Object Storage Service (OSS) is compatible with the Amazon Simple Storage Service (Amazon S3) API to allow you seamlessly migrate data from S3 to OSS.
You can create buckets and upload objects by using S3 SDKs because OSS is compatible with the S3 protocol. For more information about the performance metrics and limits of OSS, such as bandwidth and queries per second (QPS), see Limits.
- Configure the client
After data is migrated to OSS, you can still use S3 API operations to access OSS. You need only to configure your S3 client application by performing the following operations:
- Obtain the AccessKey ID and AccessKey secret of your Alibaba Cloud account or those of a Resource Access Management (RAM) user. Specify the AccessKey ID and AccessKey secret in your client and SDK that you use.
- Set the endpoint for the client connection to an OSS endpoint. For more information about OSS endpoints, see Regions and endpoints.
Use S3 API operations to access OSS after migration
When you use S3 API operations to access OSS after data is migrated from S3 to OSS, take note of the following items:
- Path style and virtual hosted style
Virtual hosted style supports access to OSS by adding the bucket name to the host header. For security reasons, OSS supports only virtual hosted style access. Therefore, you must configure your application client after the migration from S3 to OSS. By default, some S3 tools use path style access, which also requires proper configurations. Otherwise, OSS may report errors and prohibit access.
- Definitions of ACLs
Definitions of access control lists (ACLs) in OSS are not the same as those of S3. You can adjust the configuration of ACLs after the migration. The following table describes the differences between OSS and S3.
Level AWS S3 permission AWS S3 Alibaba Cloud OSS Bucket READ The permission to list objects in a bucket. If no object permissions are configured for an object in a bucket, only read operations can be performed on the object. WRITE The permissions to write or overwrite objects in a bucket.
- If the object you want to write does not exist in the specified bucket, the object is created in the bucket.
- If the object you want to write exists in the specified bucket and no permissions are configured for the existing object, the existing object can be overwritten.
- You can use InitiateMultipartUpload to upload objects.
READ_ACP The permission to read the ACL of a bucket. Only the bucket owner and authorized RAM users have permissions to read the ACL of a bucket. WRITE_ACP The permission to configure the ACL of a bucket. Only the bucket owner and authorized RAM users have permissions to configure the ACL of a bucket. Object READ The permission to read an object. An object can be read. WRITE N/A An object can be overwritten. READ_ACP The permission to read the ACL of an object. Only the bucket owner and authorized RAM users have permissions to read the ACL of an object. WRITE_ACP The permission to configure the ACL of an object. Only the bucket owner and authorized RAM users have permissions to configure the ACL of an object.Notice OSS supports only three ACL modes in S3: private, public read, and public read/write.
- Storage classes
OSS supports the following storage classes: Standard, Infrequent Access (IA), and Archive. Standard corresponds to STANDARD, IA corresponds to STANDARD_IA, and Archive corresponds to GLACIER in Amazon S3. You can convert the storage class of OSS objects based on your requirements.
To read an Archive object in OSS, you must use the Restore request to restore it. OSS ignores the lifetime configured for objects in the S3 API. By default, the restored state lasts for one day and can be extended up to seven days. Then, the object enters the frozen state again.
- If objects are uploaded by using the PUT method, the ETag of an OSS object and that of an Amazon S3 object differ in case sensitivity. The ETag is in uppercase for an OSS object but in lowercase for an S3 object. If your client uses ETag to validate content, configure your client to ignore the case sensitivity to avoid errors.
- If objects are uploaded by using the multipart upload method, OSS calculates ETag values in a way that is different from S3.
Compatible S3 API operations
The following API operations in S3 are compatible with OSS.