Object storage service (OSS) provides secure, cost-effective, and high-durability services for you to store large amounts of data in the Alibaba Cloud. This topic lists the common scenarios and corresponding features of OSS. You can select the best solution based on your business requirements.

Before you use OSS, we recommend that you have a good understanding of the basic terms used in OSS, including buckets, objects, regions, and endpoints. For more information, see Terms.

The following table lists the features provided by OSS.

Scenario Description Reference
Upload an object Before you upload objects to OSS, you must create a bucket in an Alibaba Cloud region to store your objects. After you create a bucket, you can upload objects to the bucket.
Search for objects OSS allows you to search for objects and directories to find the object you want to access in a bucket. Search for objects
Download objects After you upload objects to a bucket, you can download the objects to the default download path of your browser or a specified local path. Download objects
Share objects After you upload objects to a bucket, you can share the URLs of the objects with third parties for downloads or previews. Share objects
Delete objects or directories OSS allows you to delete one or more objects, folders, and parts at a time. You can delete expired objects at regular intervals to save storage space.
Automatically delete multiple objects at a specified point in time OSS supports lifecycle rules. You can configure lifecycle rules to periodically convert the storage class of cold data to Infrequent Access (IA), Archive, or Cold Archive. You can also configure lifecycle rules to delete expired data. Lifecycle rules
Accelerate the upload and download of data OSS supports the transfer acceleration feature. Transfer acceleration uses optimal route selection and protocol stack tuning to reduce timeouts in remote transmission and improve user experience. Transfer acceleration
Recover accidentally deleted data OSS supports versioning. When you enable versioning, OSS saves the overwritten and deleted objects as previous versions. Versioning allows you to recover objects in a bucket to a previous version, and prevents data loss caused by accidental deletion or overwriting of objects. Configure versioning
Zone-disaster recovery OSS uses the multi-zone mechanism to distribute user data across three zones within the same region. Even if one zone becomes unavailable, the data is still accessible. This feature can provide 99.9999999999% (twelve 9's) data durability (designed for) and 99.995% service availability. ZRS
Geo-disaster recovery OSS supports cross-region replication (CRR). You can use CRR to synchronize operations performed on data such as create, update, and delete operations from the source bucket to the destination bucket in a different region. This way, you can implement geo-disaster recovery. Cross-region replication
Data retention compliance OSS supports the Write Once Read Many (WORM) strategy that prevents an object from being deleted or overwritten for a specified period of time. Retention policy
Control access to data OSS supports flexible authorization and authentication mechanisms. You can control access to OSS resources by using the following methods:
  • ACL: You can set access control lists (ACLs) for buckets and objects, including public read/write, public read, and private.
  • Bucket policy: You can use bucket policies to authorize other users to access your OSS resources by using the console. For example, you can authorize Resource Access Management (RAM) users of other Alibaba Cloud accounts and anonymous users from specific IP addresses to access your OSS resources.
  • RAM policy: You can create RAM policies to control access to buckets and folders. OSS provides RAM Policy Editor to generate required RAM policies. For more information, see RAM Policy Editor.
  • STS temporary authorization: You can use Alibaba Cloud Security Token Service (STS) to grant a third-party application or RAM user a temporary access credential that has a custom validity period.
  • Hotlink protection: You can configure a Referer whitelist to prevent unauthorized users from accessing your OSS resources.
Encrypt data OSS supports client-side and server-side encryption. You can select an encryption method to encrypt and store your data in OSS.
Manage data by category OSS allows you to configure tagging to manage data based on the data category:
  • Configure bucket tags: You can manage data based on bucket tags. For example, you can list buckets that have specified tags and configure ACL for buckets that have specified tags.
  • Configure object tags: You can manage data based on object tags. For example, you can configure lifecycle rules for objects that have specified tags and configure ACL for objects that have specified tags.
Record the access information for OSS resources OSS supports logging. You can configure logging to audit operations, collect access statistics, track exceptions, and troubleshoot issues in OSS.
Use a custom domain name to access OSS resources OSS allows you to map custom domain names to OSS buckets and use the custom domain names to access data in the buckets. If you want to use your custom domain name to access OSS by using HTTPS, you can host your Secure Sockets Layer (SSL) certificate in OSS.
Configure static website hosting OSS supports static website hosting. You can configure static website hosting for your bucket and access static websites by using the bucket domain name. Overview
CORS OSS supports cross-origin resource sharing (CORS) in HTML5. CORS allows client web applications that are loaded in one domain name to interact with resources in another domain. Configure CORS
Obtain data from the origin OSS supports back-to-origin configurations. If your user accesses data in a bucket that has no back-to-origin rules configured and the data does not exist, 404 Not Found is returned. However, if you configure back-to-origin rules that contain the correct origin URLs for the bucket, your user can obtain the data based on the back-to-origin rules. You can configure back-to-origin rules for hot data migration and specific request redirection. Manage back-to-origin configurations
View object metadata OSS supports the inventory feature. You can configure inventories for buckets to export the metadata of specified objects, including the object sizes and encryption status. Bucket inventory
Modify HTTP headers OSS allows you to modify the HTTP headers of objects. You can configure HTTP headers to customize HTTP request policies, such as the cache policy and forced object download policy. Configure object HTTP headers
View resource usage OSS supports the monitoring feature. You can use the monitoring feature to view real-time information about OSS service usage, such as the running status and performance of the system. Overview of the monitoring service
Traffic throttling OSS supports single-connection bandwidth throttling. You can configure single-connection bandwidth throttling for upload, download, and copy operations on OSS to ensure sufficient bandwidth for other applications. Single-connection bandwidth throttling
Analyze and process data OSS supports Image Processing (IMG) and video snapshot capturing for you to analyze and process data stored in OSS:
  • IMG: You can perform operations such as format conversion, cropping, scaling, rotating, and watermarking on images stored in OSS. You can also encapsulate multiple operations into a style to batch process images stored in OSS.
  • Capture video snapshots: You can capture images from video objects in the H.264 format.
Use tools to manage OSS resources OSS provides graphical, command-line, file mounting, and FTP tools for you to manage OSS resources. OSS tools
Use SDKs to manage OSS resources OSS provides SDKs for a variety of programming languages to facilitate further development. SDK sample code