Updated on 2024-09-05 GMT+08:00

Copying an Object (SDK for Go)

Function

This API copies an object stored in OBS to another path. You can create a backup up to 5 GB for an object in a specified bucket by a single operation.

Restrictions

  • To copy an object, you must be the bucket owner or have the required permission (obs:object:PutObject in IAM or PutObject in a bucket policy).
  • The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
  • The object copy request carries the information about the bucket and object to be copied in the header field. The message body cannot be carried.
  • The target object size ranges from 0 to 5 GB. If the source object size exceeds 5 GB, you can only copy some objects using Multipart Uploads (SDK for Go).

Method

func (obsClient ObsClient) CopyObject(input *CopyObjectInput) (output *CopyObjectOutput, err error)

Request Parameters

Table 1 List of request parameters

Parameter

Type

Mandatory (Yes/No)

Description

input

*CopyObjectInput

Yes

Explanation:

Input parameters for copying an object. For details, see Table 2.

Table 2 CopyObjectInput

Parameter

Type

Mandatory (Yes/No)

Description

Bucket

string

Yes

Explanation:

Bucket name

Restrictions:

  • A bucket name must be unique across all accounts and regions.
  • A bucket name:
    • Must be 3 to 63 characters long and start with a digit or letter. Lowercase letters, digits, hyphens (-), and periods (.) are allowed.
    • Cannot be formatted as an IP address.
    • Cannot start or end with a hyphen (-) or period (.).
    • Cannot contain two consecutive periods (..), for example, my..bucket.
    • Cannot contain a period (.) and a hyphen (-) adjacent to each other, for example, my-.bucket or my.-bucket.
  • If you repeatedly create buckets of the same name in the same region, no error will be reported and the bucket attributes comply with those set in the first creation request.

Default value:

None

Key

string

Yes

Explanation:

Target object name An object is uniquely identified by an object name in a bucket. An object name is a complete path that does not contain the bucket name.

For example, if the address for accessing the object is examplebucket.obs.ap-southeast-1.myhuaweicloud.com/folder/test.txt, the object name is folder/test.txt.

Value range:

The value must contain 1 to 1,024 characters.

Default value:

None

CopySourceBucket

string

Yes

Explanation:

Source bucket name

Restrictions:

  • A bucket name must be unique across all accounts and regions.
  • A bucket name:
    • Must be 3 to 63 characters long and start with a digit or letter. Lowercase letters, digits, hyphens (-), and periods (.) are allowed.
    • Cannot be formatted as an IP address.
    • Cannot start or end with a hyphen (-) or period (.).
    • Cannot contain two consecutive periods (..), for example, my..bucket.
    • Cannot contain a period (.) and a hyphen (-) adjacent to each other, for example, my-.bucket or my.-bucket.
  • If you repeatedly create buckets of the same name in the same region, no error will be reported and the bucket attributes comply with those set in the first creation request.

Default value:

None

CopySourceKey

string

Yes

Explanation:

Source object name An object is uniquely identified by an object name in a bucket. An object name is a complete path that does not contain the bucket name.

For example, if the address for accessing the object is examplebucket.obs.ap-southeast-1.myhuaweicloud.com/folder/test.txt, the object name is folder/test.txt.

Value range:

The value must contain 1 to 1,024 characters.

Default value:

None

CopySourceVersionId

string

No

Explanation:

Version ID of the source object, for example, G001117FCE89978B0000401205D5DC9A

Value range:

The value must contain 32 characters.

Default value:

If this parameter is left blank, the latest version of the source object is copied.

ACL

AclType

No

Explanation:

ACL that can be pre-defined during the object copy. For details about the ACL, see ACLs.

Value range:

See Table 3.

Default value:

None

MetadataDirective

MetadataDirectiveType

No

Explanation:

Policy for copying the source object's properties

Value range:

See Table 4.

Default value:

None

CopySourceIfMatch

string

No

Explanation:

Copies the source object if its ETag is the same as the one specified by this parameter; otherwise, an error is returned.

Default value:

None

CopySourceIfNoneMatch

string

No

Explanation:

Copies the source object if its ETag is different from the one specified by this parameter; otherwise, an error is returned.

Default value:

None

CopySourceIfUnmodifiedSince

time.Time

No

Explanation:

Copies the source object if it has not been modified since the specified time; otherwise, an exception is thrown.

Default value:

None

CopySourceIfModifiedSince

time.Time

No

Explanation:

Copies the source object if it has been modified since the specified time; otherwise, an exception is thrown.

Default value:

None

WebsiteRedirectLocation

string

No

Explanation:

If the bucket is configured with website hosting, the request for obtaining the object can be redirected to another object in the bucket or an external URL.

The request is redirected to object anotherPage.html in the same bucket:

WebsiteRedirectLocation:/anotherPage.html

The request is redirected to an external URL http://www.example.com/:

WebsiteRedirectLocation:http://www.example.com/

OBS obtains the specified value from the header and stores it in the object metadata WebsiteRedirectLocation.

Restrictions:

  • The value must start with a slash (/), http://, or https:// and cannot exceed 2 KB.
  • OBS only supports redirection for objects in the root directory of a bucket.

Default value:

None

SseHeader

SseCHeader or SseKmsHeader

No

Explanation:

Server-side header used for encrypting the target object. If SSE-C is used, see SseCHeader. If SSE-KMS is used, see SseKmsHeader.

SourceSseHeader

SseCHeader

No

Explanation:

Server-side header used for decrypting the source object. For details, see SseCHeader.

CacheControl

string

No

Explanation:

Cache-Control is rewritten in the response.

Default value:

None

ContentDisposition

string

No

Explanation:

Rewrites the Content-Disposition header in the response.

Default value:

None

ContentEncoding

string

No

Explanation:

Rewrites the Content-Encoding header in the response.

Default value:

None

ContentLanguage

string

No

Explanation:

Content-Language is rewritten in the response.

Default value:

None

ContentType

string

No

Explanation:

Content-Type is rewritten in the response.

Default value:

None

Expires

string

No

Explanation:

Expires is rewritten in the response.

Default value:

None

StorageClass

StorageClassType

No

Explanation:

Object storage class

Value range:

See Table 7.

Default value:

None. If this parameter is not specified, the storage class of the bucket is used as that of the object.

Metadata

map[string]string

No

Explanation:

Custom metadata of the target object. You can add a header starting with x-obs-meta- in the request to define metadata. The custom metadata will be returned in the response when you retrieve the object or query the object metadata.

Restrictions:

  • The custom metadata cannot exceed 8 KB. To measure the custom metadata, sum the number of bytes in the UTF-8 encoding of each key and value.
  • The custom metadata keys are case insensitive, but are stored in lowercase in OBS. The key values are case sensitive.
  • Both custom metadata keys and their values must conform to US-ASCII standards. If non-ASCII or unrecognizable characters are necessary, they must be encoded or decoded in URL or Base64 on the client, because the server side does not perform any decoding.

Default value:

None

GrantReadId

string

No

Explanation:

ID (domain_id) of an account the READ permission is granted to. The account with the READ permission can read the object to copy and obtain its metadata.

Value range:

To obtain the account ID, see How Do I Get My Account ID and User ID?

Default value:

None

GrantReadAcpId

string

No

Explanation:

ID (domain_id) of an account the READ_ACP permission is granted to. The account with the READ_ACP permission can read the ACL of the object to copy.

Value range:

To obtain the account ID, see How Do I Get My Account ID and User ID?

Default value:

None

GrantWriteAcpId

string

No

Explanation:

ID (domain_id) of an account the WRITE_ACP permission is granted to. The account with the WRITE_ACP permission can write the ACL of the object to copy.

Value range:

To obtain the account ID, see How Do I Get My Account ID and User ID?

Default value:

None

GrantFullControlId

string

No

Explanation:

ID (domain_id) of an account the FULL_CONTROL permission is granted to. The account with the FULL_CONTROL permission can read the object to copy, obtain its metadata, and obtain and write its ACL.

Value range:

To obtain the account ID, see How Do I Get My Account ID and User ID?

Default value:

None

SuccessActionRedirect

string

No

Explanation:

Address (URL) to which a successfully answered request is redirected

If the value is valid and the request is successful, OBS returns status code 303. Location contains SuccessActionRedirect as well as the bucket name, object name, and object ETag.

If the value is invalid, OBS ignores this parameter. In such case, the Location header is the object address, and OBS returns a status code based on whether the operation succeeds or fails.

Default value:

None

Table 3 AclType

Constant

Default Value

Description

AclPrivate

private

Private read/write

A bucket or object can only be accessed by its owner.

AclPublicRead

public-read

Public read and private write

If this permission is granted on a bucket, anyone can read the object list, multipart tasks, metadata, and object versions in the bucket.

If it is granted on an object, anyone can read the content and metadata of the object.

AclPublicReadWrite

public-read-write

Public read/write

If this permission is granted on a bucket, anyone can read the object list, multipart tasks, metadata, and object versions in the bucket, and can upload or delete objects, initiate multipart upload tasks, upload parts, assemble parts, copy parts, and abort multipart upload tasks.

If it is granted on an object, anyone can read the content and metadata of the object.

AclPublicReadDelivered

public-read-delivered

Public read on a bucket as well as objects in the bucket

If this permission is granted on a bucket, anyone can read the object list, multipart tasks, metadata, and object versions, and read the content and metadata of objects in the bucket.

NOTE:

AclPublicReadDelivered does not apply to objects.

AclPublicReadWriteDelivered

public-read-write-delivered

Public read/write on a bucket as well as objects in the bucket

If this permission is granted on a bucket, anyone can read the object list, multipart uploads, metadata, and object versions in the bucket, and can upload or delete objects, initiate multipart upload tasks, upload parts, assemble parts, copy parts, and abort multipart uploads. They can also read the content and metadata of objects in the bucket.

NOTE:

AclPublicReadWriteDelivered does not apply to objects.

AclBucketOwnerFullControl

bucket-owner-full-control

If this permission is granted on an object, only the bucket and object owners have the full control over the object.

By default, if you upload an object to a bucket of any other user, the bucket owner does not have the permissions on your object. After you grant this policy to the bucket owner, the bucket owner can have full control over your object.

Table 4 MetadataDirectiveType

Constant

Default Value

Description

CopyMetadata

COPY

When copying an object, the object's properties are also copied.

ReplaceMetadata

REPLACE

When copying an object, the object's properties are replaced.

Table 5 SseCHeader

Parameter

Type

Mandatory (Yes/No)

Description

Encryption

string

Yes if used as a request parameter

Explanation:

SSE-C used for encrypting objects

Value range:

AES256, indicating objects are encrypted using SSE-C

Default value:

None

Key

string

Yes if used as a request parameter

Explanation:

Key for encrypting the object when SSE-C is used

Restrictions:

The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.

Default value:

None

KeyMD5

string

No if used as a request parameter

Explanation:

MD5 value of the key for encrypting objects when SSE-C is used. This value is used to check whether any error occurs during the transmission of the key.

Restrictions:

The value is encrypted by MD5 and then encoded by Base64, for example, 4XvB3tbNTN+tIEVa0/fGaQ==.

Default value:

None

Table 6 SseKmsHeader

Parameter

Type

Mandatory (Yes/No)

Description

Encryption

string

Yes if used as a request parameter

Explanation:

SSE-KMS used for encrypting objects

Value range:

kms, indicating objects are encrypted using SSE-KMS

Default value:

None

Key

string

No if used as a request parameter

Explanation:

ID of the KMS master key when SSE-KMS is used

Value range:

Valid value formats are as follows:

  1. regionID:domainID:key/key_id
  2. key_id

In the preceding formats:

Default value:

  • If this parameter is not specified, the default master key will be used.
  • If there is no such a default master key, OBS will create one and use it by default.
Table 7 StorageClassType

Constant

Default Value

Description

StorageClassStandard

STANDARD

OBS Standard

Features low access latency and high throughput and is used for storing massive, frequently accessed (multiple times a month) or small objects (< 1 MB) requiring quick response.

StorageClassWarm

WARM

OBS Infrequent Access

Used for storing data that is semi-frequently accessed (fewer than 12 times a year) but is instantly available when needed.

StorageClassCold

COLD

OBS Archive

Used for storing rarely accessed (once a year) data.

Responses

Table 8 List of returned results

Parameter

Type

Description

output

*CopyObjectOutput

Explanation:

Messages returned by the API See Table 9.

err

error

Explanation:

Error messages returned by the API

Table 9 CopyObjectOutput

Parameter

Type

Description

StatusCode

int

Explanation:

HTTP status code

Value range:

A status code is a group of digits that can be 2xx (indicating successes) or 4xx or 5xx (indicating errors). It indicates the status of a response. For more information, see Status Code.

Default value:

None

RequestId

string

Explanation:

Request ID returned by the OBS server

Default value:

None

ResponseHeaders

map[string][]string

Explanation:

HTTP response headers

Default value:

None

LastModified

time.Time

Explanation:

Time when the last modification was made to the target object

Value range:

UTC time

Default value:

None

ETag

string

Explanation:

ETag of the target object. Base64-encoded, 128-bit MD5 value of an object. ETag is the unique identifier of the object content. It can be used to determine whether the object content is changed. For example, if the ETag value is A when an object is uploaded, but changes to B when the object is downloaded, it indicates that the object content has been changed. The ETag reflects changes to the object content, rather than the object metadata. An uploaded or copied object has a unique ETag after being encrypted using MD5.

Restrictions:

If an object is encrypted using server-side encryption, the ETag is not the MD5 value of the object.

Value range:

The value must contain 32 characters.

Default value:

None

CopySourceVersionId

string

Explanation:

Version ID of the source object

Value range:

The value must contain 32 characters.

Default value:

None

VersionId

string

Explanation:

Version ID of the target object

Value range:

The value must contain 32 characters.

Default value:

None

SseHeader

SseCHeader or SseKmsHeader

Explanation:

Server-side encryption header information. If SSE-C is used, see Table 10. If SSE-KMS is used, see Table 11.

Table 10 SseCHeader

Parameter

Type

Mandatory (Yes/No)

Description

Encryption

string

Yes if used as a request parameter

Explanation:

SSE-C used for encrypting objects

Value range:

AES256, indicating objects are encrypted using SSE-C

Default value:

None

Key

string

Yes if used as a request parameter

Explanation:

Key for encrypting the object when SSE-C is used

Restrictions:

The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.

Default value:

None

KeyMD5

string

No if used as a request parameter

Explanation:

MD5 value of the key for encrypting objects when SSE-C is used. This value is used to check whether any error occurs during the transmission of the key.

Restrictions:

The value is encrypted by MD5 and then encoded by Base64, for example, 4XvB3tbNTN+tIEVa0/fGaQ==.

Default value:

None

Table 11 SseKmsHeader

Parameter

Type

Mandatory (Yes/No)

Description

Encryption

string

Yes if used as a request parameter

Explanation:

SSE-KMS used for encrypting objects

Value range:

kms, indicating objects are encrypted using SSE-KMS

Default value:

None

Key

string

No if used as a request parameter

Explanation:

ID of the KMS master key when SSE-KMS is used

Value range:

Valid value formats are as follows:

  1. regionID:domainID:key/key_id
  2. key_id

In the preceding formats:

Default value:

  • If this parameter is not specified, the default master key will be used.
  • If there is no such a default master key, OBS will create one and use it by default.

Code Examples

This example copies an object from one bucket to another.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package main
import (
    "fmt"
    "os"
    obs "github.com/huaweicloud/huaweicloud-sdk-go-obs/obs"
)
func main() {
    //Obtain an AK/SK pair using environment variables or import an AK/SK pair in other ways. Using hard coding may result in leakage.
    //Obtain an AK/SK pair on the management console. For details, see https://support.huaweicloud.com/intl/en-us/usermanual-ca/ca_01_0003.html.
    ak := os.Getenv("AccessKeyID")
    sk := os.Getenv("SecretAccessKey")
    // (Optional) If you use a temporary AK/SK pair and a security token to access OBS, you are advised not to use hard coding to reduce leakage risks. You can obtain an AK/SK pair using environment variables or import an AK/SK pair in other ways.
    // securityToken := os.Getenv("SecurityToken")
    // Enter the endpoint corresponding to the bucket. CN-Hong Kong is used here as an example. Replace it with the one currently in use.
    endPoint := "https://obs.ap-southeast-1.myhuaweicloud.com"
    // Create an obsClient instance.
    // If you use a temporary AK/SK pair and a security token to access OBS, use the obs.WithSecurityToken method to specify a security token when creating an instance.
    obsClient, err := obs.New(ak, sk, endPoint/*, obs.WithSecurityToken(securityToken)*/)
    if err != nil {
        fmt.Printf("Create obsClient error, errMsg: %s", err.Error())
    }
    input := &obs.CopyObjectInput{}
    // Specify the source bucket name.
    input.Bucket = "examplebucket"
    // Specify a source object (example/objectname as an example).
    input.Key = "example/objectname"
    // Specify a source bucket (sourcebucketname as an example).
    input.CopySourceBucket = "sourcebucketname"
    // Specify an object to copy (sourceobjectkey as an example) in the source bucket.
    input.CopySourceKey = "sourceobjectkey"
    // Copy the object.
    output, err := obsClient.CopyObject(input)
    if err == nil {
        fmt.Printf("Copy part(bucket:%s, object: %s) successful from bucket:%s's object: %s!\n",
            input.Bucket, input.Key, input.CopySourceBucket, input.CopySourceKey)
        fmt.Printf("ETag:%s, LastModified:%s\n", output.ETag, output.LastModified)
        return
    }
    fmt.Printf("Copy part(bucket:%s, object: %s) fail from bucket:%s's object: %s!\n",
        input.Bucket, input.Key, input.CopySourceBucket, input.CopySourceKey)
    if obsError, ok := err.(obs.ObsError); ok {
        fmt.Println("An ObsError was found, which means your request sent to OBS was rejected with an error response.")
        fmt.Println(obsError.Error())
    } else {
        fmt.Println("An Exception was found, which means the client encountered an internal problem when attempting to communicate with OBS, for example, the client was unable to access the network.")
        fmt.Println(err)
    }
}