Object Storage Service (OSS) assigns domain names to each bucket. This topic describes the composition of OSS domain names and how to use the domain names.
Format
All requests to OSS, except the GetService (ListBuckets)and DescribeRegions requests, include third-level domain names. The third-level domain names contain bucket information.
The domain name used to access a bucket is in the BucketName.Endpoint format. BucketName indicates the name of your bucket. Endpoint indicates the domain
name used to access the region in which your bucket is located.
- Public endpoint: oss-cn-hangzhou.aliyuncs.com
- Internal endpoint: oss-cn-hangzhou-internal.aliyuncs.com
- Global acceleration endpoint: oss-accelerate.aliyuncs.com
- Acceleration endpoint of regions outside the Chinese mainland: oss-accelerate-overseas.aliyuncs.com
You can use internal endpoints and public endpoints without additional configurations. Before you use an acceleration endpoint, you must enable the transfer acceleration feature. For more information, see Enable transfer acceleration.
- If you want to access OSS resources in different regions, you must use different endpoints.
- For more information about regions and endpoints, see Regions and endpoints.
- You can also replace a public endpoint with a custom domain name to access OSS resources. For more information, see Map custom domain names or Bind accelerate endpoints.
Access OSS over the public network
The public network indicates the Internet. OSS allows you to upload or write data to OSS over the Internet free of charge. You are charged when you download or read data from OSS.
You can use one of the following methods to access OSS over the Internet:
- Method 1: Use a URL to access an OSS object
If you use a URL to access an OSS object, the access control list (ACL) that is configured for the object determines the permissions to read and write the object.
Object ACL Public read or public read/write Private URL format <Schema>://<Bucket>.<Public endpoint>/<Object><Schema>://<Bucket>.<Public endpoint>/<Object>?Signature informationParameter description - Schema: HTTP or HTTPS.
- Bucket: the name of the OSS bucket.
- Public endpoint: the domain name used to access the region where the bucket is located over the Internet. For more information about the endpoints used to access each region, see Regions and endpoints.
- Object: the path to access the OSS object.
Parameters in URLs, except for signature information, are configured in a similar manner in which public read objects and public read/write objects are configured. The signature information of a URL includes the Expires, AccessKey ID, and Signature elements. Expires specifies the expiration time of the URL. For more information about how to add signatures to an object URL, see Add signatures to URLs.
Examples You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory and allows anonymous access. In this case, the object URL is https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampledir/example.txt.You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory. The ACL of the object is set to private. In this case, the object URL is https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampledir/example.txt?OSSAccessKeyId=nz2pc56s936****&Expires=1141889120&Signature=vjbyPxybdZaNmGa%2ByT272YEAiv****.Important To access an object, you must include the path of an object in an OSS endpoint. If you use examplebucket.oss-cn-hangzhou.aliyuncs.com to access an object without including the path of the object in the OSS endpoint, an error is reported. To use an OSS endpoint to access an object without including the path of the object, configure static website hosting. For more information, see Overview. - Method 2: Use an OSS SDK to configure a public endpoint
An OSS SDK concatenates each operation to generate an endpoint. A different endpoint is generated for operations on a bucket located in a different region.
The following code provides an example on how to use OSS SDK for Java to specify an endpoint. In this example, the endpoint is specified when OSSClient is created to manage a bucket located in the China (Hangzhou) region.
String accessKeyId = "<yourAccessKeyId>"; String accessKeySecret = "<yourAccessKeySecret>"; String endpoint = "oss-cn-hangzhou.aliyuncs.com"; OSSClient client = new OSSClient(endpoint, accessKeyId, accessKeySecret);
Access OSS over the internal network
You can use one of the following methods to access OSS over the internal network:
- Method 1: Use a URL to access an OSS object
If you use a URL to access an OSS object, the access control list (ACL) that is configured for the object determines the permissions to read and write the object.
Object ACL Public read or public read/write Private URL format <Schema>://<Bucket>.<Internal endpoint>/<Object><Schema>://<Bucket>.<Internal endpoint>/<Object>?Signature informationParameter description - Schema: HTTP or HTTPS.
- Bucket: the name of the OSS bucket.
- Internal endpoint: the domain name used to access ECS instances over the internal network within the same region. For more information about the endpoint of each region, see Regions and endpoints.
- Object: the path to access the OSS object.
Parameters in URLs, except for signature information, are configured in a similar manner in which public read objects and public read/write objects are configured. The signature information of a URL includes the Expires, AccessKey ID, and Signature elements. Expires specifies the expiration time of the URL. For more information about how to add signatures to an object URL, see Add signatures to URLs.
Examples You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory and allows anonymous access. In this case, the URL of the object is https://examplebucket.oss-cn-hangzhou-internal.aliyuncs.com/exampledir/example.txt.You create a bucket named examplebucket in the China (Hangzhou) region. The bucket contains the example.txt object. The object is in the exampledir directory. The ACL of the object is set to private. In this case, the URL of the object is https://examplebucket.oss-cn-hangzhou-internal.aliyuncs.com/exampledir/example.txt?OSSAccessKeyId=nz2pc56s936****&Expires=1141889120&Signature=vjbyPxybdZaNmGa%2ByT272YEAiv****. - Method 2: Use an OSS SDK to configure an internal endpoint and access OSS from an
ECS instance over the internal network
The following code provides an example on how to use OSS SDK for Java to specify an internal endpoint. In this example, the endpoint is set to the internal endpoint of the China (Hangzhou) region when you manage a bucket located in the China (Hangzhou) region.
String accessKeyId = "<yourAccessKeyId>"; String accessKeySecret = "<yourAccessKeySecret>"; String endpoint = "oss-cn-hangzhou-internal.aliyuncs.com"; OSSClient client = new OSSClient(endpoint, accessKeyId, accessKeySecret);If the OSS bucket and the ECS instance are located in the same region, you can use an internal endpoint to access an OSS bucket from an ECS instance over the internal network. If OSS and the ECS instance are located in different regions, you cannot use the internal endpoint to access the OSS bucket from the ECS instance over the internal network. For example, you have two buckets in OSS and you have purchased an ECS instance located in the China (Beijing) region.- One bucket is named srcbucket and located in the China (Beijing) region. You can use
https://srcbucket.oss-cn-beijing-internal.aliyuncs.comto access resources in srcbucket from the ECS instance located in the China (Beijing) region. - The other bucket is named destbucket and located in the China (Qingdao) region. You
cannot use
https://destbucket.oss-cn-qingdao-internal.aliyuncs.comto access resources in destbucket from the ECS instance located in the China (Beijing) region. To access resources in destbucket from the ECS instance located in the China (Beijing) region, you must usehttps://destbucket.oss-cn-qingdao.aliyuncs.comto access resources in destbucket over the Internet.
- One bucket is named srcbucket and located in the China (Beijing) region. You can use
Use an accelerate endpoint to access OSS
OSS provides transfer acceleration to improve data upload and download speeds. This feature can improve user experiences in uploads and downloads when you transfer data across countries or continents. To use an accelerate endpoint to access a bucket in OSS, you must enable transfer acceleration for the bucket. After you enable transfer acceleration for a bucket, you can use the accelerate endpoint instead of the public endpoint to access the bucket and accelerate data transfer.
An accelerate endpoint is used in the example. A browser is used to access the myphoto.jpg object in the root directory of the examplebucket bucket. The ACL of the object is
set to public read or public read/write. In this case, the URL of the object is https://examplebucket.oss-accelerate.aliyuncs.com/myphoto.jpg.
If the ACL of the myphoto.jpg object is set to private, you must add signature information to the object URL. In
this case, the URL of the object is https://examplebucket.oss-accelerate.aliyuncs.com/myphoto.jpg?OSSAccessKeyId=nz2pc56s936****&Expires=1141889120&Signature=vjbyPxybdZaNmGa%2ByT272YEAiv****. For more information about how to add signatures to an object URL, see Add signatures to URLs.
For more information about transfer acceleration, see Enable transfer acceleration.
Use an endpoint that supports IPv6 to access OSS
Internet Protocol version 6 (IPv6) is the latest version of Internet Protocol developed by the Internet Engineering Task Force (IETF) to replace Internet Protocol version 4 (IPv4). IPv6 can provide sufficient IP addresses to meet fluctuating user requirements. You can access OSS by using dual-stack endpoints that support both IPv4 and IPv6.
You can use a dual-stack endpoint to access your bucket from your client. The DNS
server resolves the endpoint to an IPv6 or an IPv4 address and returns the OSS server
address based on the protocol used by the client. For example, the endpoint of the
China (Hangzhou) region is cn-hangzhou.oss.aliyuncs.com. If you have a bucket named examplebucket in this region, you can use the same endpoint
https://examplebucket.cn-hangzhou.oss.aliyuncs.com to access the bucket from your client by using IPv4 and IPv6.
You can use the following endpoints to access OSS over IPv6:
| Region | Endpoint |
|---|---|
| China (Hangzhou) | cn-hangzhou.oss.aliyuncs.com |
| China (Shanghai) | cn-shanghai.oss.aliyuncs.com |
| China (Qingdao) | cn-qingdao.oss.aliyuncs.com |
| China (Beijing) | cn-beijing.oss.aliyuncs.com |
| China (Zhangjiakou) | cn-zhangjiakou.oss.aliyuncs.com |
| China (Hohhot) | cn-huhehaote.oss.aliyuncs.com |
| China (Ulanqab) | cn-wulanchabu.oss.aliyuncs.com |
| China (Shenzhen) | cn-shenzhen.oss.aliyuncs.com |
| China (Heyuan) | cn-heyuan.oss.aliyuncs.com |
| China (Guangzhou) | cn-guangzhou.oss.aliyuncs.com |
| China (Chengdu) | cn-chengdu.oss.aliyuncs.com |
| China (Hong Kong) | cn-hongkong.oss.aliyuncs.com |
| China East 1 Finance | cn-hangzhou-finance.oss.aliyuncs.com |
| China East 2 Finance | cn-shanghai-finance.oss.aliyuncs.com |
| China South 1 Finance | cn-shenzhen-finance.oss.aliyuncs.com |