Alibaba Cloud Object Storage Service (OSS) is a cloud object storage service that provides 99.9999999999% (twelve 9's) data durability and 99.995% availability. Store any amount of unstructured data — images, videos, logs, backups, or datasets for AI and analytics — and access it through platform-independent RESTful API operations, OSS SDKs, or the web console from any application, anywhere.
OSS is designed for the following use cases:
AI and large-scale data analytics — access objects at up to 100 Gbit/s total download bandwidth (internal network and internet combined, per account, in specific regions) to feed distributed compute workloads.
App and website media — serve images, audio, and video stored as Standard objects for frequent access.
Backup and archive — store infrequently accessed data as Infrequent Access (IA), Archive, Cold Archive, or Deep Cold Archive objects to reduce long-term storage costs.
Big data processing — use OSS as a cloud data lake with high-bandwidth data access for Apache Hadoop and Apache Spark workloads.
Content distribution — pair OSS with Alibaba Cloud CDN to cache objects at points of presence (POPs) closer to your users.
Large-scale data migration — move petabyte-scale datasets from on-premises or other cloud providers to OSS, even under limited network conditions.
Key concepts
OSS stores data as objects within buckets. Every object is contained in a bucket and identified by an object key. A bucket belongs to a single region and is accessed through region-specific endpoints. All requests are authenticated with an AccessKey pair.
Bucket
A bucket is a container for objects. When creating a bucket, select a region, an access control list (ACL), and a storage class. Storage classes are useful when you need to store data that have different access patterns.
Object
An object is the fundamental storage unit in OSS. Unlike a traditional file system, OSS uses a flat structure — objects are not stored in a folder hierarchy. Each object consists of:
Key — the full path and filename that uniquely identifies the object within a bucket (for example,
images/products/shirt-blue.jpg)Data — the object's content
Metadata — key-value pairs describing the object, such as file type, encoding format, or custom user-defined attributes
Object key
An object key (also called a key or object name) is the full path to an object within a bucket, including any path prefixes and the file extension. For example: abc/efg/123.jpg. Specify the full object key when performing any operation on an object.
Region
A region is a physical data center location. Select a region when creating a bucket based on cost, compliance requirements, or proximity to your users. In general, access from a geographically closer location is faster. For the full list of regions and available bandwidth, see Regions, endpoints and open ports.
Endpoint
An endpoint is the domain name used to access OSS in a specific region. Each region has separate endpoints for internet access and internal network access. For example:
| Access type | China (Hangzhou) endpoint |
|---|---|
| Internet | oss-cn-hangzhou.aliyuncs.com |
| Internal network | oss-cn-hangzhou-internal.aliyuncs.com |
For the full list of regional endpoints, see Regions, endpoints and open ports.
AccessKey pair
An AccessKey pair authenticates every request to OSS. It consists of:
AccessKey ID — identifies the requester
AccessKey Secret — used to sign and verify requests; keep this confidential
Obtain AccessKey pairs through one of the following methods:
AccessKey pairs created by the bucket owner
AccessKey pairs granted by the bucket owner through Resource Access Management (RAM)
Temporary AccessKey pairs issued by Security Token Service (STS)
For details, see Obtain an AccessKey pair.
Atomicity and strong consistency
All object operations in OSS are atomic — an operation either succeeds completely or fails, with no intermediate state. After a successful upload (PUT), the object is immediately readable and all replicas are created. After a deletion, the object and all its replicas are immediately removed. There are no scenarios in which a read-after-write operation returns incomplete or corrupted data.
For more information about OSS concepts, see Terms.
Get started with OSS
Features
Storage management
Versioning — protect objects against unintended overwrites or deletions. When versioning is enabled on a bucket, each overwrite or deletion creates a new version while preserving previous versions. Recover any object to any previous version at any time. For details, see Overview.
Lifecycle rules — automatically transition objects to lower-cost storage classes or delete them based on age or access patterns. For details, see Lifecycle rules based on the last modified time.
Cross-region replication (CRR) — automatically and asynchronously replicate object creation, overwrites, and deletions from a source bucket to a destination bucket in a different region, within the same account or across accounts. CRR supports cross-region disaster recovery and compliance requirements. For details, see CRR overview.
Access management and security
Bucket policy — define fine-grained access permissions at the bucket level. Grant other Alibaba Cloud accounts or anonymous users read-only, read/write, or full permissions on all or specific resources in a bucket. For details, see Configure bucket policies to authorize other users to access OSS resources.
Server-side encryption — OSS automatically encrypts objects at upload and decrypts them at download. The
x-oss-server-side-encryptionheader in the response confirms server-side encryption. For details, see Server-side encryption.Client-side encryption — encrypt objects on the client before uploading to OSS. For details, see Client-side encryption.
Data durability
By default, OSS retains all objects indefinitely. Objects are removed only when:
Manually deleted through the OSS console, OSS SDKs, API operations, ossutil, or ossbrowser
Automatically deleted by a lifecycle rule
Overdue fees are not paid within 15 days after service suspension
For more information about OSS features, see Functions and features.
Access methods
| Method | Description |
|---|---|
| OSS console | Web-based GUI for managing OSS resources. Access the OSS console. For details, see Overview page of the OSS console. |
| API and SDKs | RESTful API operations and OSS SDKs for multiple programming languages for custom development. See List of operations by function and SDK overview. |
| OSS tools | Command-line and GUI tools including ossbrowser, ossutil, and ossftp. See OSS tools. |
| Cloud Storage Gateway (CSG) | Mount OSS buckets as local directories to manage objects like local files on disks. See CSG product page. |
Billing
OSS supports three billing methods:
Pay-as-you-go — the default method. Charges are based on actual usage and billed after consumption. Best for workloads with unpredictable usage. For details, see Pay-as-you-go.
Subscription (resource plans) — pre-purchase resource plans at discounted rates to offset fees for specific billable items. Best for workloads with predictable usage. For details, see Overview.
Storage capacity units (SCUs) — use SCUs to offset storage fees across OSS and other Alibaba Cloud storage services. For details, see SCUs.
Resource plans and SCUs are more cost-effective than pay-as-you-go for consistent usage. If usage exceeds your plan or SCU quota, the excess is billed at pay-as-you-go rates. Size your plans based on expected workloads.
Related services
| Service | How it works with OSS |
|---|---|
| Image Processing (IMG) | Convert formats, resize, crop, rotate, and add watermarks to images stored in OSS. See IMG implementation modes. |
| Elastic Compute Service (ECS) | Run compute workloads that read from and write to OSS. See the ECS product page. |
| Alibaba Cloud CDN | Cache OSS objects at CDN POPs closer to end users to accelerate downloads. See the CDN product page. |
| E-MapReduce (EMR) | Process OSS data with Apache Hadoop and Apache Spark. See the EMR product page. |
| Data Online Migration | Migrate data from third-party storage services such as AWS and Google Cloud to OSS. See the Data Online Migration documentation. |
| Data Transport | Move petabyte-scale datasets to OSS when network speed is limited or hardware expansion costs are high. See What is Data Transport?. |
Other Alibaba Cloud storage services
In addition to OSS, Alibaba Cloud provides other storage services, such as File Storage NAS (NAS) and Elastic Block Storage (EBS), that you can use to meet different business scenarios. For more information, see the storage service overview.
For more information about Alibaba Cloud storage solutions and customer success stories, visit the Alibaba Cloud storage page.
For storage solutions and customer success stories, visit the Alibaba Cloud storage page.