Object Storage Service (OSS) provides secure, cost-effective, and high-durability services for you to store large amounts of data in the cloud. This topic describes the common scenarios and corresponding features of OSS. You can select the best solution based on your business requirements.

Before you use OSS, we recommend that you have a good understanding of the basic terms used in OSS, including buckets, objects, regions, and endpoints. For more information, see Terms.

The following table describes the features provided by OSS.

Scenario Feature References
Upload objects Before you upload objects to OSS, you must create a bucket in an Alibaba Cloud region to store uploaded objects. After you create a bucket, you can upload objects to the bucket.
Search for objects OSS allows you to search for objects and directories to find the object that you want to access in a bucket. Search for objects
Download objects After you upload objects to a bucket, you can download the objects to the default download path of your browser or a specified local path. Download objects
Share objects After you upload an object to a bucket, you can share the object URL with third parties for downloads or previews. Share objects
Query objects OSS provides the data indexing feature to allow you to index the metadata of objects. You can specify the metadata of objects as index conditions to query objects. This way, you can efficiently manage and learn about data structures, perform queries, collect statistics, and manage objects. Data indexing
Delete objects or directories OSS allows you to delete one or more objects, directories, and parts at a time. You can delete expired objects at regular intervals to save storage space.
Automatically delete multiple objects at a specified period of time OSS supports lifecycle rules. You can configure lifecycle rules to periodically convert the storage class of non-hot data to Infrequent Access (IA), Archive, or Cold Archive. You can also configure lifecycle rules to delete expired data. Overview
Accelerate the upload and download of data OSS supports transfer acceleration. Transfer acceleration uses optimal route selection and protocol stack tuning to reduce timeouts in remote transmission and improve user experience. Transfer acceleration
Recover the data that is accidentally deleted OSS supports versioning. After you enable versioning for a bucket, OSS saves the overwritten and deleted objects as previous versions in the bucket. You can configure versioning to recover an object to a previous version when the object is accidentally overwritten or deleted. Overview
Zone-disaster recovery You can store data in and migrate the data across three zones in the same region by using zone-redundant storage (ZRS). If one zone becomes unavailable, you can continue to access the data that is stored in the other two zones. This feature is designed to provide 99.9999999999% (twelve 9's) data durability and 99.995% service availability. ZRS
Geo-disaster recovery OSS supports cross-region replication (CRR). You can use CRR to synchronize operations such as creation, update, and deletion of data from the source bucket to the destination bucket in a different region. This way, you can implement geo-disaster recovery. CRR
Retention policy OSS supports the Write Once Read Many (WORM) feature. The feature helps prevent objects from being deleted or overwritten within a specified period of time. Retention policy
Control access to data OSS supports flexible authorization and authentication mechanisms. You can control access to your OSS resources by using the following methods:
  • ACL: You can set access control lists (ACLs) for buckets and objects, including public read/write, public read, and private.
  • Bucket policy: You can configure bucket policies to authorize other users to access your OSS resources in the OSS console. For example, you can authorize RAM users of other Alibaba Cloud accounts and anonymous users from specific IP addresses to access your OSS resources.
  • RAM policy: You can create RAM policies to control access to buckets and directories. OSS provides RAM Policy Editor to generate required RAM policies. For more information, see RAM Policy Editor.
  • STS temporary authorization: You can use Alibaba Cloud Security Token Service (STS) to grant a third-party application or a RAM user temporary access credentials with a custom validity period.
  • Hotlink protection: You can configure a Referer whitelist to prevent unauthorized users from accessing your OSS resources.
Encrypt data OSS supports client-side and server-side encryption. You can select an encryption method to encrypt and store your data in OSS.
OSS DDoS protection OSS DDoS protection is a proxy-based attack mitigation service that integrates OSS with Anti-DDoS Pro and Anti-DDoS Premium. When a bucket with OSS DDoS protection enabled becomes a victim of DDoS attacks, OSS DDoS protection diverts incoming traffic to an Anti-DDoS Pro or Anti-DDoS Premium instance for scrubbing and then redirects normal traffic to the bucket. This ensures the continuity of your business in the event of DDoS attacks. OSS DDoS protection
Integrate with data lake OSS-HDFS (JindoFS service) is a cloud native data lake storage service. OSS-HDFS is built on unified metadata management capabilities and is fully compatible with Hadoop Distributed File System (HDFS) API operations. The Portable Operating System Interface (POSIX) is supported in OSS-HDFS. This helps OSS-HDFS handle data lake computing scenarios in the big data and AI fields. Overview of the OSS-HDFS service
Manage data by category OSS allows you to configure tagging to manage data based on the data category:
  • Configure bucket tags: You can manage data based on bucket tags. For example, you can list buckets that have specified tags and configure the ACLs of buckets that have specified tags.
  • Configure object tags: You can manage data based on object tags. For example, you can configure lifecycle rules and ACLs for objects that have specified tags.
Record the access information for OSS resources OSS supports logging. You can configure logging to collect access statistics, audit access to OSS, track exceptions, and troubleshoot problems.
Use custom domain names to access OSS resources OSS allows you to map custom domain names to OSS buckets and use the custom domain names to access data in the buckets. If you want to use your custom domain name to access OSS over HTTPS, you can host your Secure Sockets Layer (SSL) certificate in OSS.
Static website hosting OSS supports static website hosting. You can configure static website hosting for your bucket and access static websites by using the bucket domain name. Overview
CORS OSS supports cross-origin resource sharing (CORS) in HTML5. CORS allows web application clients that are loaded in one domain name to interact with resources in another domain. Configure CORS
Obtain data from the origin OSS supports back-to-origin configurations. If your user accesses data in a bucket that has no back-to-origin rules configured and the data does not exist, 404 Not Found is returned. However, if you configure back-to-origin rules that contain the correct origin URLs, users can obtain the data from the origin based on the back-to-origin rules. You can configure back-to-origin rules for hot data migration and specific request redirection. Overview
Query object metadata OSS supports the inventory feature. You can configure inventories for buckets to export the metadata of specified objects, including the object sizes and encryption status. Bucket inventory
Modify HTTP headers OSS allows you to modify the HTTP headers of objects. You can configure HTTP headers to specify custom HTTP request policies, such as the cache policy and forced object download policy. Configure object metadata
View the details of resource usage OSS supports the monitoring feature. You can use the monitoring feature to view real-time information about OSS service usage, such as the running status and performance of the system. Overview
Traffic throttling OSS supports single-connection bandwidth throttling. You can configure single-connection bandwidth throttling for upload, download, and copy operations on OSS objects to ensure sufficient bandwidth for your other applications. Single-connection bandwidth throttling
Analyze and process data OSS provides Image Processing (IMG) and video snapshot capturing for you to analyze and process data stored in OSS:
  • IMG: You can perform operations on images stored in OSS, such as format conversion, cropping, scaling, rotating, and watermarking. You can also encapsulate multiple operations into a style to process images stored in OSS.
  • Video snapshot capturing: You can capture images from video objects in the H.264 format.
Use tools to manage OSS resources OSS provides graphical, command-line, file mounting, and FTP tools for you to manage your OSS resources. OSS tools
Use OSS SDKs to manage OSS resources OSS provides SDKs for a variety of programming languages to facilitate custom development. Overview