GetBucketEncryption
permission. By default, the bucket owner has permission to call this API and can grant this permission to other users.GET /?encryption HTTP 1.1Host: <BucketName-APPID>.cos.<Region>.myqcloud.comDate: GMT DateAuthorization: Auth String
APPID
, such as examplebucket-1250000000
(see Bucket Overview > Basic Information and Bucket Overview > Bucket Naming Conventions), and <Region> is a COS region (see Regions and Access Endpoints).<ServerSideEncryptionConfiguration><Rule><ApplyServerSideEncryptionByDefault><SSEAlgorithm>AES256|KMS</SSEAlgorithm><KMSMasterKeyID>String</KMSMasterKeyID></ApplyServerSideEncryptionByDefault></Rule></ServerSideEncryptionConfiguration>
Element | Parent Node | Description | Type |
ServerSideEncryptionConfiguration | None | Contains the default encryption configuration parameters | Container |
Rule | ServerSideEncryptionConfiguration | Default server-side encryption configuration rule | Container |
ApplyServerSideEncryptionByDefault | ServerSideEncryptionConfiguration.Rule | Default configuration of server-side encryption | Container |
SSEAlgorithm | ServerSideEncryptionConfiguration.Rule.ApplyServerSideEncryptionByDefault | Valid values: AES256 (SSE-COS mode with AES256 algorithm), KMS (SSE-KMS mode) | String |
KMSMasterKeyID | ServerSideEncryptionConfiguration.Rule.ApplyServerSideEncryptionByDefault | Customer master key (CMK) of KMS if SSEAlgorithm is set to KMS . If this field is not specified, the default CMK created by COS will be used. For more information, see SSE-KMS Encryption. | String |
GET /?encryption HTTP 1.1Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.comDate: Mon, 17 Jun 2019 08:37:35 GMTAuthorization: signatureValue
HTTP/1.1 200 OKContent-Type: application/xmlContent-Length: xxxxDate: Mon, 17 Jun 2019 08:37:36 GMTServer: tencent-cosx-cos-request-id: NWQwNzUxNTBfMzdiMDJhMDlfOWM0Nl85NDFk****<?xml version = "1.0" encoding = "UTF-8"><ServerSideEncryptionConfiguration><Rule><ApplyServerSideEncryptionByDefault><SSEAlgorithm>AES256</SSEAlgorithm></ApplyServerSideEncryptionByDefault></Rule></ServerSideEncryptionConfiguration>
Was this page helpful?