Objects: rewrite
Rewrites a source object to a destination object. The source file is not modified, unless the source and destination objects are the same. Optionally overrides metadata.
For large objects, this method requires the use of multiple requests, which avoids having one very long timeout for a single request. In such cases, the method responds with thedone flag set tofalse and also returns arewriteToken. To complete the rewrite, you must keep calling the endpoint using therewriteToken returned in the prior response until thedone flag istrue. You must complete rewrite operations within 1 week of when therewriteToken was created. Attempts to use the token after it has expired fail with a410 error.
Keep the following in mind when using the rewrite method:
- A rewrite completes in a single request, and you do not need to make additional calls specifying a
rewriteTokenif the following conditions are true:- Thestorage class of the object is not changing
- The source and destination are in the samelocation
- If the location is a dual-region, either the source bucket must haveturbo replication enabled or the source object must have completed itsreplication across regions
- Rewriting an object is charged as a single Class A operation, even when it requires the usage of a
rewriteToken. However, depending on the storage classes and locations involved, a rewrite might incur other charges. For more information, seeCloud Storage pricing. - When you rewrite acomposite object where the source and destination are different locations or storage classes, the result is a composite object that has a component count of 1.
- Any timeout logic that you set in conjunction with using this method should be at least 30 seconds.
Required permissions
The authenticated user must have the following IAM permissions to use this method:
storage.objects.createon the destination bucketstorage.objects.deleteon the destination bucket, if overwriting an existing objectstorage.objects.setRetentionon the destination bucket, if the request body includes theretentionproperty.storage.objects.geton the source bucketstorage.objects.createContexton the destination bucket, if the request body includes a non-emptycontexts.customproperty.
Request
HTTP request
POST https://storage.googleapis.com/storage/v1/b/sourceBucket/o/sourceObject/rewriteTo/b/destinationBucket/o/destinationObject
In addition tostandard query parameters, the following query parameters apply to this method.
To see an example of how to include query parameters in a request, see theJSON API Overview page.
Parameters
| Parameter name | Value | Description |
|---|---|---|
| Path parameters | ||
destinationBucket | string | Name of the bucket in which to store the new object. Overrides the provided object metadata'sbucket value, if any. |
destinationObject | string | Name of the new object. Required when the object metadata is not otherwise provided. Overrides the object metadata'sname value, if any. For information about how to URL encode object names to be path safe, seeEncoding URI path parts. |
sourceBucket | string | Name of the bucket in which to find the source object. |
sourceObject | string | Name of the source object. For information about how to URL encode object names to be path safe, seeEncoding URI path parts. |
| Optional query parameters | ||
destinationKmsKeyName | string | Resource name of the Cloud KMS key that will be used to encrypt the object. The Cloud KMS key must be located in same location as the object. If the parameter is not specified, the request uses the destination bucket's default encryption key, if any, or else it usesstandard Cloud Storage encryption. |
destinationPredefinedAcl | string | Apply a predefined set of access controls to the destination object. Acceptable values are:
iamConfiguration.uniformBucketLevelAccess.enabled is set totrue, requests that include this parameter fail with a400 Bad Request response. |
ifGenerationMatch | long | Makes the operation conditional on there being a live destination object with a generation number that matches the given value. SettingifGenerationMatch to 0 makes the operation succeed only if there is no live destination object. |
ifGenerationNotMatch | long | Makes the operation conditional on there being a live destination object with a generation number that does not match the given value. If no live destination object exists, the precondition fails. SettingifGenerationNotMatch to 0 makes the operation succeed if there is a live version of the object. |
ifMetagenerationMatch | long | Makes the operation conditional on there being a live destination object with a metageneration number that matches the given value. |
ifMetagenerationNotMatch | long | Makes the operation conditional on there being a live destination object with a metageneration number that does not match the given value. |
ifSourceGenerationMatch | long | Makes the operation conditional on whether the source object's generation matches the given value. |
ifSourceGenerationNotMatch | long | Makes the operation conditional on whether the source object's generation does not match the given value. |
ifSourceMetagenerationMatch | long | Makes the operation conditional on whether the source object's current metageneration matches the given value. |
ifSourceMetagenerationNotMatch | long | Makes the operation conditional on whether the source object's current metageneration does not match the given value. |
maxBytesRewrittenPerCall | long | The maximum number of bytes that will be rewritten per rewrite request. Most callers shouldn't need to specify this parameter - it is primarily in place to support testing. If specified the value must be an integral multiple of 1 MiB (1048576). Also, this only applies to requests where the source and destination span locations or storage classes. Finally, this value must not change across rewrite calls else you'll get an error that therewriteToken is invalid. |
projection | string | Set of properties to return. Defaults tonoAcl, unless the object resource specifies theacl property, when it defaults tofull.Acceptable values are:
|
rewriteToken | string | Include this field (from the previous rewrite response) on each rewrite request after the first one, until the rewrite response 'done' flag is true. Calls that provide a rewriteToken can omit all other request fields, but if included those fields must match the values provided in the first rewrite request. |
sourceGeneration | long | If present, selects a specific revision of the source object (as opposed to the latest version, the default). |
| Optional extension headers | ||
X-Goog-Copy-Source-Encryption-Algorithm | string | The encryption algorithm to use, which must beAES256. Used if the source object was encrypted with acustomer-supplied encryption key. |
X-Goog-Copy-Source-Encryption-Key | string | AnRFC 4648 Base64-encoded string of the AES-256 encryption key used to encrypt the source object, if it was encrypted with acustomer-supplied encryption key. |
X-Goog-Copy-Source-Encryption-Key-Sha256 | string | AnRFC 4648 Base64-encoded string of the SHA256 hash of the encryption key used to encrypt the source object, if it was encrypted with acustomer-supplied encryption key. |
X-Goog-Encryption-Algorithm | string | The encryption algorithm to use, which must beAES256. Used for encrypting the destination object with acustomer-supplied encryption key. |
X-Goog-Encryption-Key | string | AnRFC 4648 Base64-encoded string of your AES-256 encryption key. Used for encrypting the destination object with acustomer-supplied encryption key. |
X-Goog-Encryption-Key-Sha256 | string | AnRFC 4648 Base64-encoded string of the SHA256 hash of your encryption key. Used for encrypting the destination object with acustomer-supplied encryption key. |
Request body
In the request body, supply metadata to apply to the destination object by using anobject resource. If the request body is empty,editable metadata from the source object is applied to the destination object, with the exception of any ACLs, object holds, orretention configuration set on the source object. If you want to retain these from the original object, they must be included in the request body.
Response
If successful, this method returns a response body with the following structure:
{ "kind": "storage#rewriteResponse", "totalBytesRewritten": "unsigned long", "objectSize": "unsigned long", "done":boolean, "rewriteToken":string, "resource":objects Resource}| Property name | Value | Description | Notes |
|---|---|---|---|
kind | string | The kind of item this is. | |
totalBytesRewritten | unsigned long1 | The total bytes written so far, which can be used to provide a waiting user with a progress indicator. This property is always present in the response. | |
objectSize | unsigned long1 | The total size of the object being copied in bytes. This property is always present in the response. | |
done | boolean | true if the copy is finished; otherwise,false if the copy is in progress. This property is always present in the response. | |
rewriteToken | string | A token to use in subsequent requests to continue copying data. This token is present in the response only when there is more data to copy. | |
resource | nested object | A resource containing the metadata for the copied-to object. This property is present in the response only when copying completes. |
For information about status and error codes returned by this API, see thereference page.
Try it!
Use the APIs Explorer below to call this method on live data and see the response.
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-12-17 UTC.