S3 REST API supported versions and updates
Contributors
StorageGRID supports the Simple Storage Service (S3) API, which is implemented as a set of Representational State Transfer (REST) web services.
Support for the S3 REST API enables you to connect service-oriented applications developed for S3 web services with on-premise object storage that uses the StorageGRID system. Minimal changes to a client application's current use of S3 REST API calls are required.
Supported versions
StorageGRID supports the following specific versions of S3 and HTTP.
Item |
Version |
|
|
|
For more information about HTTP, see HTTP/1.1 (RFCs 7230-35).
Note: StorageGRID does not support HTTP/1.1 pipelining.
|
Updates to S3 REST API support
Release |
Comments |
|
-
Added support for pre-calculated SHA-256 checksum values for the following requests and supported headers. You can use this feature to verify the integrity of uploaded objects:
-
CompleteMultipartUpload: x-amz-checksum-sha256
-
CreateMultipartUpload: x-amz-checksum-algorithm
-
GetObject: x-amz-checksum-mode
-
HeadObject: x-amz-checksum-mode
-
ListParts
-
PutObject: x-amz-checksum-sha256
-
UploadPart: x-amz-checksum-sha256
-
Added the ability for the grid administrator to control tenant-level retention and Compliance settings. These settings affect S3 Object Lock settings.
-
Bucket default retention mode and object retention mode: Governance or Compliance, if allowed by the grid administrator.
-
Bucket default retention period and object Retain Until Date: Must be less than or equal to what is allowed by the maximum retention period set by grid administrator.
-
Improved support for aws-chunked content encoding and streaming x-amz-content-sha256 values. Limitations:
-
If present, chunk-signature is optional and not validated
-
If present, x-amz-trailer content is ignored
|
|
|
|
-
Added Quick reference: Supported S3 API requests.
-
Added support for using GOVERNANCE mode with S3 Object Lock.
-
Added support for the StorageGRID-specific x-ntap-sg-cgr-replication-status response header for GET Object and HEAD Object requests. This header provides an object's replication status for cross-grid replication.
-
SelectObjectContent requests now support Parquet objects.
|
|
-
Added support for using the partNumber request parameter in GET Object and HEAD Object requests.
-
Added support for a default retention mode and a default retention period at the bucket level for S3 Object Lock.
-
Added support for the s3:object-lock-remaining-retention-days policy condition key to set the range of allowable retention periods for your objects.
-
Changed the maximum recommended size for a single PUT Object operation to 5 GiB (5,368,709,120 bytes). If you have objects that are larger than 5 GiB, use multipart upload instead.
|
|
-
Added support for managing bucket encryption.
-
Added support for S3 Object Lock and deprecated legacy Compliance requests.
-
Added support for using DELETE Multiple Objects on versioned buckets.
-
The Content-MD5 request header is now correctly supported.
|
|
-
Added support for DELETE Bucket tagging, GET Bucket tagging, and PUT Bucket tagging. Cost allocation tags aren't supported.
-
For buckets created in StorageGRID 11.4, restricting object key names to meet performance best practices is no longer required.
-
Added support for bucket notifications on the s3:ObjectRestore:Post event type.
-
AWS size limits for multipart parts are now enforced. Each part in a multipart upload must be between 5 MiB and 5 GiB. The last part can be smaller than 5 MiB.
-
Added support for TLS 1.3
|
|
-
Added support for server-side encryption of object data with customer-provided keys (SSE-C).
-
Added support for DELETE, GET, and PUT Bucket lifecycle operations (Expiration action only) and for the x-amz-expiration response header.
-
Updated PUT Object, PUT Object - Copy, and Multipart Upload to describe the impact of ILM rules that use synchronous placement at ingest.
-
TLS 1.1 ciphers are no longer supported.
|
|
Added support for POST Object restore for use with Cloud Storage Pools. Added support for using the AWS syntax for ARN, policy condition keys, and policy variables in group and bucket policies. Existing group and bucket policies that use the StorageGRID syntax will continue to be supported.
Note: Uses of ARN/URN in other configuration JSON/XML, including those used in custom StorageGRID features, have not changed.
|
|
Added support for cross-origin resource sharing (CORS), HTTP for S3 client connections to grid nodes, and compliance settings on buckets.
|
|
Added support for configuring platform services (CloudMirror replication, notifications, and Elasticsearch search integration) for buckets. Also added support for object tagging location constraints for buckets, and the Available consistency.
|
|
Added support for ILM scanning changes to versioning, Endpoint Domain Names page updates, conditions and variables in policies, policy examples, and the PutOverwriteObject permission.
|
|
Added support for versioning.
|
|
Added support for group and bucket access policies, and for multipart copy (Upload Part - Copy).
|
|
Added support for multipart upload, virtual hosted-style requests, and v4 authentication.
|
|
Initial support of the S3 REST API by the StorageGRID system.The currently supported version of the Simple Storage Service API Reference is 2006-03-01.
|