A bucket is a container for storing objects in Object Storage Service (OSS). All objects are stored in buckets.
Starting from 10:00 (UTC+8) on October 13, 2025, OSS enables Block public access by default for new buckets created via the API, OSS SDKs, or ossutil. The rollout is phased across regions — see [Official Announcement] Adjustment to Public Access Blocking Configurations for Newly Created Buckets for the schedule. When Block public access is enabled, public ACLs (public-read, public-read-write) and bucket policies that allow public access cannot be configured. Disable this feature after bucket creation if your use case requires public access.
Prerequisites
Before you begin, make sure you have:
An Alibaba Cloud account (which has full permissions by default). RAM users and RAM roles have no permissions by default — grant access via RAM Policy or bucket policies
An initialized OSSClient instance. The examples use the public endpoint for the China (Hangzhou) region. To create an OSSClient instance using a custom domain name or Security Token Service (STS), see Create an OSSClient instance. To access OSS from other Alibaba Cloud services in the same region, use an internal endpoint instead. For a full list of regions and endpoints, see Regions and endpoints
Permissions
| API | Action | Description |
|---|---|---|
| PutBucket | oss:PutBucket | Creates a bucket. |
oss:PutBucketAcl | Modifies the bucket ACL after the bucket is created. |
Create a bucket
Example
The following example creates a bucket named examplebucket with the Infrequent Access (IA) storage class and the public-read ACL. The default storage class is Standard and the default ACL is private.
<?php
if (is_file(__DIR__ . '/../autoload.php')) {
require_once __DIR__ . '/../autoload.php';
}
if (is_file(__DIR__ . '/../vendor/autoload.php')) {
require_once __DIR__ . '/../vendor/autoload.php';
}
use OSS\Credentials\EnvironmentVariableCredentialsProvider;
use OSS\OssClient;
use OSS\CoreOssException;
// Load AccessKey credentials from environment variables.
// Set OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET before running this code.
$provider = new EnvironmentVariableCredentialsProvider();
// Replace with your actual endpoint.
// Full list of endpoints: https://www.alibabacloud.com/help/en/oss/user-guide/regions-and-endpoints
$endpoint = "http://oss-cn-hangzhou.aliyuncs.com";
// Replace with your bucket name.
$bucket = "examplebucket";
try {
$config = array(
"provider" => $provider,
"endpoint" => $endpoint,
"signatureVersion" => OssClient::OSS_SIGNATURE_VERSION_V4,
"region" => "cn-hangzhou"
);
$ossClient = new OssClient($config);
// Set the storage class to Infrequent Access (IA). Default: Standard.
$options = array(
OssClient::OSS_STORAGE => OssClient::OSS_STORAGE_IA
);
// Set the ACL to public-read. Default: private.
$ossClient->createBucket($bucket, OssClient::OSS_ACL_TYPE_PUBLIC_READ, $options);
print(__FUNCTION__ . ": OK" . "\n");
} catch (OssException $e) {
printf(__FUNCTION__ . ": FAILED\n");
printf($e->getMessage() . "\n");
}What's next
For the complete sample code, see the GitHub example.
For the underlying API operation, see PutBucket.