Jawei, Li
f1cb839979
Reviewed-by: gtema <artem.goncharov@gmail.com> Co-authored-by: Jawei, Li <lijiawei5@huawei.com> Co-committed-by: Jawei, Li <lijiawei5@huawei.com>
12 KiB
Obtaining Bucket Encryption Configuration
Functions
OBS uses the GET method to obtain the encryption configuration of a specified bucket.
To perform this operation, you must have the GetEncryptionConfiguration permission. By default, only the bucket owner can delete the tags of a bucket. The bucket owner can allow other users to perform this operation by setting a bucket policy or granting them the permission.
Request Syntax
1 2 3 4 5 6 | GET /?encryption HTTP/1.1
User-Agent: curl/7.29.0
Host: bucketname.obs.region.example.com
Accept: */*
Date: date
Authorization: authorization string
|
Request parameters
This request contains no parameter.
Request Headers
This request uses common headers. For details, see Table 3.
Request Elements
This request involves no elements.
Response Syntax
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | HTTP/1.1 status_code
x-obs-request-id: request id
x-obs-id-2: id
Content-Type: application/xml
Content-Length: length
Date: date
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ServerSideEncryptionConfiguration xmlns="http://obs.region.example.com/doc/2015-06-30/">
<Rule>
<ApplyServerSideEncryptionByDefault>
<SSEAlgorithm>kms</SSEAlgorithm>
<KMSMasterKeyID>kmskeyid-value</KMSMasterKeyID>
<ProjectID>projectid</ProjectID>
</ApplyServerSideEncryptionByDefault>
</Rule>
</ServerSideEncryptionConfiguration>
|
Response Headers
The response to the request uses common headers. For details, see Table 1.
Response Elements
This response contains the following elements to detail bucket encryption configuration:
Header |
Description |
|---|---|
ServerSideEncryptionConfiguration |
Root element of the default encryption configuration of a bucket. Type: element Ancestor: none Children: Rule |
Rule |
Sub-element of the default encryption configuration of a bucket. Type: element Ancestor: ServerSideEncryptionConfiguration Children: ApplyServerSideEncryptionByDefault |
ApplyServerSideEncryptionByDefault |
Sub-element of the default encryption configuration of a bucket. Type: element Ancestor: Rule Children: SSEAlgorithm, KMSMasterKeyID |
SSEAlgorithm |
The server-side encryption algorithm used for encryption configuration of a bucket. Type: string Valid values: kms Ancestor: ApplyServerSideEncryptionByDefault |
KMSMasterKeyID |
ID of the customer master key (CMK) used for SSE-KMS. Type: string Ancestor: ApplyServerSideEncryptionByDefault |
ProjectID |
ID of the project to which the KMS master key belongs in the SSE-KMS mode. Type: string Ancestor: ApplyServerSideEncryptionByDefault |
Error Responses
In addition common error codes, this API also returns other error codes. The following table lists common errors and possible causes. For details, see Table 2.
Sample Request
1 2 3 4 5 6 | GET /?encryption HTTP/1.1
User-Agent: curl/7.29.0
Host: examplebucket.obs.region.example.com
Accept: */*
Date: Thu, 21 Feb 2019 03:05:34 GMT
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:DpSAlmLX/BTdjxU5HOEwflhM0WI=
|
Sample Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: BF26000001643670AC06E7B9A7767921
x-obs-id-2: 32AAAQAAEAABSAAgAAEAABAAAQAAEAABCSvK6z8HV6nrJh49gsB5vqzpgtohkiFm
Date: Thu, 21 Feb 2019 03:05:34 GMT
Content-Length: 788
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ServerSideEncryptionConfiguration xmlns="http://obs.region.example.com/doc/2015-06-30/">
<Rule>
<ApplyServerSideEncryptionByDefault>
<SSEAlgorithm>kms</SSEAlgorithm>
<KMSMasterKeyID>4f1cd4de-ab64-4807-920a-47fc42e7f0d0</KMSMasterKeyID>
</ApplyServerSideEncryptionByDefault>
</Rule>
</ServerSideEncryptionConfiguration>
|