Changes to S3 REST API support

Contributors netapp-perveilerk netapp-madkat

You should be aware of changes to the StorageGRID system’s support for the S3 REST API.

Release Comments


  • Added support for using the partNumber request parameter in GET Object and HEAD Object requests.

  • Added support for a default retention mode and a default retention period at the bucket level for S3 Object Lock.

  • Added support for the s3:object-lock-remaining-retention-days policy condition key to set the range of allowable retention periods for your objects.

  • The maximum recommended size for a single PUT Object operation is now 5 GiB (5,368,709,120 bytes). If you have objects that are larger than 5 GiB, use multipart upload instead.

Important In StorageGRID 11.6, the maximum supported size for a single PUT Object operation remains 5 TiB (5,497,558,138,880 bytes). However, the S3 PUT Object size too large alert will be triggered if you attempt to upload an object that exceeds 5 GiB.


  • Added support for managing bucket encryption.

  • Added support for S3 Object Lock and deprecated legacy Compliance requests.

  • Added support for using DELETE Multiple Objects on versioned buckets.

  • The Content-MD5 request header is now correctly supported.


  • Added support for DELETE Bucket tagging, GET Bucket tagging, and PUT Bucket tagging. Cost allocation tags are not supported.

  • For buckets created in StorageGRID 11.4, restricting object key names to meet performance best practices is no longer required.

  • Added support for bucket notifications on the s3:ObjectRestore:Post event type.

  • AWS size limits for multipart parts are now enforced. Each part in a multipart upload must be between 5 MiB and 5 GiB. The last part can be smaller than 5 MiB.

  • Added support for TLS 1.3, and updated list of supported TLS cipher suites.

  • The CLB service is deprecated.


  • Added support for server-side encryption of object data with customer-provided keys (SSE-C).

  • Added support for DELETE, GET, and PUT Bucket lifecycle operations (Expiration action only) and for the x-amz-expiration response header.

  • Updated PUT Object, PUT Object - Copy, and Multipart Upload to describe the impact of ILM rules that use synchronous placement at ingest.

  • Updated list of supported TLS cipher suites. TLS 1.1 ciphers are no longer supported.


Added support for POST Object restore for use with Cloud Storage Pools. Added support for using the AWS syntax for ARN, policy condition keys, and policy variables in group and bucket policies. Existing group and bucket policies that use the StorageGRID syntax will continue to be supported.

Note: Uses of ARN/URN in other configuration JSON/XML, including those used in custom StorageGRID features, have not changed.


Added support for Cross-Origin Resource Sharing (CORS), HTTP for S3 client connections to grid nodes, and compliance settings on buckets.


Added support for configuring platform services (CloudMirror replication, notifications, and Elasticsearch search integration) for buckets. Also added support for object tagging location constraints for buckets, and the Available consistency control setting.


Added support for ILM scanning changes to versioning, Endpoint Domain Names page updates, conditions and variables in policies, policy examples, and the PutOverwriteObject permission.


Added support for versioning.


Added support for group and bucket access policies, and for multipart copy (Upload Part - Copy).


Added support for multipart upload, virtual hosted-style requests, and v4 authentication.


Initial support of the S3 REST API by the StorageGRID system.The currently supported version of the Simple Storage Service API Reference is 2006-03-01.