OSS domain names

Format

All requests except the GetService (ListBuckets) and DescribeRegions requests to OSS include third-level domains. The third-level domains contain bucket information.

The format is BucketName.Endpoint. BucketName indicates the name of your bucket. Endpoint indicates the domain name used to access the region in which your bucket is located.

You can use internal endpoints and public endpoints without additional configurations. Before you use an accelerate endpoint, you must enable the transfer acceleration feature. For more information, see Enable transfer acceleration.

Access OSS over the public network

The public network indicates the Internet. OSS allows you to upload or write data to OSS over the Internet free of charge. You are charged when you download or read data from OSS.

You can use one of the following methods to access OSS over the Internet:

• Method 1: Use a URL to access an OSS object
  If you use a URL to access an OSS object, the access control list (ACL) that is configured for the object determines the permissions to read and write the object.

  Object ACL	Public read or public read/write	Private
  URL format	<Schema>://<Bucket>.<Public endpoint>/<Object>	<Schema>://<Bucket>.<Public endpoint>/<Object>?Signature information
  Parameter description	Schema: HTTP or HTTPS. Bucket: the name of the OSS bucket. Public endpoint: the domain name used to access the region where the bucket is located over the Internet. For more information about the endpoints used to access each region, see Regions and endpoints. Object: the path to access the OSS object.	Parameters in URLs, except for signature information, are configured in a similar manner in which public read objects and public read/write objects are configured. The signature information of a URL includes the Expires, AccessKey ID, and Signature elements. Expires specifies the expiration time of the URL. For more information about how to add signatures to an object URL, see Add signatures to a URL.
  Examples	You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory and allows anonymous access. In this case, the object URL is https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampledir/example.txt.	You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory. The ACL of the object is set to private. In this case, the object URL is https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampledir/example.txt?OSSAccessKeyId=nz2pc56s936****&Expires=1141889120&Signature=vjbyPxybdZaNmGa%2ByT272YEAiv****.

  Notice To access an object, you must include the path of an object in an OSS endpoint. If you use examplebucket.oss-cn-hangzhou.aliyuncs.com to access an object without including the path of the object in the OSS endpoint, an error is reported. To use an OSS endpoint to access an object without including the path of the object, configure static website hosting. For more information, see Overview.
• Method 2: Use an OSS SDK to configure a public endpoint

  An OSS SDK concatenates each operation to generate an endpoint. A different endpoint is generated for operations on a bucket located in a different region.

  The following code provides an example on how to use OSS SDK for Java to specify an endpoint. In this example, the endpoint is specified when OSSClient is created to manage a bucket located in the China (Hangzhou) region.

  String accessKeyId = "<yourAccessKeyId>";
    String accessKeySecret = "<yourAccessKeySecret>";
    String endpoint = "oss-cn-hangzhou.aliyuncs.com";
    OSSClient client = new OSSClient(endpoint, accessKeyId, accessKeySecret);

Access OSS over the internal network

You can use one of the following methods to access OSS over the internal network:

• Method 1: Use a URL to access an OSS object
  If you use a URL to access an OSS object, the access control list (ACL) that is configured for the object determines the permissions to read and write the object.

  Object ACL	Public read or public read/write	Private
  URL format	<Schema>://<Bucket>.<Internal endpoint>/<Object>	<Schema>://<Bucket>.<Internal endpoint>/<Object>?Signature information
  Parameter description	Schema: HTTP or HTTPS. Bucket: the name of the OSS bucket. Internal endpoint: the domain name used to access ECS instances over the internal network within the same region. For more information about the endpoint of each region, see Regions and endpoints. Object: the path to access the OSS object.	Parameters in URLs, except for signature information, are configured in a similar manner in which public read objects and public read/write objects are configured. The signature information of a URL includes the Expires, AccessKey ID, and Signature elements. Expires specifies the expiration time of the URL. For more information about how to add signatures to an object URL, see Add signatures to a URL.
  Examples	You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory and allows anonymous access. In this case, the URL of the object is https://examplebucket.oss-cn-hangzhou-internal.aliyuncs.com/exampledir/example.txt.	You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory. The ACL of the object is set to private. In this case, the URL of the object is https://examplebucket.oss-cn-hangzhou-internal.aliyuncs.com/exampledir/example.txt?OSSAccessKeyId=nz2pc56s936****&Expires=1141889120&Signature=vjbyPxybdZaNmGa%2ByT272YEAiv****.

• Method 2: Use an OSS SDK to configure an internal endpoint and access OSS from an ECS instance over the internal network
  The following code provides an example on how to use OSS SDK for Java to specify an internal endpoint. In this example, the endpoint is set to the internal endpoint of the China (Hangzhou) region when you manage a bucket located in the China (Hangzhou) region.

  String accessKeyId = "<yourAccessKeyId>";
    String accessKeySecret = "<yourAccessKeySecret>";
    String endpoint = "oss-cn-hangzhou-internal.aliyuncs.com";
    OSSClient client = new OSSClient(endpoint, accessKeyId, accessKeySecret);

  If the OSS bucket and the ECS instance are located in the same region, you can use an internal endpoint to access an OSS bucket from an ECS instance over the internal network. If OSS and the ECS instance are located in different regions, you cannot use the internal endpoint to access the OSS bucket from the ECS instance over the internal network. For example, you have two buckets in OSS and you have purchased an ECS instance located in the China (Beijing) region.

  • One bucket is named srcbucket and located in the China (Beijing) region. You can use https://srcbucket.oss-cn-beijing-internal.aliyuncs.com to access resources in srcbucket from the ECS instance located in the China (Beijing) region.
  • The other bucket is named destbucket and located in the China (Qingdao) region. You cannot use https://destbucket.oss-cn-qingdao-internal.aliyuncs.com to access resources in destbucket from the ECS instance located in the China (Beijing) region. To access resources in destbucket from the ECS instance located in the China (Beijing) region, you must use https://destbucket.oss-cn-qingdao.aliyuncs.com to access resources in destbucket over the Internet.

Use an accelerate endpoint to access OSS

OSS provides transfer acceleration to improve data upload and download speeds. This feature can improve user experiences in uploads and downloads when you transfer data across countries or continents. To use an accelerate endpoint to access a bucket in OSS, you must enable transfer acceleration for the bucket. After you enable transfer acceleration for a bucket, you can use the accelerate endpoint instead of the public endpoint to access the bucket and accelerate data transfer.

An accelerate endpoint is used in the example. A browser is used to access the myphoto.jpg object in the root directory of the examplebucket bucket. The ACL of the object is set to public read or public read/write. In this case, the URL of the object is https://examplebucket.oss-accelerate.aliyuncs.com/myphoto.jpg.

If the ACL of the myphoto.jpg object is set to private, you must add signature information to the object URL. In this case, the URL of the object is https://examplebucket.oss-accelerate.aliyuncs.com/myphoto.jpg?OSSAccessKeyId=nz2pc56s936****&Expires=1141889120&Signature=vjbyPxybdZaNmGa%2ByT272YEAiv****. For more information about how to add signatures to an object URL, see Add signatures to a URL.

For more information about transfer acceleration, see Transfer acceleration.

Use an endpoint that supports IPv6 to access OSS

Internet Protocol version 6 (IPv6) is the latest version of the Internet Protocol developed by the Internet Engineering Task Force (IETF) to replace Internet Protocol version 4 (IPv4). IPv6 can provide sufficient IP addresses to meet future requirements. You can access OSS by using dual-stack endpoints that support both IPv4 and IPv6.

You can use a dual-stack endpoint to access your bucket from your client. The DNS server resolves the endpoint to an IPv6 or an IPv4 address and returns the OSS server address based on the protocol used by the client. For example, the endpoint of the China (Hangzhou) region is cn-hangzhou.oss.aliyuncs.com. If you have a bucket named examplebucket in this region, you can use the same endpoint https://examplebucket.cn-hangzhou.oss.aliyuncs.com to access the bucket from your client by using both IPv4 and IPv6.

You can use the following endpoints to access OSS over IPv6: