Object Storage Service (OSS) allows you to classify and manage buckets by using bucket tags. You can use this feature to list buckets that have specific tags and configure access control lists (ACLs) for buckets that have specific tags.

The bucket tagging feature uses a key-value pair to identify a bucket. You can add tags to buckets that are used for different purposes and manage the buckets by tags.
  • Only the owner of a bucket or authorized RAM users can configure tags for the bucket. Otherwise, 403 Forbidden is returned with the error code AccessDenied.
  • You can configure up to 20 tags for a bucket.
  • Each tag must have a key. The key of a tag can be up to 64 bytes in length and cannot start with http://, https://, or Aliyun.
  • The value of a tag can be up to 128 bytes in length and can be empty.
  • The key and value of a tag must be UTF-8-encoded.

Implementation methods

Implementation method Description
Console A user-friendly and intuitive web application
ossutil A high-performance command-line tool
OSS SDK for Java SDK demos for various programming languages
OSS SDK for Python
OSS SDK for Go
OSS SDK for C++
OSS SDK for Node.js
OSS SDK for .NET

Usage notes

After you add tags to buckets, you can manage multiple buckets that have the same tag. For example, you can list buckets that have the same tag and authorize RAM users to manage buckets that have the same tag.
  • Lists buckets that have specific tags
    You can list buckets that have specific tags. For more information, see the following SDK demos:
  • Authorize RAM users to manage buckets that have specific tags
    When you have a large number of buckets, you can classify buckets based on tags and configure RAM policy to authorize specific users to manage buckets that have specific tags. For example, you can configure the following RAM policy to authorize User A to list buckets that have the tagging configuration of keytest=valuetest tag:
    {
        "Version": "1",
        "Statement": [
            {
                "Action": [
                    "oss:ListBuckets"
                ],
                "Resource": [
                    "acs:oss:*:193248792425xxxx:*"
                ],
                "Effect": "Allow",
                "Condition": {
                    "StringEquals": {
                        "oss:BucketTag/keytest": "valuetest"
                    }
                }
            }
        ]
    }