Object upload

To perform a single-request upload with the XML API, you make a PUT request that is scoped with a bucket name and the object's name, and you put the object data into the request body. The uploaded object replaces any existing object with the same name. For tips on uploading to Cloud Storage, see Best Practices. For a quick guide to simple uploads using tools such as the XML API, see Uploading Objects.

The PUT Object request uses several standard HTTP headers. Content-Length specifies the object's size in bytes and is required unless you are using chunked transfer encoding. Optional headers include Content-Type, Content-MD5, and those listed below. Cloud Storage stores these headers as part of the object's metadata, except for Content-MD5, which Cloud Storage uses to check for data integrity. See Editing object metadata for information on changing metadata values for objects.

You also use a PUT Object request when you want to change the storage class of an existing object, because you must rewrite the existing object to do so. The request should contain the x-goog-storage-class request header, as well as the object in the request body.

Query string parameters

This request does not typically include query string parameters.

See signed URL query string parameters for information on the parameters you include when creating and using signed URLs.

Request headers

In addition to common request headers, the following can be used.

Header Description Required
Cache-Control The conditions under which a publicly accessible object should be cached. Cache-Control is also used to determine whether an object can be transformed. No
Content-Disposition A header that specifies presentational information about how the object data is to be transmitted. No
Content-Encoding The compression algorithm that was used to compress the object you are uploading. No
Content-Language The language code of the content. No
x-goog-acl The predefined ACL that you want to apply to the object. No
x-goog-custom-time A user-specified date and time. No
x-goog-encryption-kms-key-name The customer-managed encryption key to use to encrypt the object. No
x-goog-meta- An extension header that can be used to store custom metadata. No

Mode of the object's retention configuration. GOVERNANCE corresponds to unlocked mode, and COMPLIANCE corresponds to locked mode.

If this header is specified, x-goog-object-lock-retain-until-date must also be specified.


A date and time represented in RFC 3339 UTC format that determines the time until which the object is retained as immutable.

If this header is specified, x-goog-object-lock-mode must also be specified.

x-goog-storage-class A valid storage class. No

To provide a customer-supplied encryption key along with the object upload, use the headers listed on the Customer-Supplied Encryption Key page in your request.

Request body elements

The request body contains the data.

Request syntax

The following syntax applies to PUT Object requests that don't use any query string parameters and excludes the x-goog-copy-source request header.

Host: BUCKET_NAME.storage.googleapis.com
Date: DATE
Content-Type: MIME_TYPE
Content-MD5: MD5_DIGEST
x-goog-storage-class: STORAGE_CLASS

Response headers

The request can return a variety of response headers depending on the request headers you use.

Response body elements

The response does not include an XML document in the response body.


The following sample uploads an object named paris.jpg to a bucket named travel-maps.


PUT /paris.jpg HTTP/1.1
Host: travel-maps.storage.googleapis.com
Date: Sat, 20 Feb 2010 16:31:08 GMT
Content-Type: image/jpg
Content-MD5: iB94gawbwUSiZy5FuruIOQ==
Content-Length: 554
Authorization: Bearer ya29.AHES6ZRVmB7fkLtd1XTmq6mo0S1wqZZi3-Lh_s-6Uw7p8vtgSwg


HTTP/1.1 200 OK
ETag: "881f7881ac1bc144a2672e45babb8839"
Date: Sat, 20 Feb 2010 16:31:09 GMT
Content-Length: 0
Content-Type: text/html

Common error codes

If you try to upload an object into a bucket that does not exist, you get a 404 Not Found status code and the body of the error response has NoSuchBucket in the Code element.

If the supplied MD5 digest is malformed, you get a 400 Bad Request status code and the body of the error response has InvalidDigest in the Code element.

If the digest does not match the digest we compute from the body, you get a 400 Bad Request status code and the body of the error response has BadDigest in the Code element.