tencent cloud

GET Bucket encryption
Download PDF
Last updated: 2024-03-28 18:12:17
GET Bucket encryption
Last updated: 2024-03-28 18:12:17
Download PDF

Feature Description

This API is used to query the default encryption configuration of a specified bucket.
To call this API, you need to have the GetBucketEncryption permission. By default, the bucket owner has permission to call this API and can grant this permission to other users.

Request

Sample request
GET /?encryption HTTP 1.1
Host: <BucketName-APPID>.cos.<Region>.myqcloud.com
Date: GMT Date
Authorization: Auth String
Note:
Host: <BucketName-APPID>.cos.<Region>.myqcloud.com, where <BucketName-APPID> is the bucket name followed by the APPID, such as examplebucket-1250000000 (see Bucket Overview > Basic Information and Bucket Overview > Bucket Naming Conventions), and <Region> is a COS region (see Regions and Access Endpoints).
Authorization: Auth String (See Request Signature for details.)
Request parameters
This API has no request parameter.
Request headers
This API only uses Common Request Headers.
Request Body
This API does not have a request body.

Response

Response headers
This API only returns Common Response Headers.
Response body
The SSE-COS-encrypted response body is follows:
<ServerSideEncryptionConfiguration>
      <Rule>
            <ApplyServerSideEncryptionByDefault>
                <SSEAlgorithm>AES256|KMS</SSEAlgorithm>
                <KMSMasterKeyID>String</KMSMasterKeyID>
            </ApplyServerSideEncryptionByDefault>
      </Rule>
</ServerSideEncryptionConfiguration>
The nodes are described as follows:
Element
Parent Node
Description
Type
ServerSideEncryptionConfiguration
None
Contains the default encryption configuration parameters
Container
Rule
ServerSideEncryptionConfiguration
Default server-side encryption configuration rule
Container
ApplyServerSideEncryptionByDefault
ServerSideEncryptionConfiguration.Rule
Default configuration of server-side encryption
Container
SSEAlgorithm
ServerSideEncryptionConfiguration.Rule.ApplyServerSideEncryptionByDefault
Valid values: AES256 (SSE-COS mode with AES256 algorithm), KMS (SSE-KMS mode)
String
KMSMasterKeyID
ServerSideEncryptionConfiguration.Rule.ApplyServerSideEncryptionByDefault
Customer master key (CMK) of KMS if SSEAlgorithm is set to KMS. If this field is not specified, the default CMK created by COS will be used. For more information, see SSE-KMS Encryption.
String
Error Code
This API returns common error responses and error codes. For more information, see Error Codes.

Samples

Request
GET /?encryption HTTP 1.1
Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.com
Date: Mon, 17 Jun 2019 08:37:35 GMT
Authorization: signatureValue
Response
HTTP/1.1 200 OK
Content-Type: application/xml
Content-Length: xxxx
Date: Mon, 17 Jun 2019 08:37:36 GMT
Server: tencent-cos
x-cos-request-id: NWQwNzUxNTBfMzdiMDJhMDlfOWM0Nl85NDFk****



<?xml version = "1.0" encoding = "UTF-8">
<ServerSideEncryptionConfiguration>
      <Rule>
            <ApplyServerSideEncryptionByDefault>
                <SSEAlgorithm>AES256</SSEAlgorithm>
            </ApplyServerSideEncryptionByDefault>
      </Rule>
</ServerSideEncryptionConfiguration>

Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback