Upload image files to OSS - Elastic Compute Service - Alibaba Cloud Documentation Center

Before you import custom images in the Elastic Compute Service (ECS) console, you must create Object Storage Service (OSS) buckets and then upload the corresponding image files to the buckets. This topic describes the required permissions to upload image files and how to upload image files.

Prerequisites

An image file is obtained. For more information, see Obtain a Linux image file and Obtain a Windows image file.
OSS is activated by using your Alibaba Cloud account. For more information, see Activate OSS.
If you are using a Resource Access Management (RAM) user, contact the owner of the Alibaba Cloud account to which the RAM user belongs and ask the owner to grant the RAM user the operation permissions on OSS buckets. For more information, see the Grant permissions for different scenarios section of this topic.

Grant permissions for different scenarios

Use an Alibaba Cloud account to create a custom policy that contains the required permissions for a RAM user based on the actual scenario. Make sure that the policy follows the principle of least privilege. For more information, see Create a custom policy on the JSON tab.
- Scenario 1: You want to use an Alibaba Cloud account to upload image files to OSS buckets as described in this topic and use a RAM user to import the corresponding images to ECS. In this case, you must grant the RAM user read permissions on OSS buckets. For information about how to import images to ECS, see Import a custom image. Sample custom policy:
```
{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "oss:GetObject",
                "oss:GetBucketLocation",
                "oss:GetBucketInfo"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}
```
- Scenario 2: You want to use a RAM user to upload image files to OSS buckets as described in this topic and import the corresponding images to ECS. In this case, you must grant the RAM user read and write permissions on OSS buckets. For information about how to import images to ECS, see Import a custom image. Sample custom policy:
```
{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "oss:GetObject",
                "oss:GetBucketLocation",
                "oss:GetBucketInfo"
                "oss:GetObject",
                "oss:PutObject",
                "oss:DeleteObject",
                "oss:GetBucketLocation",
                "oss:AbortMultipartUpload",
                "oss:ListMultipartUploads",
                "oss:ListParts",
                "oss:GetBucketInfo",
                "oss:GetBucketUserQos"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}
```
Attach the policy to the RAM user by using the Alibaba Cloud account. For more information, see Grant permissions to a RAM user. You can also grant read and write permissions on specific OSS buckets to your RAM user. For more information, see Tutorial: Use RAM policies to control access to OSS.
Important
In the preceding steps, make sure that the scope of the permissions that are granted to the RAM user is account-wide instead of limited to a specific resource group. If the scope of the permissions is limited to a specific resource group, make sure that the images that you want to import belong to the specified resource group. For information about how to import images to ECS, see Import a custom image.

Create an OSS bucket and upload an image file

To create an OSS bucket and upload an image file to the bucket, perform the following steps. To view the video tutorial, see Import a custom image.

Note

You can also use the OSS graphical management tool ossbrowser to upload image files. For more information, see Use ossbrowser.

Log on to the OSS console.
Create a bucket in the OSS console.
For more information, see Create buckets.
Upload an image file to the bucket.
For more information, see Upload objects.
Note
- The size of the image file that you want to upload in the OSS console cannot exceed 5 GB. For information about how to upload an image file whose size is larger than 5 GB, see Multipart upload.
- The image file must be in the RAW, VHD, or QCOW2 format and must not be compressed.
Obtain the object URL of the image file.
For more information, see Use object URLs.
When you obtain the URL of an object, take note of the following items:
- You must use the same Alibaba Cloud account to obtain the URL of an image file and import the image to ECS. For information about how to import images to ECS, see Import a custom image.
- The URL of an object must be the public URL that is generated when you share the object in OSS. Internal endpoints that are provided by OSS cannot be used to import images. If you use an internal endpoint to import an image, an error occurs. For information about the internal endpoints of OSS, see Obtain the internal endpoint of OSS.

References

After you upload image files to OSS, you can import the custom images by using the ECS console or Server Migration Center (SMC). For more information, see Import a custom image.