Not implemented headers

What is the problem you are having with rclone?

NotImplemented: Header 'x-amz-acl' with value 'public-read-write' not implemented

Run the command 'rclone version' and share the full output of the command.


I am using the latest beta version of rclone.

Which cloud storage system are you using? (eg Google Drive)

Cloudflare R2 (Amazon AWS S3 Provider)

The command you were trying to run (eg rclone copy /tmp remote:tmp)

rclone sync ./server anistick:anistick

The rclone config contents with secrets removed.

type = s3
provider = Cloudflare
access_key_id = [REDACTED]
secret_access_key = [REDACTED]
region = auto
endpoint = https://[REDACTED]
acl = public-read-write

A log from the command with the -vv flag

2022/05/12 08:44:35 DEBUG : rclone: Version "v1.59.0-beta.6124.6f91198b5" starting with parameters ["rclone" "sync" "-vv" "./server" "anistick:anistick"]
2022/05/12 08:44:35 DEBUG : Creating backend with remote "./server"
2022/05/12 08:44:35 DEBUG : Using config file from "/root/.config/rclone/rclone.conf"
2022/05/12 08:44:35 DEBUG : fs cache: renaming cache item "./server" to be canonical "/mnt/c/Users/lyly2/Desktop/GoAnimate-Wrapper/server"
2022/05/12 08:44:35 DEBUG : Creating backend with remote "anistick:anistick"
2022/05/12 08:44:45 ERROR : Failed to copy: NotImplemented: Header 'x-amz-acl' with value 'public-read-write' not implemented
        status code: 501, request id: , host id:
2022/05/12 08:44:45 ERROR : favicon.ico: Failed to copy: NotImplemented: Header 'x-amz-acl' with value 'public-read-write'

A complete trash log with the same error.

hello and welcome to the forum,

according to S3 API compatibility
cloudflare r2 api is missing a huge number of api features, including
:x: x-amz-acl

tho using --dump=headers,
when rclone sends X-Amz-Acl: private, r2 accepts that
when rclone sends X-Amz-Acl: public-read-write, r2 rejects that.

so this is confusing,
one the one hand, as i understand it, r2 does not accept x-amz-acl
on the second hand, r2 accepts x-amz-acl with private but not public-read-write

from a quick test, looks like there is not much granularity

from a forum member at cloudflare,

"X-Amz-Acl: private is ‘correct’ since the buckets are private - even if it’s a no-op in the background."

so i think that given:
--- s3 clients like rclone always sends X-Amz-Acl
--- by default R2 buckets are private
R2 just accepts X-Amz-Acl: private

update: my last thought seems to be correct.
accessing R2 over the S3 compatibility layer,
all buckets/objects are always private, no way to change that.

We can cut down the config for R2 so it only shows the private option - do you think that is worth doing @asdffdsa ?

From the blog post

For the S3-compatible API, authentication is done the same way as on S3: SigV4 against an R2 URL. SigV4 signs requests using a secret key to authenticate them to R2. This means public access to R2 over the Internet is only possible today by hosting a Worker, connecting it to R2, and routing requests through it.

So no public buckets at the moment.

I haven't figured out how to serve a domain from cloudflare yet though, but I'm thinking of moving to there, which currently is serving about 7 TB of data a month.

yes, it is worth doing

Done in the latest beta.

to be clear, the beta does not show the private option, the beta will hide the ACL section
which is fine, really no need to see it.

the good part is with advanced config, user has option to override the canned ACL

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.