |
Initiated | Timestamp | Multipart upload initiation time |
UploadPartCopy
Uploads a part for a multipart upload by copying an object already stored in the bucket to the specified PartNumber
.
API request method
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}?partNumber={number}&uploadId={UploadID} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
x-amz-copy-source | String | Required | Object key to copy as the part |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: signature value (required) |
Request body
This request does not contain a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<?xml version="1.0" encoding="UTF-8"?>
<CopyPartResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<LastModified>Timestamp</LastModified>
<ETag>String</ETag>
</CopyPartResult>
Response elements
Response | Type | Description |
---|---|---|
LastModified | Timestamp | Object upload timestamp |
ETag | String | Object hash value |
CompleteMultipartUpload
Once all parts have been uploaded via CreateMultipartUpload
, the multipart upload can be completed using CompleteMultipartUpload
.
This operation assembles the previously uploaded parts into a single object.
API request method
Method | Request URL |
---|---|
POST | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}?&uploadId={UploadID} |
Request syntax
Request headers
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time of the AWS request |
Authorization | String | Required | AWS Signature Version 4 header - Credential: AWS access key ID and scope (required) - SignedHeaders: list of signed header names (required) - Signature: signature value (required) |
Request Body
<CompleteMultipartUpload xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Part>
<ETag>String</ETag>
<PartNumber>Integer</PartNumber>
</Part>
...
</CompleteMultipartUpload>
Request elements
Request | Type | Required | Description |
---|---|---|---|
ETag | String | Optional | Object hash value |
PartNumber | Integer | Optional | Part identifier (positive integer between 1 and 10,000) |
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<?xml version="1.0" encoding="UTF-8"?>
<CompleteMultipartUploadResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Location>String</Location>
<Tenant>String</Tenant>
<Bucket>String</Bucket>
<Key>String</Key>
<ETag>String</ETag>
</CompleteMultipartUploadResult>
Response elements
Response | Type | Description |
---|---|---|
Location | String | URI that identifies the newly created object |
Tenant | String | Project ID |
Bucket | String | Bucket name |
Key | String | Object key |
ETag | String | Object hash value |
AbortMultipartUpload
Aborts a multipart upload. Once aborted, additional parts cannot be uploaded using the same Upload ID.
API request
Method | Request URL |
---|---|
DELETE | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}?&uploadId={UploadID} |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request was made |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope - SignedHeaders: List of signed header names - Signature: Signature value |
Request body
This request does not include a body.
Response syntax
If the operation is successful, the service returns an HTTP 204 response.
GetObjectTagging
Retrieves the tags associated with an object.
API request
Method | Request URL |
---|---|
GET | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{BucketName}/{ObjectKey}?tagging |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request was made |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope - SignedHeaders: List of signed header names - Signature: Signature value |
Request body
This request does not include a body.
Response syntax
If the operation is successful, the service returns an HTTP 200 response.
<?xml version="1.0" encoding="UTF-8"?>
<Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<TagSet>
<Tag>
<Key>String</Key>
<Value>String</Value>
</Tag>
</TagSet>
</Tagging>
Response elements
Response | Type | Required | Description |
---|---|---|---|
Key | String | Required | Object tag key |
Value | String | Required | Value of the object tag key |
PutObjectTagging
Adds tags to an object. Existing tags will be overwritten.
API request
Method | Request URL |
---|---|
PUT | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}?tagging |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the request was made |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope - SignedHeaders: List of signed header names - Signature: Signature value |
Request body
<Tagging xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<TagSet>
<Tag>
<Key>String</Key>
<Value>String</Value>
</Tag>
</TagSet>
</Tagging>
Request elements
Request | Type | Required | Description |
---|---|---|---|
Key | String | Required | Object tag key |
Value | String | Required | Value of the object tag key |
Response syntax
If successful, the service returns an HTTP 200 response.
DeleteObjectTagging
Deletes the tags of an object.
API request
Method | Request URL |
---|---|
DELETE | https://objectstorage.kr-central-2.kakaocloud.com/{BucketName}/{ObjectKey}?tagging |
Request syntax
Request header
Key | Type | Required | Description |
---|---|---|---|
Content-Type | String | Required | text/html |
X-Amz-Security-Token | String | Required | AWS security token |
X-Amz-Content-Sha256 | String | Required | SHA256 hash of the content |
X-Amz-Date | String | Required | Date and time the AWS service request was sent |
Authorization | String | Required | AWS Signature Version 4 authorization header - Credential: AWS access key ID and credential scope (required) - SignedHeaders: List of signed header names (required) - Signature: Signature value (required) |
Request body
This request does not contain a body.
Response syntax
If successful, the service returns an HTTP 200 response.