DeleteObjects - Amazon Simple Storage Service

DeleteObjects

This operation enables you to delete multiple objects from a bucket using a single HTTP request. If you know the object keys that you want to delete, then this operation provides a suitable alternative to sending individual delete requests, reducing per-request overhead.

The request can contain a list of up to 1000 keys that you want to delete. In the XML, you provide the object key names, and optionally, version IDs if you want to delete a specific version of the object from a versioning-enabled bucket. For each key, Amazon S3 performs a delete operation and returns the result of that delete, success or failure, in the response. Note that if the object specified in the request is not found, Amazon S3 returns the result as deleted.

Note
  • Directory buckets - S3 Versioning isn't enabled and supported for directory buckets.

  • Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the Amazon S3 User Guide.

The operation supports two modes for the response: verbose and quiet. By default, the operation uses verbose mode in which the response includes the result of deletion of each key in your request. In quiet mode the response includes only keys where the delete operation encountered an error. For a successful deletion in a quiet mode, the operation does not return any information about the delete in the response body.

When performing this action on an MFA Delete enabled bucket, that attempts to delete any versioned objects, you must include an MFA token. If you do not provide one, the entire request will fail, even if there are non-versioned objects you are trying to delete. If you provide an invalid token, whether there are versioned keys in the request or not, the entire Multi-Object Delete request will fail. For information about MFA Delete, see MFA Delete in the Amazon S3 User Guide.

Note

Directory buckets - MFA delete is not supported by directory buckets.

Permissions
  • General purpose bucket permissions - The following permissions are required in your policies when your DeleteObjects request includes specific headers.

    • s3:DeleteObject - To delete an object from a bucket, you must always specify the s3:DeleteObject permission.

    • s3:DeleteObjectVersion - To delete a specific version of an object from a versioning-enabled bucket, you must specify the s3:DeleteObjectVersion permission.

  • Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the CreateSession API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. AWS CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see CreateSession.

Content-MD5 request header
  • General purpose bucket - The Content-MD5 request header is required for all Multi-Object Delete requests. Amazon S3 uses the header value to ensure that your request body has not been altered in transit.

  • Directory bucket - The Content-MD5 request header or a additional checksum request header (including x-amz-checksum-crc32, x-amz-checksum-crc32c, x-amz-checksum-sha1, or x-amz-checksum-sha256) is required for all Multi-Object Delete requests.

HTTP Host header syntax

Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com.

The following operations are related to DeleteObjects:

Request Syntax

POST /?delete HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-mfa: MFA x-amz-request-payer: RequestPayer x-amz-bypass-governance-retention: BypassGovernanceRetention x-amz-expected-bucket-owner: ExpectedBucketOwner x-amz-sdk-checksum-algorithm: ChecksumAlgorithm <?xml version="1.0" encoding="UTF-8"?> <Delete xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Object> <Key>string</Key> <VersionId>string</VersionId> </Object> ... <Quiet>boolean</Quiet> </Delete>

URI Request Parameters

The request uses the following URI parameters.

Bucket

The bucket name containing the objects to delete.

Directory buckets - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, see Directory bucket naming rules in the Amazon S3 User Guide.

Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see Using access points in the Amazon S3 User Guide.

Note

Access points and Object Lambda access points are not supported by directory buckets.

S3 on Outposts - When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When you use this action with S3 on Outposts through the AWS SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, see What is S3 on Outposts? in the Amazon S3 User Guide.

Required: Yes

x-amz-bypass-governance-retention

Specifies whether you want to delete this object even if it has a Governance-type Object Lock in place. To use this header, you must have the s3:BypassGovernanceRetention permission.

Note

This functionality is not supported for directory buckets.

x-amz-expected-bucket-owner

The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

x-amz-mfa

The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled.

When performing the DeleteObjects operation on an MFA delete enabled bucket, which attempts to delete the specified versioned objects, you must include an MFA token. If you don't provide an MFA token, the entire request will fail, even if there are non-versioned objects that you are trying to delete. If you provide an invalid token, whether there are versioned object keys in the request or not, the entire Multi-Object Delete request will fail. For information about MFA Delete, see MFA Delete in the Amazon S3 User Guide.

Note

This functionality is not supported for directory buckets.

x-amz-request-payer

Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

Note

This functionality is not supported for directory buckets.

Valid Values: requester

x-amz-sdk-checksum-algorithm

Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code 400 Bad Request.

For the x-amz-checksum-algorithm header, replace algorithm with the supported algorithm from the following list:

  • CRC32

  • CRC32C

  • SHA1

  • SHA256

For more information, see Checking object integrity in the Amazon S3 User Guide.

If the individual checksum value you provide through x-amz-checksum-algorithm doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum algorithm that matches the provided value in x-amz-checksum-algorithm .

If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm parameter.

Valid Values: CRC32 | CRC32C | SHA1 | SHA256

Request Body

The request accepts the following data in XML format.

Delete

Root level tag for the Delete parameters.

Required: Yes

Object

The object to delete.

Note

Directory buckets - For directory buckets, an object that's composed entirely of whitespace characters is not supported by the DeleteObjects API operation. The request will receive a 400 Bad Request error and none of the objects in the request will be deleted.

Type: Array of ObjectIdentifier data types

Required: Yes

Quiet

Element to enable quiet mode for the request. When you add this element, you must set its value to true.

Type: Boolean

Required: No

Response Syntax

HTTP/1.1 200 x-amz-request-charged: RequestCharged <?xml version="1.0" encoding="UTF-8"?> <DeleteResult> <Deleted> <DeleteMarker>boolean</DeleteMarker> <DeleteMarkerVersionId>string</DeleteMarkerVersionId> <Key>string</Key> <VersionId>string</VersionId> </Deleted> ... <Error> <Code>string</Code> <Key>string</Key> <Message>string</Message> <VersionId>string</VersionId> </Error> ... </DeleteResult>

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The response returns the following HTTP headers.

x-amz-request-charged

If present, indicates that the requester was successfully charged for the request.

Note

This functionality is not supported for directory buckets.

Valid Values: requester

The following data is returned in XML format by the service.

DeleteResult

Root level tag for the DeleteResult parameters.

Required: Yes

Deleted

Container element for a successful delete. It identifies the object that was successfully deleted.

Type: Array of DeletedObject data types

Error

Container for a failed delete action that describes the object that Amazon S3 attempted to delete and the error it encountered.

Type: Array of Error data types

Examples

Sample Request for general purpose buckets: Multi-object delete resulting in mixed success/error response

This example illustrates a Multi-Object Delete request to delete objects that result in mixed success and errors response. The following request deletes two objects from a bucket (bucketname). In this example, the requester does not have permission to delete the sample2.txt object.

POST /?delete HTTP/1.1 Host: bucketname.s3.<Region>.amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 125 Connection: Keep-Alive <Delete> <Object> <Key>sample1.txt</Key> </Object> <Object> <Key>sample2.txt</Key> </Object> </Delete>

Sample Response for general purpose buckets

The response includes a DeleteResult element that includes a Deleted element for the item that Amazon S3 successfully deleted and an Error element that Amazon S3 did not delete because you didn't have permission to delete the object.

HTTP/1.1 200 OK x-amz-id-2: 5h4FxSNCUS7wP5z92eGCWDshNpMnRuXvETa4HH3LvvH6VAIr0jU7tH9kM7X+njXx x-amz-request-id: A437B3B641629AEE Date: Fri, 02 Dec 2011 01:53:42 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 251 <?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>sample1.txt</Key> </Deleted> <Error> <Key>sample2.txt</Key> <Code>AccessDenied</Code> <Message>Access Denied</Message> </Error> </DeleteResult>

Sample Request for general purpose buckets: Deleting an object from a versioned bucket

If you delete an item from a versioning enabled bucket, all versions of that object remain in the bucket; however, Amazon S3 inserts a delete marker. For more information, see Object Versioning.

The following scenarios describe the behavior of a multi-object Delete request when versioning is enabled for your bucket.

Case 1 - Simple Delete: In the following sample request, the multi-object delete request specifies only one key.

POST /?delete HTTP/1.1 Host: bucketname.s3.<Region>.amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 79 Connection: Keep-Alive <Delete> <Object> <Key>SampleDocument.txt</Key> </Object> </Delete>

Sample Response for general purpose buckets

Because versioning is enabled on the bucket, Amazon S3 does not delete the object. Instead, it adds a delete marker for this object. The following response indicates that a delete marker was added (the DeleteMarker element in the response as a value of true) and the version number of the delete marker it added.

HTTP/1.1 200 OK x-amz-id-2: P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111ab+ x-amz-request-id: 264A17BF16E9E80A Date: Wed, 30 Nov 2011 03:39:32 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 276 <?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>SampleDocument.txt</Key> <DeleteMarker>true</DeleteMarker> <DeleteMarkerVersionId>NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s</DeleteMarkerVersionId> </Deleted> </DeleteResult>

Case 2 for general purpose buckets - Versioned Delete

The following request attempts to delete a specific version of an object.

POST /?delete HTTP/1.1 Host: bucketname.s3.<Region>.amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIxx= Content-Length: 140 Connection: Keep-Alive <Delete> <Object> <Key>SampleDocument.txt</Key> <VersionId>OYcLXagmS.WaD..oyH4KRguB95_YhLs7</VersionId> </Object> </Delete>

Sample Response for general purpose buckets

In this case, Amazon S3 deletes the specific object version from the bucket and returns the following response. In the response, Amazon S3 returns the key and version ID of the object deleted.

HTTP/1.1 400 Bad Request x-amz-id-2: P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111xx+ x-amz-request-id: 264A17BF16E9E80A Date: Wed, 30 Nov 2011 03:39:32 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 219 <?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>SampleDocument.txt</Key> <VersionId>OYcLXagmS.WaD..oyH4KRguB95_YhLs7</VersionId> </Deleted> </DeleteResult>

Case 3 for general purpose buckets - Versioned delete of a delete marker

In the preceding example, the request refers to a delete marker (instead of an object), then Amazon S3 deletes the delete marker. The effect of this action is to make your object reappear in your bucket. Amazon S3 returns a response that indicates the delete marker it deleted (DeleteMarker element with value true) and the version ID of the delete marker.

HTTP/1.1 200 OK x-amz-id-2: IIPUZrtolxDEmWsKOae9JlSZe6yWfTye3HQ3T2iAe0ZE4XHa6NKvAJcPp51zZaBr x-amz-request-id: D6B284CEC9B05E4E Date: Wed, 30 Nov 2011 03:43:25 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 331 <?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>SampleDocument.txt</Key> <VersionId>NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s</VersionId> <DeleteMarker>true</DeleteMarker> <DeleteMarkerVersionId>NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s</DeleteMarkerVersionId> </Deleted> </DeleteResult>

Sample Response for general purpose buckets

In general, when a multi-object Delete request results in Amazon S3 either adding a delete marker or removing a delete marker, the response returns the following elements.

<DeleteMarker>true</DeleteMarker> <DeleteMarkerVersionId>NeQt5xeFTfgPJD8B4CGWnkSLtluMr11s</DeleteMarkerVersionId>

Sample Request for general purpose buckets: Malformed XML in the request

This example shows how Amazon S3 responds to a request that includes a malformed XML document. The following request sends a malformed XML document (missing the Delete end element).

POST /?delete HTTP/1.1 Host: bucketname.s3.<Region>.amazonaws.com Accept: */* x-amz-date: Wed, 30 Nov 2011 03:39:05 GMT Content-MD5: p5/WA/oEr30qrEEl21PAqw== Authorization: AWS AKIAIOSFODNN7EXAMPLE:W0qPYCLe6JwkZAD1ei6hp9XZIee= Content-Length: 104 Connection: Keep-Alive <Delete> <Object> <Key>404.txt</Key> </Object> <Object> <Key>a.txt</Key> </Object>

Sample Response for general purpose buckets

The response returns the error messages that describe the error.

HTTP/1.1 200 OK x-amz-id-2: P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111ab+ x-amz-request-id: 264A17BF16E9E80A Date: Wed, 30 Nov 2011 03:39:32 GMT Content-Type: application/xml Server: AmazonS3 Content-Length: 207 <?xml version="1.0" encoding="UTF-8"?> <Error> <Code>MalformedXML</Code> <Message>The XML you provided was not well-formed or did not validate against our published schema</Message> <RequestId>264A17BF16E9E80A</RequestId> <HostId>P3xqrhuhYxlrefdw3rEzmJh8z5KDtGzb+/FB7oiQaScI9Yaxd8olYXc7d1111ab+</HostId> </Error>

Sample Request for general purpose buckets: DeleteObjects containing a carriage return

The following example illustrates the use of an XML entity code as a substitution for a carriage return. This DeleteObjects request deletes an object with the key parameter: /some/prefix/objectwith\rcarriagereturn (where the \r is the carriage return).

<Delete xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Object> <Key>/some/prefix/objectwith&#13;carriagereturn</Key> </Object> </Delete>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: