Table of Contents

Class CopyObjectRequest

Namespace
Amazon.S3.Model
Assembly
AWSSDK.S3.dll

Container for the parameters to the CopyObject operation. Creates a copy of an object that is already stored in Amazon S3.

note

You can store individual objects of up to 5 TB in Amazon S3. You create a copy of your object up to 5 GB in size in a single atomic action using this API. However, to copy an object greater than 5 GB, you must use the multipart upload Upload Part - Copy API. For more information, see Copy Object Using the REST Multipart Upload API.

All copy requests must be authenticated. Additionally, you must have read access to the source object and write access to the destination bucket. For more information, see REST Authentication. Both the Region that you want to copy the object from and the Region that you want to copy the object to must be enabled for your account.

A copy request might return an error when Amazon S3 receives the copy request or while Amazon S3 is copying the files. If the error occurs before the copy action starts, you receive a standard Amazon S3 error. If the error occurs during the copy operation, the error response is embedded in the 

200 OK
response. This means that a 
200 OK
response can contain either a success or an error. Design your application to parse the contents of the response and handle it appropriately.

If the copy is successful, you receive a response with information about the copied object.

note

If the request is an HTTP 1.1 request, the response is chunk encoded. If it were not, it would not contain the content-length, and you would need to read the entire body.

The copy request charge is based on the storage class and Region that you specify for the destination object. For pricing information, see Amazon S3 pricing.

Amazon S3 transfer acceleration does not support cross-Region copies. If you request a cross-Region copy using a transfer acceleration endpoint, you get a 400 

Bad
                                                                                      Request
error. For more information, see Transfer Acceleration.

Metadata

When copying an object, you can preserve all metadata (default) or specify new metadata. However, the ACL is not preserved and is set to private for the user making the request. To override the default ACL setting, specify a new ACL when generating a copy request. For more information, see Using ACLs.

To specify whether you want the object metadata copied from the source object or replaced with metadata provided in the request, you can optionally add the 

x-amz-metadata-directive
header. When you grant permissions, you can use the 
s3:x-amz-metadata-directive
condition key to enforce certain metadata behavior when objects are uploaded. For more information, see Specifying Conditions in a Policy in the Amazon S3 User Guide. For a complete list of Amazon S3-specific condition keys, see Actions, Resources, and Condition Keys for Amazon S3. 

x-amz-copy-source-if
Headers

To only copy an object under certain conditions, such as whether the 

Etag
matches or whether the object was modified before or after a specified date, use the following request parameters: 

  • x-amz-copy-source-if-match

  • x-amz-copy-source-if-none-match

  • x-amz-copy-source-if-unmodified-since

  • x-amz-copy-source-if-modified-since

If both the 

x-amz-copy-source-if-match
and 
x-amz-copy-source-if-unmodified-since
headers are present in the request and evaluate as follows, Amazon S3 returns 
200
                                                                                          OK
and copies the data: 

  • x-amz-copy-source-if-match
    condition evaluates to true 

  • x-amz-copy-source-if-unmodified-since
    condition evaluates to false

If both the 

x-amz-copy-source-if-none-match
and 
x-amz-copy-source-if-modified-since
headers are present in the request and evaluate as follows, Amazon S3 returns the 
412 Precondition Failed
response code: 

  • x-amz-copy-source-if-none-match
    condition evaluates to false 

  • x-amz-copy-source-if-modified-since
    condition evaluates to true
note

All headers with the 

x-amz-
prefix, including 
x-amz-copy-source
, must be signed.

Server-side encryption

When you perform a CopyObject operation, you can optionally use the appropriate encryption-related headers to encrypt the object using server-side encryption with Amazon Web Services managed encryption keys (SSE-S3 or SSE-KMS) or a customer-provided encryption key. With server-side encryption, Amazon S3 encrypts your data as it writes it to disks in its data centers and decrypts the data when you access it. For more information about server-side encryption, see Using Server-Side Encryption.

If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the object. For more information, see Amazon S3 Bucket Keys in the Amazon S3 User Guide.

Access Control List (ACL)-Specific Request Headers

When copying an object, you can optionally use headers to grant ACL-based permissions. By default, all objects are private. Only the owner has full access control. When adding a new object, you can grant permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the ACL on the object. For more information, see Access Control List (ACL) Overview and Managing ACLs Using the REST API.

If the bucket that you're copying objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only accept PUT requests that don't specify an ACL or PUT requests that specify bucket owner full control ACLs, such as the 

bucket-owner-full-control
canned ACL or an equivalent form of this ACL expressed in the XML format.

For more information, see Controlling ownership of objects and disabling ACLs in the Amazon S3 User Guide.

note

If your bucket uses the bucket owner enforced setting for Object Ownership, all objects written to the bucket by any account will be owned by the bucket owner.

Storage Class Options

You can use the 

CopyObject
action to change the storage class of an object that is already stored in Amazon S3 using the 
StorageClass
parameter. For more information, see Storage Classes in the Amazon S3 User Guide.

Versioning

By default, 

x-amz-copy-source
identifies the current version of an object to copy. If the current version is a delete marker, Amazon S3 behaves as if the object was deleted. To copy a different version, use the 
versionId
subresource.

If you enable versioning on the target bucket, Amazon S3 generates a unique version ID for the object being copied. This version ID is different from the version ID of the source object. Amazon S3 returns the version ID of the copied object in the 

x-amz-version-id
response header in the response.

If you do not enable versioning or suspend it on the target bucket, the version ID that Amazon S3 generates is always null.

If the source object's storage class is GLACIER, you must restore a copy of this object before you can use it as a source object for the copy operation. For more information, see RestoreObject.

The following operations are related to 

CopyObject
:

For more information, see Copying Objects. 

public class CopyObjectRequest : PutWithACLRequest
Inheritance
CopyObjectRequest
Inherited Members

Constructors

CopyObjectRequest() 

public CopyObjectRequest()

Properties

BucketKeyEnabled

Gets and sets the property BucketKeyEnabled.

Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using AWS KMS (SSE-KMS). Setting this header to 

true
causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.

Specifying this header with a COPY action doesn't affect bucket-level settings for S3 Bucket Key. 

public bool BucketKeyEnabled { get; set; }

Property Value

bool

CannedACL

A canned access control list (CACL) to apply to the object. Please refer to S3CannedACL for information on S3 Canned ACLs.

This action is not supported by Amazon S3 on Outposts.

public S3CannedACL CannedACL { get; set; }

Property Value

S3CannedACL

ChecksumAlgorithm

Gets and sets the property ChecksumAlgorithm.

Indicates the algorithm you want Amazon S3 to use to create the checksum for the object. For more information, see Checking object integrity in the Amazon S3 User Guide. 

public ChecksumAlgorithm ChecksumAlgorithm { get; set; }

Property Value

ChecksumAlgorithm

ContentType

This is a convenience property for Headers.ContentType.

public string ContentType { get; set; }

Property Value

string

CopySourceServerSideEncryptionCustomerMethod

The Server-side encryption algorithm to be used with the customer provided key.

public ServerSideEncryptionCustomerMethod CopySourceServerSideEncryptionCustomerMethod { get; set; }

Property Value

ServerSideEncryptionCustomerMethod

CopySourceServerSideEncryptionCustomerProvidedKey

The customer provided encryption key for the source object of the copy.

Important: Amazon S3 does not store the encryption key you provide. 

public string CopySourceServerSideEncryptionCustomerProvidedKey { get; set; }

Property Value

string

CopySourceServerSideEncryptionCustomerProvidedKeyMD5

The MD5 of the customer encryption key specified in the CopySourceServerSideEncryptionCustomerProvidedKey property. The MD5 is base 64 encoded. This field is optional, the SDK will calculate the MD5 if this is not set.

public string CopySourceServerSideEncryptionCustomerProvidedKeyMD5 { get; set; }

Property Value

string

DestinationBucket

Gets and sets the property DestinationBucket.

The name of the destination bucket.

When using this action with an access point, you must direct requests to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see Using access points in the Amazon S3 User Guide.

When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form 

AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com
. When you use this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, see What is S3 on Outposts in the Amazon S3 User Guide. 
public string DestinationBucket { get; set; }

Property Value

string

DestinationKey

The key to be given to the copy of the source object.

public string DestinationKey { get; set; }

Property Value

string

Remarks

This property will be used as part of the resource path of the HTTP request. In .NET the System.Uri class is used to construct the uri for the request. The System.Uri class will canonicalize the uri string by compacting characters like "..". /// For example an object key of "foo/../bar/file.txt" will be transformed into "bar/file.txt" because the ".." is interpreted as use parent directory. For further information view the documentation for the Uri class: https://docs.microsoft.com/en-us/dotnet/api/system.uri

ETagToMatch

ETag to be matched as a pre-condition for copying the source object otherwise returns a PreconditionFailed.

public string ETagToMatch { get; set; }

Property Value

string

Remarks

Copies the object if its entity tag (ETag) matches the specified tag; otherwise return a 412 (precondition failed). Constraints: This property can be used with IfUnmodifiedSince, but cannot be used with other conditional copy properties.

ETagToNotMatch

ETag that must not be matched as a pre-condition for copying the source object, otherwise returns a PreconditionFailed.

public string ETagToNotMatch { get; set; }

Property Value

string

ExpectedBucketOwner

Gets and sets the property ExpectedBucketOwner.

The account ID of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 

403 (Access
                                                                                Denied)
error. 
public string ExpectedBucketOwner { get; set; }

Property Value

string

ExpectedSourceBucketOwner

Gets and sets the property ExpectedSourceBucketOwner.

The account ID of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 

403 (Access Denied)
error. 
public string ExpectedSourceBucketOwner { get; set; }

Property Value

string

Headers

The collection of headers for the request.

public HeadersCollection Headers { get; }

Property Value

HeadersCollection

Metadata

The collection of meta data for the request.

public MetadataCollection Metadata { get; }

Property Value

MetadataCollection

MetadataDirective

Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request.

public S3MetadataDirective MetadataDirective { get; set; }

Property Value

S3MetadataDirective

ModifiedSinceDate

This property is deprecated. Setting this property results in non-UTC DateTimes not being marshalled correctly. Use ModifiedSinceDateUtc instead. Setting either ModifiedSinceDate or ModifiedSinceDateUtc results in both ModifiedSinceDate and ModifiedSinceDateUtc being assigned, the latest assignment to either one of the two property is reflected in the value of both. ModifiedSinceDate is provided for backwards compatibility only and assigning a non-Utc DateTime to it results in the wrong timestamp being passed to the service.

Copies the object if it has been modified since the specified time, otherwise returns a PreconditionFailed. 
[Obsolete("Setting this property results in non-UTC DateTimes not being marshalled correctly. Use ModifiedSinceDateUtc instead. Setting either ModifiedSinceDate or ModifiedSinceDateUtc results in both ModifiedSinceDate and ModifiedSinceDateUtc being assigned, the latest assignment to either one of the two property is reflected in the value of both. ModifiedSinceDate is provided for backwards compatibility only and assigning a non-Utc DateTime to it results in the wrong timestamp being passed to the service.", false)]
public DateTime ModifiedSinceDate { get; set; }

Property Value

DateTime

Remarks

Copies the object if it has been modified since the specified time; otherwise returns a 412 (failed condition). Constraints: This property can be used with ETagToNotMatch, but cannot be used with other conditional copy properties.

ModifiedSinceDateUtc

Copies the object if it has been modified since the specified time, otherwise returns a PreconditionFailed.

public DateTime ModifiedSinceDateUtc { get; set; }

Property Value

DateTime

Remarks

Copies the object if it has been modified since the specified time; otherwise returns a 412 (failed condition). Constraints: This property can be used with ETagToNotMatch, but cannot be used with other conditional copy properties.

ObjectLockLegalHoldStatus

Gets and sets the property ObjectLockLegalHoldStatus.

Specifies whether you want to apply a Legal Hold to the copied object. 

public ObjectLockLegalHoldStatus ObjectLockLegalHoldStatus { get; set; }

Property Value

ObjectLockLegalHoldStatus

ObjectLockMode

Gets and sets the property ObjectLockMode.

The Object Lock mode that you want to apply to the copied object. 

public ObjectLockMode ObjectLockMode { get; set; }

Property Value

ObjectLockMode

ObjectLockRetainUntilDate

Gets and sets the property ObjectLockRetainUntilDate.

The date and time when you want the copied object's Object Lock to expire. 

public DateTime ObjectLockRetainUntilDate { get; set; }

Property Value

DateTime

RequestPayer

Confirms that the requester knows that she or he will be charged for the request. Bucket owners need not specify this parameter in their requests.

public RequestPayer RequestPayer { get; set; }

Property Value

RequestPayer

ServerSideEncryptionCustomerMethod

The Server-side encryption algorithm to be used with the customer provided key.

public ServerSideEncryptionCustomerMethod ServerSideEncryptionCustomerMethod { get; set; }

Property Value

ServerSideEncryptionCustomerMethod

ServerSideEncryptionCustomerProvidedKey

The base64-encoded encryption key for Amazon S3 to use to encrypt the object

Using the encryption key you provide as part of your request Amazon S3 manages both the encryption, as it writes to disks, and decryption, when you access your objects. Therefore, you don't need to maintain any data encryption code. The only thing you do is manage the encryption keys you provide.

///

When you retrieve an object, you must provide the same encryption key as part of your request. Amazon S3 first verifies the encryption key you provided matches, and then decrypts the object before returning the object data to you.

Important: Amazon S3 does not store the encryption key you provide. 

public string ServerSideEncryptionCustomerProvidedKey { get; set; }

Property Value

string

ServerSideEncryptionCustomerProvidedKeyMD5

The MD5 of the customer encryption key specified in the ServerSideEncryptionCustomerProvidedKey property. The MD5 is base 64 encoded. This field is optional, the SDK will calculate the MD5 if this is not set.

public string ServerSideEncryptionCustomerProvidedKeyMD5 { get; set; }

Property Value

string

ServerSideEncryptionKeyManagementServiceEncryptionContext

Gets and sets the property SSEKMSEncryptionContext.

Specifies the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs. 

public string ServerSideEncryptionKeyManagementServiceEncryptionContext { get; set; }

Property Value

string

ServerSideEncryptionKeyManagementServiceKeyId

Gets and sets the property SSEKMSKeyId.

Specifies the Amazon Web Services KMS key ID to use for object encryption. All GET and PUT requests for an object protected by Amazon Web Services KMS will fail if not made via SSL or using SigV4. For information about configuring using any of the officially supported Amazon Web Services SDKs and Amazon Web Services CLI, see Specifying the Signature Version in Request Authentication in the Amazon S3 User Guide. 

public string ServerSideEncryptionKeyManagementServiceKeyId { get; set; }

Property Value

string

ServerSideEncryptionMethod

The server-side encryption algorithm used when storing this object in Amazon S3 (for example, AES256, 

aws:kms
). 
public ServerSideEncryptionMethod ServerSideEncryptionMethod { get; set; }

Property Value

ServerSideEncryptionMethod

SourceBucket

The name of the bucket containing the object to copy.

public string SourceBucket { get; set; }

Property Value

string

SourceKey

The key of the object to copy.

public string SourceKey { get; set; }

Property Value

string

Remarks

This property will be used as part of the resource path of the HTTP request. In .NET the System.Uri class is used to construct the uri for the request. The System.Uri class will canonicalize the uri string by compacting characters like "..". /// For example an object key of "foo/../bar/file.txt" will be transformed into "bar/file.txt" because the ".." is interpreted as use parent directory. For further information view the documentation for the Uri class: https://docs.microsoft.com/en-us/dotnet/api/system.uri

SourceVersionId

Specifies a particular version of the source object to copy. By default the latest version is copied.

public string SourceVersionId { get; set; }

Property Value

string

StorageClass

Gets and sets the property StorageClass.

By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, see Storage Classes in the Amazon S3 User Guide. 

public S3StorageClass StorageClass { get; set; }

Property Value

S3StorageClass

TagSet

The tag-set for the object destination object this value must be used in conjunction with the TaggingDirective. The tag-set must be encoded as URL Query parameters.

public List<Tag> TagSet { get; set; }

Property Value

List<Tag>

UnmodifiedSinceDate

This property is deprecated. Setting this property results in non-UTC DateTimes not being marshalled correctly. Use UnmodifiedSinceDateUtc instead. Setting either UnmodifiedSinceDate or UnmodifiedSinceDateUtc results in both UnmodifiedSinceDate and UnmodifiedSinceDateUtc being assigned, the latest assignment to either one of the two property is reflected in the value of both. UnmodifiedSinceDate is provided for backwards compatibility only and assigning a non-Utc DateTime to it results in the wrong timestamp being passed to the service.

Copies the object if it has not been modified since the specified time, otherwise returns a PreconditionFailed. 
[Obsolete("Setting this property results in non-UTC DateTimes not being marshalled correctly. Use UnmodifiedSinceDateUtc instead. Setting either UnmodifiedSinceDate or UnmodifiedSinceDateUtc results in both UnmodifiedSinceDate and UnmodifiedSinceDateUtc being assigned, the latest assignment to either one of the two property is reflected in the value of both. UnmodifiedSinceDate is provided for backwards compatibility only and assigning a non-Utc DateTime to it results in the wrong timestamp being passed to the service.", false)]
public DateTime UnmodifiedSinceDate { get; set; }

Property Value

DateTime

Remarks

Copies the object if it hasn't been modified since the specified time; otherwise returns a 412 (precondition failed). Constraints: This property can be used with ETagToMatch, but cannot be used with other conditional copy properties.

UnmodifiedSinceDateUtc

Copies the object if it has not been modified since the specified time, otherwise returns a PreconditionFailed.

public DateTime UnmodifiedSinceDateUtc { get; set; }

Property Value

DateTime

Remarks

Copies the object if it hasn't been modified since the specified time; otherwise returns a 412 (precondition failed). Constraints: This property can be used with ETagToMatch, but cannot be used with other conditional copy properties.

WebsiteRedirectLocation

If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. This value is unique to each object and is not copied when using the 

x-amz-metadata-directive
header. Instead, you may opt to provide this header in combination with the directive. 
public string WebsiteRedirectLocation { get; set; }

Property Value

string