Changelog
- Server-side Encryption with Customer-Provided Keys is now available to all users via the Workers and S3-compatible APIs.
- Sippy can now be enabled on buckets in jurisdictions (e.g., EU, FedRAMP).
- Fixed an issue with Sippy where GET/HEAD requests to objects with certain special characters would result in error responses.
- Oceania (OC) is now available as an R2 region.
- The default maximum number of buckets per account is now 1 million. If you need more than 1 million buckets, contact Cloudflare Support.
- Public buckets accessible via custom domain now support Smart Tiered Cache.
- R2
bucket lifecycle
command added to Wrangler. Supports listing, adding, and removing object lifecycle rules.
- R2
bucket info
command added to Wrangler. Displays location of bucket and common metrics.
- R2
bucket dev-url
command added to Wrangler. Supports enabling, disabling, and getting status of bucket's r2.dev public access URL.
- R2
bucket domain
command added to Wrangler. Supports listing, adding, removing, and updating R2 bucket custom domains.
- Add
minTLS
to response of list custom domains endpoint.
- Add get custom domain endpoint.
- Event notifications can now be configured for R2 buckets in jurisdictions (e.g., EU, FedRAMP).
- Event notifications for R2 is now generally available. Event notifications now support higher throughput (up to 5,000 messages per second per Queue), can be configured in the dashboard and Wrangler, and support for lifecycle deletes.
- Add the ability to set and update minimum TLS version for R2 bucket custom domains.
- Added support for configuring R2 bucket custom domains via API.
- Sippy is now generally available. Metrics for ongoing migrations can now be found in the dashboard or via the GraphQL analytics API.
- Added migration log for Super Slurper to the migration summary in the dashboard.
- Super Slurper now supports migrating objects up to 1TB in size.
- Fixed an issue that prevented Sippy from copying over objects from S3 buckets with SSE set up.
- Added support for Infrequent Access storage class (beta).
- Added create temporary access tokens endpoint.
- Event notifications for R2 is now available as an open beta.
- Super Slurper now supports migration from Google Cloud Storage.
- When an
OPTIONS
request against the public entrypoint does not include anorigin
header, anHTTP 400
instead of anHTTP 401
is returned.
- The response shape of
GET /buckets/:bucket/sippy
has changed. - The
/buckets/:bucket/sippy/validate
endpoint is exposed over APIGW to validate Sippy's configuration. - The shape of the configuration object when modifying Sippy's configuration has changed.
- Updated GetBucket endpoint: Now fetches by
bucket_name
instead ofbucket_id
.
- Fixed a bug where the API would accept empty strings in the
AllowedHeaders
property ofPutBucketCors
actions.
- Parts are now automatically sorted in ascending order regardless of input during
CompleteMultipartUpload
.
- The
x-id
query param forS3 ListBuckets
action is now ignored. - The
x-id
query param is now ignored for all S3 actions.
- Fixed an issue with
ListBuckets
where thename_contains
parameter would also search over the jurisdiction name.
- Users can now complete conditional multipart publish operations. When a condition failure occurs when publishing an upload, the upload is no longer available and is treated as aborted.
- Improved performance for ranged reads on very large files. Previously ranged reads near the end of very large files would be noticeably slower than ranged reads on smaller files. Performance should now be consistently good independent of filesize.
- Multipart ETags are now MD5 hashes.
- Fixed a bug where calling GetBucket on a non-existent bucket would return a 500 instead of a 404.
- Improved S3 compatibility for ListObjectsV1, now nextmarker is only set when truncated is true.
- The R2 worker bindings now support parsing conditional headers with multiple etags. These etags can now be strong, weak or a wildcard. Previously the bindings only accepted headers containing a single strong etag.
- S3 putObject now supports sha256 and sha1 checksums. These were already supported by the R2 worker bindings.
- CopyObject in the S3 compatible api now supports Cloudflare specific headers which allow the copy operation to be conditional on the state of the destination object.
- GetBucket is now available for use through the Cloudflare API.
- Location hints can now be set when creating a bucket, both through the S3 API, and the dashboard.
- The ListParts API has been implemented and is available for use.
- HTTP2 is now enabled by default for new custom domains linked to R2 buckets.
- Object Lifecycles are now available for use.
- Bug fix: Requests to public buckets will now return the
Content-Encoding
header for gzip files whenAccept-Encoding: gzip
is used.
- R2 authentication tokens created via the R2 token page are now scoped to a single account by default.
- Fix CORS preflight requests for the S3 API, which allows using the S3 SDK in the browser.
- Passing a range header to the
get
operation in the R2 bindings API should now work as expected.
- Requests with the header
x-amz-acl: public-read
are no longer rejected. - Fixed issues with wildcard CORS rules and presigned URLs.
- Fixed an issue where
ListObjects
would time out during delimited listing of unicode-normalized keys. - S3 API's
PutBucketCors
now rejects requests with unknown keys in the XML body. - Signing additional headers no longer breaks CORS preflight requests for presigned URLs.
- Fixed a bug in
ListObjects
wherestartAfter
would skip over objects with keys that have numbers right after thestartAfter
prefix. - Add worker bindings for multipart uploads.
- Unconditionally return HTTP 206 on ranged requests to match behavior of other S3 compatible implementations.
- Fixed a CORS bug where
AllowedHeaders
in the CORS config were being treated case-sensitively.
- Multipart upload part sizes are always expected to be of the same size, but this enforcement is now done when you complete an upload instead of being done very time you upload a part.
- Fixed a performance issue where concurrent multipart part uploads would get rejected.
- Fixed a CORS issue where
Access-Control-Allow-Headers
was not being set for preflight requests.
- Fixed a bug where CORS configuration was not being applied to S3 endpoint.
- No-longer render the
Access-Control-Expose-Headers
response header ifExposeHeader
is not defined. - Public buckets will no-longer return the
Content-Range
response header unless the response is partial. - Fixed CORS rendering for the S3
HeadObject
operation. - Fixed a bug where no matching CORS configuration could result in a
403
response. - Temporarily disable copying objects that were created with multipart uploads.
- Fixed a bug in the Workers bindings where an internal error was being returned for malformed ranged
.get
requests.
- CORS preflight responses and adding CORS headers for other responses is now implemented for S3 and public buckets. Currently, the only way to configure CORS is via the S3 API.
- Fixup for bindings list truncation to work more correctly when listing keys with custom metadata that have
"
or when some keys/values contain certain multi-byte UTF-8 values. - The S3
GetObject
operation now only returnsContent-Range
in response to a ranged request.
- The R2
put()
binding options can now be given anonlyIf
field, similar toget()
, that performs a conditional upload. - The R2
delete()
binding now supports deleting multiple keys at once. - The R2
put()
binding now supports user-specified SHA-1, SHA-256, SHA-384, SHA-512 checksums in options. - User-specified object checksums will now be available in the R2
get()
andhead()
bindings response. MD5 is included by default for non-multipart uploaded objects.
- The S3
CopyObject
operation now includesx-amz-version-id
andx-amz-copy-source-version-id
in the response headers for consistency with other methods. - The
ETag
for multipart files uploaded until shortly after Open Beta uploaded now include the number of parts as a suffix.
- The S3
DeleteObjects
operation no longer trims the space from around the keys before deleting. This would result in files with leading / trailing spaces not being able to be deleted. Additionally, if there was an object with the trimmed key that existed it would be deleted instead. The S3DeleteObject
operation was not affected by this. - Fixed presigned URL support for the S3
ListBuckets
andListObjects
operations.
- Uploads will automatically infer the
Content-Type
based on file body if one is not explicitly set in thePutObject
request. This functionality will come to multipart operations in the future.
- Fixed S3 conditionals to work properly when provided the
LastModified
date of the last upload, bindings fixes will come in the next release. If-Match
/If-None-Match
headers now support arrays of ETags, Weak ETags and wildcard (*
) as per the HTTP standard and undocumented AWS S3 behavior.
- Added dummy implementation of the following operation that mimics
the response that a basic AWS S3 bucket will return when first created:
GetBucketAcl
.
Added dummy implementations of the following operations that mimic the response that a basic AWS S3 bucket will return when first created:
GetBucketVersioning
GetBucketLifecycleConfiguration
GetBucketReplication
GetBucketTagging
GetObjectLockConfiguration
- Fixed an S3 compatibility issue for error responses with MinIO .NET SDK and any other tooling that expects no
xmlns
namespace attribute on the top-levelError
tag. - List continuation tokens prior to 2022-07-01 are no longer accepted and must be obtained again through a new
list
operation. - The
list()
binding will now correctly return a smaller limit if too much data would otherwise be returned (previously would return anInternal Error
).
- Improvements to 500s: we now convert errors, so things that were previously concurrency problems for some operations should now be
TooMuchConcurrency
instead ofInternalError
. We've also reduced the rate of 500s through internal improvements. ListMultipartUpload
correctly encodes the returnedKey
if theencoding-type
is specified.
- S3 XML documents sent to R2 that have an XML declaration are not rejected with
400 Bad Request
/MalformedXML
. - Minor S3 XML compatibility fix impacting Arq Backup on Windows only (not the Mac version). Response now contains XML declaration tag prefix and the xmlns attribute is present on all top-level tags in the response.
- Beta
ListMultipartUploads
support.
- Support the
r2_list_honor_include
compat flag coming up in an upcoming runtime release (default behavior as of 2022-07-14 compat date). Without that compat flag/date, list will continue to function implicitly asinclude: ['httpMetadata', 'customMetadata']
regardless of what you specify. cf-create-bucket-if-missing
can be set on aPutObject
/CreateMultipartUpload
request to implicitly create the bucket if it does not exist.- Fix S3 compatibility with MinIO client spec non-compliant XML for publishing multipart uploads. Any leading and trailing quotes in
CompleteMultipartUpload
are now optional and ignored as it seems to be the actual non-standard behavior AWS implements.
- Unsupported search parameters to
ListObjects
/ListObjectsV2
are now rejected with501 Not Implemented
. - Fixes for Listing:
- Fix listing behavior when the number of files within a folder exceeds the limit (you'd end up seeing a CommonPrefix for that large folder N times where N = number of children within the CommonPrefix / limit).
- Fix corner case where listing could cause objects with sharing the base name of a "folder" to be skipped.
- Fix listing over some files that shared a certain common prefix.
DeleteObjects
can now handle 1000 objects at a time.- S3
CreateBucket
request can specifyx-amz-bucket-object-lock-enabled
with a value offalse
and not have the requested rejected with aNotImplemented
error. A value oftrue
will continue to be rejected as R2 does not yet support object locks.
- Fixed a regression for some clients when using an empty delimiter.
- Added support for S3 pre-signed URLs.
- Fixed a regression in the S3 API
UploadPart
operation whereTooMuchConcurrency
&NoSuchUpload
errors were being returned asNoSuchBucket
.
- Fixed a bug with the S3 API
ListObjectsV2
operation not returning empty folder/s as common prefixes when using delimiters. - The S3 API
ListObjectsV2
KeyCount
parameter now correctly returns the sum of keys and common prefixes rather than just the keys. - Invalid cursors for list operations no longer fail with an
InternalError
and now return the appropriate error message.
- The
ContinuationToken
field is now correctly returned in the response if provided in a S3 APIListObjectsV2
request. - Fixed a bug where the S3 API
AbortMultipartUpload
operation threw an error when called multiple times.
- Fixed a bug where the S3 API's
PutObject
or the.put()
binding could fail but still show the bucket upload as successful. - If conditional headers are provided to S3 API
UploadObject
orCreateMultipartUpload
operations, and the object exists, a412 Precondition Failed
status code will be returned if these checks are not met.
- Fixed a bug when
Accept-Encoding
was being used inSignedHeaders
when sending requests to the S3 API would result in aSignatureDoesNotMatch
response.
- Fixed a bug where requests to the S3 API were not handling non-encoded parameters used for the authorization signature.
- Fixed a bug where requests to the S3 API where number-like keys were being parsed as numbers instead of strings.
- Add support for S3 virtual-hosted style paths, such as
<BUCKET>.<ACCOUNT_ID>.r2.cloudflarestorage.com
instead of path-based routing (<ACCOUNT_ID>.r2.cloudflarestorage.com/<BUCKET>
). - Implemented
GetBucketLocation
for compatibility with external tools, this will always return aLocationConstraint
ofauto
.
- S3 API
GetObject
ranges are now inclusive (bytes=0-0
will correctly return the first byte). - S3 API
GetObject
partial reads return the proper206 Partial Content
response code. - Copying from a non-existent key (or from a non-existent bucket) to another bucket now returns the proper
NoSuchKey
/NoSuchBucket
response. - The S3 API now returns the proper
Content-Type: application/xml
response header on relevant endpoints. - Multipart uploads now have a
-N
suffix on the etag representing the number of parts the file was published with. UploadPart
andUploadPartCopy
now return proper error messages, such asTooMuchConcurrency
orNoSuchUpload
, instead of 'internal error'.UploadPart
can now be sent a 0-length part.
- When using the S3 API, an empty string and
us-east-1
will now alias to theauto
region for compatibility with external tools. GetBucketEncryption
,PutBucketEncryption
andDeleteBucketEncrypotion
are now supported (the only supported value currently isAES256
).- Unsupported operations are explicitly rejected as unimplemented rather than implicitly converting them into
ListObjectsV2
/PutBucket
/DeleteBucket
respectively. - S3 API
CompleteMultipartUploads
requests are now properly escaped.
- Pagination cursors are no longer returned when the keys in a bucket is the same as the
MaxKeys
argument. - The S3 API
ListBuckets
operation now acceptscf-max-keys
,cf-start-after
andcf-continuation-token
headers behave the same as the respective URL parameters. - The S3 API
ListBuckets
andListObjects
endpoints now allowper_page
to be 0. - The S3 API
CopyObject
source parameter now requires a leading slash. - The S3 API
CopyObject
operation now returns aNoSuchBucket
error when copying to a non-existent bucket instead of an internal error. - Enforce the requirement for
auto
in SigV4 signing and theCreateBucket
LocationConstraint
parameter. - The S3 API
CreateBucket
operation now returns the properlocation
response header.
- The S3 API now supports unchunked signed payloads.
- Fixed
.put()
for the Workers R2 bindings. - Fixed a regression where key names were not properly decoded when using the S3 API.
- Fixed a bug where deleting an object and then another object which is a prefix of the first could result in errors.
- The S3 API
DeleteObjects
operation no longer returns an error even though an object has been deleted in some cases. - Fixed a bug where
startAfter
andcontinuationToken
were not working in list operations. - The S3 API
ListObjects
operation now correctly rendersPrefix
,Delimiter
,StartAfter
andMaxKeys
in the response. - The S3 API
ListObjectsV2
now correctly honors theencoding-type
parameter. - The S3 API
PutObject
operation now works withPOST
requests fors3cmd
compatibility.
- The S3 API
DeleteObjects
request now properly returns aMalformedXML
error instead ofInternalError
when provided with more than 128 keys.