Upload a part for Object Lock objects

If object lock headers are specified at the time of the initiate Multipart Upload or there is present a default retention configuration on the bucket, then a Content MD-5 header with appropriate value must be included with each part that is uploaded if the V4 Signature does not include the sha256 of the content.

Requests

Request headers

This implementation of the operation requires that the Content MD-5 header or V4 signing are included with each part that is uploaded.

Table 1. Request headers
Name Type Description
Content-MD5 String The base64-encoded 128-bit MD5 digest of the message (without the headers) according to RFC 1864.
x-amz-checksum-crc32 String This header is the Base64 encoded, 32-bit CRC32 checksum of the object.
x-amz-checksum-crc32c String This header is the Base64 encoded, 32-bit CRC32C checksum of the object.
x-amz-checksum-crc64nvme String This header is the Base64 encoded, 64-bit CRC64NVME checksum of the object. The CRC64NVME checksum is always a full object checksum.
x-amz-checksum-sha1 String This header is the Base64 encoded, 160-bit SHA1 digest of the object.
x-amz-checksum-sha256 String This header is the Base64 encoded, 256-bit SHA256 digest of the object.
x-amz-trailer String
Possible value
x-amz-checksum-crc32
Indicates which checksum value header will be found in the trailer of the payload in order to verify object upload integrity.

Content-MD5 or x-amz-checksum- HTTP header or AWS Signature Version 4 signed payload is required for upload requests with Object Lock parameters.

Specific headers for SSE-C

Common SSE-C headers are available for buckets using Server Side Encryption with Customer-Provided Keys (SSE-C) enabled.

Attention: SSE-C headers can be used to write or write objects from a protected bucket. However, it should be noted that SSE-C keys cannot be rotated for objects in a protected bucket.