When pay-by-requester is enabled for a bucket in Alibaba Cloud OSS, the requester instead of the bucket owner pays the cost of the access to the data in buckets. The bucket owner pays the cost only for storing data. You can enable this feature to share data without having to pay for additional fees on your own.
|Console||A user-friendly and intuitive web application|
|ossutil||A high-performance command-line tool|
|Java SDK||SDK demos for various programming languages|
- Share large datasets such as postal code directories, reference data, geospatial information,
or web crawling data. For example, a research institute provides a public dataset
to share data with their customers. Requesters are expected to pay the request and
traffic costs. Configuration procedure:
- Enable pay-by-requester for the bucket. For more information, see Configure the pay-by-requester mode.
- Configure a bucket policy to authorize the RAM users of your customers' Alibaba Cloud accounts to access your bucket. For more information, see Use bucket policies to authorize other users to access OSS resources.
- Deliver data to your customers or partners. For example, a company must deliver production
data to its partners and expects the partners to pay for requests and traffic generated
by data download.
Notice You must authorize the RAM users of your customers' or partners' Alibaba Cloud accounts to access your bucket. However, you must ensure that you do not provide the RAM users with the AccessKey pair of your RAM user's credentials. If your customers or partners use your RAM user to access your bucket, you are charged for requests and traffic because you are the requester.
- Enable pay-by-requester for the bucket.
- Set the bucket ACL to Private.
- Configure a bucket policy to authorize the RAM users of your partners' Alibaba Cloud accounts to access your bucket. For more information, see Tutorial: Authorize a RAM user under another Alibaba Cloud account by adding a bucket policy.
- Access from anonymous users is rejected
If you enable pay-by-requester for a bucket, anonymous users are not allowed to access the bucket. Requesters must provide authentication information to OSS so that requesters can be identified and charged for requests and traffic.
If requesters assume the RAM role of an Alibaba Cloud account to request data, OSS charges this Alibaba Cloud account for such requests and traffic.
- Requesters must include the x-oss-request-payer header in the request
If you enable pay-by-requester for a bucket, requesters must include the x-oss-request-payer:requester header in the POST, GET, or HEAD requests. This field indicates that requesters understand that they are charged for requests and data download. Otherwise, requesters cannot be authenticated.
Bucket owners do not need to include the x-oss-request-payer request header when bucket owners access their own buckets. The bucket owner is charged for their own requests and traffic.
When pay-by-requester is enabled, requesters are charged for one or more of the following billing items based on the request content: outbound traffic over the Internet, CDN back-to-origin traffic, and traffic generated when requesters make API operation calls, perform Image Processing (IMG), take video snapshots, and retrieve IA objects or Archive objects. The bucket owner pays other fees such as storage, object tagging, and transfer acceleration fees. However, requests fail, HTTP status code 403 is returned, and the bucket owner is charged in the following cases:
- The requester does not include the x-oss-request-payer request header in the POST, GET, or HEAD requests, or does not use this field as a parameter for a request by using the RESTful operation.
- The requester fails authentication.
- The requester is anonymous.