Download a protected object using Immutable Object Storage
This enhancement of the GET operations adds new response headers.
The storage account user making this request must have certain permissions for
this object. In Vault Mode, if restrictive ACL is enabled then the storage account user must have
READ_ACP permissions for the object. If restrictive ACL is not enabled, the storage
account user must have READ_ACP permissions for the bucket. In Container Mode, the
storage account user must have READ_ACP permissions on the object. For more
information, see Create an ACL for an object.
Optional headers
| Header | Type | Description |
|---|---|---|
range
|
string | Returns the bytes of an object within the specified range. |
| Mirror-Destination | string |
This header is applicable for listing of buckets in a protected mirror. The Mirror-Destination header specifies from which vault of the mirror to read. By default, if no explicit vault is specified, then the listing request will attempt to read from both vaults and provide a listing response that combines the list of objects on each component vault to the mirror excluding duplicates (object resides on both vaults in the mirror). If the Mirror-Destination header is specified and includes a valid Vault Identifier, the data returned will be from the Vault with the ID that matches what was provided in the header. The Mirror-Destination header is applicable only to protected mirrors, and the header is ignored otherwise. A failure to read from the specified vault will result in an error back to the HTTP client.
|
x-amz-checksum-mode |
String (ENABLED is the only valid value) | This indicates whether or not to include checksum metadata on the response. |
Specific headers for SSE-C
Common SSE-C headers are available for buckets using Server Side Encryption with Customer-Provided Keys (SSE-C) enabled.
Responses
Response headers
This enhancement to the operation add these new headers.
| Name | Description | Required |
|---|---|---|
| Retention-Period | Retention period of the object in seconds. The object can be neither overwritten or deleted
until the amount of time specified in the retention period has elapsed. If there is no retention
period on the object this header is not returned. A retention period of
|
No |
| Retention-Legal-Hold-Count | Returns the count of legal holds on the object.
|
No |
| Retention-Expiration-Date | Computed date on which the retention period will expire. Calculated from object
last-modified-time + retention period. If there is no retention period on the object, or the retention period is set to indefinite or permanent, this header is
not returned.
|
No |
Examples
Sample request
GET /BucketName/ObjectName HTTP/1.1
Host: myBucket.mydsNet.corp.com
Date: Sat, 11 Feb 2017 17:09:00 GMT
Authorization: {authorization-string}
Sample response
HTTP/1.1 200 OK
x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran
x-amz-request-id: 318BC8BC148832E5
Date: Sat, 11 Feb 2017 17:10:00 GMT
Last-Modified: Thu, 2 Sep 2016 21:33:08 GMT
ETag: "fba9dede5f27731c9771645a39863328"
Retention-Period: 220752000
Retention-Expiration-Date: Fri, 1 Sep 2023 21:33:08 GMT
Retention-Legal-Hold-Count: 1
Content-Length: 434234
[434234 bytes of object data]