Uploads objects.

Usage notes

  • PutObject cannot be used to upload objects larger than 5 GB.
  • By default, if you upload an object whose name is the same as that of an existing object, the existing object is overwritten by the uploaded object and 200 OK is returned.

Versioning

If you call PutObject to upload an object to a versioning-enabled bucket, OSS generates a unique version ID for the uploaded object and returns the version ID as the x-oss-version-id header in the response.

If you call PutObject to upload an object to a versioning-suspended bucket, OSS generates the version ID null for the uploaded object. An object can have only one version whose version ID is null.

Request structure

PUT /ObjectName HTTP/1.1
Content-Length: ContentLength
Content-Type: ContentType
Host: BucketName.oss-cn-hangzhou.aliyuncs.com
Date: GMT Date
Authorization: SignatureValue

Request headers

OSS supports five HTTP request headers: Cache-Control, Expires, Content-Encoding, Content-Disposition, and Content-Type. If these headers are configured when you upload an object, the headers are automatically set to the configured values when you download the object.

Header Type Required Description
Authorization String No Specifies that the request is authorized. For more information, visit RFC 2616. For more information about how to calculate the value of this header, see Add signatures to the Authorization header.

The Authorization header is required in most cases. However, if you use a signed URL in a PutObject request, this header is not required. For more information, see Generate a signed URL.

Default value: null

Cache-Control String No The web page caching behavior that is specified when the object is downloaded. For more information, visit RFC2616.

Default value: null

Content-Disposition String No The name of the object when the object is downloaded. For more information, visit RFC 2616.

Default value: null

Content-Encoding String No The content encoding type of the object when the object is downloaded. For more information, visit RFC 2616.

Default value: null

Content-MD5 String No The MD5 hash of the object you want to upload. The value of Content-MD5 is calculated based on the MD5 algorithm. If you specify the Content-MD5 header in a PutObject request, OSS calculates the MD5 hash of the received object and checks whether the calculated MD5 hash is the same as the Content-MD5 value provided in the request. For more information, see Calculation of Content-MD5.

To ensure data integrity, OSS provides multiple methods for you to check the MD5 hash of uploaded data. To verify the MD5 hash of the uploaded object based on the Content-MD5 header, add the Content-MD5 header to the request.

Default value: null

Content-Length String No The size of the data in the HTTP request body.

If the value of the Content-Length header in the request is smaller than the size of the data in the request body, the object can still be created. However, the data is truncated to the object size specified by Content-Length.

ETag String No The ETag that is generated when an object is created. ETags are used to identify the content of objects.
  • If an object is created by using the PutObject operation, the ETag value of the object is the MD5 hash of the object content.
  • If an object is created by using other methods, the ETag value of the object is the UUID of the object content.
Note The ETag value of an object can be used to check whether the object content is modified. However, we recommend that you do not use the ETag of an object as the MD5 hash of the object to check data integrity.

Default value: null

Expires String No The time period after which the response is considered expired. For more information, visit RFC 2616.

Default value: null

x-oss-forbid-overwrite String No Specifies whether the object uploaded by using PutObject overwrites the existing object that has the same name. When versioning is enabled or suspended for the bucket to which you want to upload the object, the x-oss-forbid-overwrite request header does not take effect. In this case, the object uploaded by using PutObject overwrites the existing object that has the same name.
  • If x-oss-forbid-overwrite is not specified or the value of x-oss-forbid-overwrite is set to false, the object uploaded by using PutObject overwrites the existing object that has the same name.
  • If the value of x-oss-forbid-overwrite is set to true, the object uploaded by using PutObject cannot overwrite the existing object that has the same name.

If you specify the x-oss-forbid-overwrite request header, the queries per second (QPS) performance of OSS may be degraded. If you want to use the x-oss-forbid-overwrite request header to perform a large number of operations (QPS greater than 1,000), submit a ticket.

Default value: false

x-oss-server-side-encryption String No The method that is used to encrypt the uploaded object on the OSS server when the object is created.

Valid values: AES256 and KMS

If you specify this header in a PutObject request, it is returned in the response. OSS uses the method specified by this header to encrypt the uploaded object. When you download the encrypted object, the x-oss-server-side-encryption header is included in the response and the header value is set to the algorithm used to encrypt the object.

x-oss-server-side-encryption-key-id String No The ID of the customer master key (CMK) hosted in KMS.

This parameter is valid only when x-oss-server-side-encryption is set to KMS.

x-oss-object-acl String No The access control list (ACL) of the uploaded object. Default value: default.
Valid values:
  • default: The ACL of the uploaded object is the same as that of the bucket in which the object is stored.
  • private: The ACL of the uploaded object is private. Only the owner of the object and authorized users can read and write this object.
  • public-read: The ACL of the object is public read. Only the owner of the object and authorized users can write this object. Other users can only read the object. Exercise caution when you set the object ACL to this value.
  • public-read-write: The ACL of the object is public read and write. All users can read and write this object. Exercise caution when you set the object ACL to this value.

For more information about object ACLs, see ACL.

x-oss-storage-class String No The storage class of the uploaded object.

If you specify this header when you upload an object, the storage class of the uploaded object is the specified header value regardless of the storage class of the bucket to which the object is uploaded. For example, if you set x-oss-storage-class to Standard when you upload an object to an IA bucket, the object is stored as a Standard object.

Valid values:
  • Standard
  • IA
  • Archive
  • ColdArchive

For more information about storage classes, see Overview.

x-oss-meta-* String No In a PutObject request, headers whose names contain the x-oss-meta-* prefix are considered the user metadata of the object to upload. Example: x-oss-meta-location. You can specify multiple similar headers for an object. However, the user metadata of an object cannot exceed 8 KB in size.

The names of user metadata headers can contain letters, digits, and hyphens (-). Uppercase letters are converted to lowercase letters. Other characters such as underscores (_) are not supported.

x-oss-tagging String No The tag of the upload to upload. You can configure multiple tags for the object. Example: TagA=A&TagB=B.
Note The key and value of a tag must be URL-encoded. If a tag does not contain an equal sign (=), the value of the tag is considered an empty string.

This API operation must also include common request headers such as Host and Date. For more information, see Common request headers.

Response headers

The response headers involved in this API operation contain only common response headers. For more information, see Common response headers.

Examples

  • Simple upload
    Sample requests
    PUT /test.txt HTTP/1.1
    Host: test.oss-cn-zhangjiakou.aliyuncs.com
    User-Agent: aliyun-sdk-python/2.6.0(Windows/7/AMD64;3.7.0)
    Accept: */*
    Connection: keep-alive
    Content-Type: text/plain
    date: Tue, 04 Dec 2018 15:56:37 GMT
    authorization: OSS qn6qrrqxo2oawuk53otfjbyc:kZoYNv66bsmc10+dcGKw5x2P****
    Transfer-Encoding: chunked
    Sample responses
    HTTP/1.1 200 OK
    Server: AliyunOSS
    Date: Tue, 04 Dec 2018 15:56:38 GMT
    Content-Length: 0
    Connection: keep-alive
    x-oss-request-id: 5C06A3B67B8B5A3DA422299D
    ETag: "D41D8CD98F00B204E9800998ECF8****"
    x-oss-hash-crc64ecma: 0
    Content-MD5: 1B2M2Y8AsgTpgAmY7PhCfg==
    x-oss-server-time: 7
  • Upload an Archive object
    Sample requests
    PUT /oss.jpg HTTP/1.1 
    Host: oss-example.oss-cn-hangzhou.aliyuncs.com Cache-control: no-cache 
    Expires: Fri, 28 Feb 2012 05:38:42 GMT 
    Content-Encoding: utf-8
    Content-Disposition: attachment;filename=oss_download.jpg 
    Date: Fri, 24 Feb 2012 06:03:28 GMT 
    Content-Type: image/jpg 
    Content-Length: 344606 
    x-oss-storage-class: Archive
    Authorization: OSS qn6qrrqxo2oawuk53otfjbyc:kZoYNv66bsmc10+dcGKw5x2P**** 
    [344606 bytes of object data]
    Sample responses
    HTTP/1.1 200 OK
    Server: AliyunOSS
    Date: Sat, 21 Nov 2015 18:52:34 GMT
    Content-Type: image/jpg
    Content-Length: 0
    Connection: keep-alive
    x-oss-request-id: 5650BD72207FB30443962F9A
    x-oss-bucket-version: 1418321259
    ETag: "A797938C31D59EDD08D86188F6D5B872"
  • Upload an object to a versioned bucket
    Sample requests
    PUT /test HTTP/1.1
    Content-Length: 362149
    Content-Type: text/html
    Host: versioning-put.oss-cn-hangzhou.aliyuncs.com
    Date: Tue, 09 Apr 2019 02:53:24 GMT
    Authorization: OSS lkojgn8y1exic6e:6yYhX+BuuEqzI1tAMW0wgIyl****
    Sample responses
    HTTP/1.1 200 OK
    Server: AliyunOSS
    Date: Tue, 09 Apr 2019 02:53:24 GMT
    Content-Length: 0
    Connection: keep-alive
    x-oss-request-id: 5CAC0A3DB7AEADE01700****
    x-oss-version-id: CAEQNhiBgMDJgZCA0BYiIDc4MGZjZGI2OTBjOTRmNTE5NmU5NmFhZjhjYmY0****
    ETag: "4F345B1F066DB1444775AA97D5D2****"

SDK

You can use OSS SDKs for the following programming languages to call the PutObject operation:

Error codes

Error code HTTP status code Description
MissingContentLength 411 The error message returned because the request header is not encoded by using chunked encoding or because the Content-Length header is not specified.
InvalidEncryptionAlgorithmError 400 The error message returned because the specified value of x-oss-server-side-encryption is invalid.

Valid values: AES256 and KMS.

AccessDenied 403 The error message returned because you do not have permissions to access the specified bucket to which you want to upload the object.
NoSuchBucket 404 The error message returned because the specified bucket to which you want to upload the object does not exist.
InvalidObjectName 400 The error message returned because the length of the specified object key exceeds 1,023 bytes.
InvalidArgument 400 Possible causes:
  • The object you want to upload is larger than 5 GB in size.
  • The values of headers such as x-oss-storage-class are invalid.
RequestTimeout 400 The error message returned because Content-Length is specified in the request but the message body is not sent, or the sent message body is smaller than the specified size. In this case, the server waits until the request times out.
Bad Request 400 The error message returned because the Content-MD5 header value specified in the request is different from the MD5 hash calculated by OSS. OSS calculates the MD5 hash of the sent data and compares the calculated MD5 hash with the Content-MD5 header value specified in the request.
KmsServiceNotEnabled 403 The error message returned because the x-oss-server-side-encryption header is set to KMS, but KMS is not activated in advance.
FileAlreadyExists 409 Possible causes:
  • The request contains the x-oss-forbid-overwrite=true header, and an existing object has the same name as that of the object to upload.
  • The hierarchical namespace feature is enabled for the bucket, and a directory that has the same name as that of the object to upload exists in the current directory level.
FileImmutable 409 The error message returned because you delete or modify data that is being protected. During the protection period, data in the bucket cannot be deleted or modified.