Get the headers of an object protected by IBM Immutable Objects

A HEAD given a path to a protected object retrieves that object’s headers. This operation does not make use of operation specific query parameters (besides versioning) or payload elements.

Optional headers

Header Type Description
range string Returns the bytes of an object within the specified range.
Mirror-Destination string

This header is applicable for listing of buckets in a protected mirror.

The Mirror-Destination header specifies from which vault of the mirror to read. By default, if no explicit vault is specified, then the listing request will attempt to read from both vaults and provide a listing response that combines the list of objects on each component vault to the mirror excluding duplicates (object resides on both vaults in the mirror). If the Mirror-Destination header is specified and includes a valid Vault Identifier, the data returned will be from the Vault with the ID that matches what was provided in the header. The Mirror-Destination header is applicable only to protected mirrors, and the header is ignored otherwise. A failure to read from the specified vault will result in an error back to the HTTP client.

Type
String
Default
None
Constraints
{Valid Vault Identifier}
x-amz-checksum-mode String (ENABLED is the only valid value) This indicates whether or not to include checksum metadata on the response.

Specific headers for SSE-C

Common SSE-C headers are available for buckets using Server Side Encryption with Customer-Provided Keys (SSE-C) enabled.

Attention: SSE-C headers can be used to write or write objects from a protected bucket. However, it should be noted that SSE-C keys cannot be rotated for objects in a protected bucket.

Response headers

This enhancement to the operation add these new headers.

Table 1. Response headers
Name Description Required
Retention-Period Retention period of the object in seconds. The object can be neither overwritten or deleted until the amount of time specified in the retention period has elapsed. If there is no retention period on the object this header is not returned.

A retention period of -1 indicates indefinite retention for the object. A retention period of -1 can only be specified at the initial object creation. An object with a retention period of -1 cannot be overwritten or deleted. The indefinite retention period for an object can be changed to a finite value at any time with the retention extension operation. Once an object has been given a positive value for the retention period, that object cannot be given a retention period of -1.

A retention period of -2 indicates permanent retention for the object. In order to specify -2, permanent retention must be enabled on the bucket in which this object resides. Once an object is permanently retained, the object, and thus the bucket which contains the object, cannot be deleted.

Type
Non-negative integer (in seconds) or -1 or -2
No
Retention-Legal-Hold-Count Returns the count of legal holds on the object.
Type
Non-negative integer
No
Retention-Expiration-Date Computed date on which the retention period will expire. Calculated from object last-modified-time + retention period. If there is no retention period on the object, or the retention period is set to indefinite or permanent, this header is not returned.
Type
Date (ISO 8601 Format)
No