Objects are the basic unit for data operations in Object Storage Service (OSS). Objects are also known as files. OSS does not use a hierarchical structure for objects, but instead uses a flat structure. All elements are stored as objects in buckets.
Objects are classified into the following types based on how they are generated:
An object consists of the following information:
Key: the name of the object. You can use the object key to query the object.
Data: the content stored in the object, which is a sequence of bytes.
Version ID: After you upload an object to a versioned bucket, OSS generates a version ID that identifies the object.
Object metadata: the metadata of the object. Object metadata is a set of key-value pairs that define the attributes of the object, such as the last modified time and the object size. You can add user metadata to the object metadata.
OSS provides the following access control methods to manage access to objects in buckets: bucket policies, access control list (ACL), Resource Access Management (RAM) policies, Security Token Service (STS)-based temporary access authorization, and hotlink protection. Bucket policies and ACLs are implemented based on resources. RAM policies are implemented based on users. Hotlink protection is implemented by configuring whitelists. For more information about access control, see Overview.
By default, the ACL of OSS resources such as buckets and objects is private. To allow unauthorized users to access these resources, you must grant permissions on these resources to the users. For example, if you store image and video objects of your websites in OSS, you can use one of the following methods to authorize third-party users to access these resources: