Deleting multiple objects

You use the HTTP POST method to delete multiple objects in a bucket. To delete multiple objects, you need delete permission for the bucket containing the objects or for the objects themselves. You cannot use this method with the S3 compatible API to delete:

  • Objects that are under retention.
  • Objects that are on hold.
  • Delete markers of objects.
  • Multiple versions of objects.

Since the S3 compatible API currently does not support deleting multiple objects based on version ID, if you try to delete objects with multiple versions, only the current versions of the objects are deleted.

Request line

Depending on whether the bucket name is included in the hostname in the S3 compatible request, a request to delete multiple objects has either of these formats:

  • With the bucket name included in the hostname:
    POST /?delete HTTP/1.1
  • With the bucket name following the hostname:
    POST /bucket-name?delete HTTP/1.1

Required headers

The list below describes the headers you can use in a request to delete multiple objects.

  • Authorization

    Specifies user credentials or requests anonymous access.

  • Content-MD5

    Directs HCP to check the integrity of the data it receives by comparing a Base64-encoded MD5 hash of that data to the value specified by this header. The valid value for this header is the Base64-encoded MD5 hash of the data in the request body.

  • Host

    Specifies the hostname for the request. The host name identifies either a tenant or a bucket.

    For a tenant, use this format:

    tenant-name.hcp-domain-name

    For a bucket, use this format:

    bucket-name.tenant-name.hcp-domain-name

  • x-amz-date

    Specifies the date and time at which the request is being made according to the requester. Normally, this is the current date and time.

    For the valid values for this header, see the description of the Date header above.

Optional headers

  • Content-Length

    Specifies the size, in bytes, of the data being uploaded.

  • Date

    Specifies the date and time when the request is being made according to the requester. Normally, this is the current date and time.

    The date and time must always be specified using Greenwich Mean Time (GMT).

    To specify the date and time, use this format:

    DDD, dd MMM yyyy HH:mm:ss (+0000|GMT)

    In this format:

    • DDD

      The three-letter abbreviation for the day of the week, with an uppercase first letter (for example, Mon).

    • dd

      The two-digit day of the month.

    • MMM

      The three-letter abbreviation for the month, with an uppercase first letter (for example, Feb).

    • yyyy

      The four-digit year.

    • HH

      The hour on a 24-hour clock.

    • mm

      The number of minutes.

    • ss

      The number of seconds.

    For example:

    Thu, 23 Mar 2017 14:27:05 +0000

    All S3 compatible requests must include either a Date header or an x-amz-date header. If a request includes both headers, HCP uses the date and time in the x-amz-date header.

  • x-hcp-privileged

    If you have privileged permission and the bucket allows it, this enables a privileged delete on an object that is under retention. The valid value for this header is a text string of up to 1,024 characters long, which can contain any valid UTF-8 characters, including white space.

Request body

The list below describes the XML elements in the request body to delete multiple objects. The elements are listed in alphabetical order.

  • Delete

    Root element.

  • Key

    Child of the Object element.

    The Key element specifies the name of the object to delete.

  • Object

    Child of the Delete element.

    The Object element specifies the delete request for an object.

  • Quiet

    Child of the Delete element.

    The Quiet element, when its value is set to true, enables quiet mode for the request.

Response headers

The list below describes the headers returned in response to a successful request to delete multiple objects.

  • Content-Length

    The size, in bytes, of the response body if HCP can determine the size before formulating the response.

    If the response does not include a response body, the value of the Content-Length header is 0 (zero).

  • Content-Type

    The Internet media type of the response body if HCP can determine the Internet media type. If HCP cannot determine the Internet media type, the value of this header is application/octet-stream.

  • Date

    The date and time when HCP responded to the request, in Greenwich Mean Time (GMT). The date and time are returned in this format:

    DDD dd MMM yyyy HH:mm:ss GMT

    For example:

    Fri, 18 Sep 2020 14:27:05 GMT

Response body

HCP returns information about the objects that were successfully deleted and the objects that were not successfully deleted from a delete request in an XML response body.

The list below describes the XML elements in the response body returned in response to a request to delete multiple objects. The elements are listed in alphabetical order.

  • Code

    Child of the Error element.

    The Code element specifies the status code for the error.

  • DeleteMarker

    Child of the Deleted element.

    The DeleteMarker element specifies whether the request accessed a delete marker.

  • DeleteMarkerVersionId

    Child of the Deleted element.

    The DeleteMarkerVersionId element specifies the version ID of the delete marker accessed by the request. Currently, Not Implemented is returned with this element.

  • DeleteResult

    Root element.

  • Deleted

    Child of the DeleteResult element.

    The Deleted element specifies the name of the object that the S3 compatible API successfully deleted.

  • Error

    Child of the DeleteResult element.

    The Error element specifies the name of the object that was not deleted and describes the error that was encountered.

  • Key

    Child of the Deleted element or the Error element.

    The Key element specifies the name of the object that the S3 compatible API attempted to delete.

  • Message

    Child of the Error element.

    The Message element provides more information about the error.

  • VersionId

    Child of the Deleted element or the Error element.

    The VersionId element specifies the version ID of the object that the S3 compatible API attempted to delete. The version ID of only the current version of the object is returned.

Return codes

The table below describes HTTP status codes that can be returned in response to a request to delete multiple objects.

CodeMeaningDescription
200OKHCP has accepted the request. This does not mean that every object in the request was successfully deleted.
204No Content

One of these:

  • HCP successfully deleted the object.
  • The specified object does not exist.
  • The current version of the specified object is a delete marker.
400Bad Request

Possible reasons include:

  • The request includes a header that is invalid for the requested operation.
  • The specified bucket name is invalid.
  • The specified object name is invalid.
403Forbidden

Possible reasons include:

  • The credentials provided with the request are invalid.
  • You do not have delete permission for the specified object.
  • The S3 compatible API is currently disabled for the specified bucket.
404Not FoundPossible reasons include that the specified object does not exist.
409Conflict

Possible reasons include:

  • The object data is currently being written to HCP.
  • The specified object is under retention.
500Internal Server Error

An internal error occurred.

If this error persists, contact your tenant administrator.

503Service Unavailable

HCP is temporarily unable to handle the request, probably due to system overload, maintenance, or upgrade. Try the request again, gradually increasing the delay between each successive attempt.

If this error persists, contact your tenant administrator.

Example: Deleting multiple objects

Here’s a sample POST request on the finance bucket to delete objects named quarterly_rpts/Q2_2019.ppt and quarterly_rpts/Q3_2019.ppt.

Request with s3curl command line

./s3curl.pl --id=lgreen --contentType application/xml --calculateContentMd5 --post mod.xml -- -ik -v
     "https://europe.hcp.example.com/finance?delete"

Request headers

POST /finance?delete HTTP/1.1
Host: europe.hcp.example.com/finance
Date: Fri, 07 February 2020 17:19:26 +0000
Authorization: AWS bGdyZWVu:i9bRonH4gi1SrymsF0Fw84mWUeQ=
Content-type: application/xml
Content-MD5: BQ7HxZ32wHoDbnACnRE79w==
Content-Length: 275

Request body

<?xml version="1.0" encoding="UTF-8"?>
<Delete>
     <Object>
          <Key>quarterly_rpts/Q2_2019.ppt</Key>
     </Object>
     <Object>
          <Key>quarterly_rpts/Q3_2019.ppt</Key>
     </Object>
</Delete>

Response headers

HTTP/1.1 200 OK
Date: Fri, 07 February 2020 17:19:26 GMT
Content-Type: application/xml
Content-Length: 731

Response body

<?xml version="1.0" encoding="UTF-8"?>
<DeleteResult>
     <Deleted>
          <Key>quarterly_rpts/Q2_2019.ppt</Key>
          <VersionId>97302435810137</VersionId>
          <DeleteMarker>true</DeleteMarker>
          <DeleteMarkerVersionId>Not Implemented</DeleteMarkerVersionId>
     </Deleted>
     <Error>
          <Key>quarterly_rpts/Q3_2019.ppt</Key>
          <Code>AccessDenied</Code>
          <Message>Access Denied</Message>
     </Error>
</DeleteResult>