ALIYUN::OSS::Bucket is used to create an Object Storage Service (OSS) bucket.

Syntax

{
  "Type": "ALIYUN::OSS::Bucket",
  "Properties": {
    "AccessControl": String,
    "RefererConfiguration": Map,
    "ServerSideEncryptionConfiguration": Map,
    "CORSConfiguration": Map,
    "Tags": Map,
    "LoggingConfiguration": Map,
    "LifecycleConfiguration": Map,
    "StorageClass": String,
    "DeletionForce": Boolean,
    "WebsiteConfiguration": Map,
    "Policy": Map,
    "BucketName": String
  }
}

Properties

Property Type Required Editable Description Constraint
BucketName String Yes No The name of the bucket. The name must be 3 to 63 characters in length, and can contain lowercase letters, digits, and hyphens (-). The name must start and end with a lowercase letter or a digit.
AccessControl String No Yes The access control configuration of the bucket. Default value: private. Valid values:
  • private: The bucket is private.
  • public-read: The bucket supports public reads.
  • public-read-write: The bucket supports public reads and writes.
CORSConfiguration Map No No The configurations of cross-origin resource sharing (CORS) for objects in the bucket. For more information, see CORSConfiguration property.
LifecycleConfiguration Map No Yes The lifecycle configuration for objects in the bucket. For more information, see LifecycleConfiguration property.
LoggingConfiguration Map No No The log storage configuration. For more information, see LoggingConfiguration properties.
RefererConfiguration Map No Yes The hotlink protection configuration. For more information, see RefererConfiguration properties.
DeletionForce Boolean No Yes Specifies whether to forcefully delete objects from the OSS bucket. Default value: false. Valid values:
  • true: forcefully deletes objects from the OSS bucket.
  • false: does not forcefully delete objects from the OSS bucket.
WebsiteConfiguration Map No No The configuration of the hosted static website. For more information, see WebsiteConfiguration properties.
ServerSideEncryptionConfiguration Map No Yes The server-side encryption rules. For more information, see ServerSideEncryptionConfiguration properties.
Tags Map No Yes The tags of the bucket. Specify tags in the key-value pair format. You can specify up to 20 tags.

A tag key must be 1 to 64 bytes in length and cannot start with http://, https://, or Aliyun.

A tag value must be 0 to 128 bytes in length and must be encoded in UTF-8.

StorageClass String No No The type of the bucket. Default value: Standard. Valid values:
  • Standard: Standard
  • IA: Infrequent Access
  • Archive: Archive
Policy Map No Yes The bucket policy. None.

CORSConfiguration syntax

"CORSConfiguration": {
  "CORSRule": List
}

CORSConfiguration property

Property Type Required Editable Description Constraint
CORSRule List No No The rule that defines CORS of objects in the bucket. For more information, see CORSRule properties.

CORSRule syntax

"CORSRule": [
  {
    "MaxAgeSeconds": Number,
    "AllowedMethod": List,
    "ExposeHeader": List,
    "AllowedOrigin": List,
    "AllowedHeader": List
  }
]

CORSRule properties

Property Type Required Editable Description Constraint
AllowedHeader List No No The allowed header in a cross-domain request. Valid values:
  • *
  • Cache-Control
  • Content-Language
  • Content-Type
  • Expires
  • Last-Modified
  • Pragma
AllowedMethod List No No The allowed method for a cross-domain request. Valid values:
  • *
  • GET
  • PUT
  • POST
  • DELETE
  • HEAD
AllowedOrigin List No No The origin from which you want to allow cross-domain requests. None.
ExposeHeader List No No The response header that you can access from your application. Asterisks (*) cannot be used as wildcard characters.
MaxAgeSeconds Number No No The period of time that the browser can cache the response of a preflight (OPTIONS) request to a specific resource. None.

LifecycleConfiguration syntax

"LifecycleConfiguration": {
  "Rule": List
}

LifecycleConfiguration property

Property Type Required Editable Description Constraint
Rule List Yes No The rule that defines how the bucket manages objects during their lifecycles. For more information, see Rule properties.

Rule syntax

"Rule": [
  {
    "Status": String,
    "AbortMultipartUpload": Map,
    "Expiration": Map,
    "Prefix": String,
    "ID": String
  }
]

Rule properties

Property Type Required Editable Description Constraint
ID String No No The unique ID of the rule. The ID can be up to 255 bytes in length. If you leave this property empty, OSS generates a unique ID for the rule.
Prefix String Yes No The prefix to which the rule applies. The rule takes effect only on objects that have a matching prefix.
Status String No Yes Specifies whether to enable the rule. Valid values:
  • Enabled: enables the rule.
  • Disabled: disables the rule.
Expiration Map No No The expiration attribute of the rule for the specified object. For more information, see Expiration properties.
AbortMultipartUpload Map No No The expiration attribute of the multipart upload task that is not complete. For more information, see AbortMultipartUpload properties.

Expiration syntax

"Expiration":{
  "Days": Number,
  "CreatedBeforeDate": String,
  "Date": String
}

Expiration properties

Property Type Required Editable Description Constraint
Days Number No No The number of days from when the object was last modified to when the rule takes effect. When the number of days since the object was last modified exceeds the specified number of days, the object is deleted. If you set the Days property to 30, objects that were last modified on January 1, 2016 are deleted by the backend application on January 31, 2016.
CreatedBeforeDate String No No The date based on which the lifecycle rules are executed. OSS performs the specified operation on data that was last modified before this date. Specify the time in the ISO 8601 standard. The time must be at 00:00:00 UTC. Example: 2002-10-11T00:00:00.000Z.

AbortMultipartUpload syntax

"AbortMultipartUpload": {
  "CreatedBeforeDate": String,
  "Days": Number
}

AbortMultipartUpload properties

Property Type Required Editable Description Constraint
Days Number No No The number of days from when the object was last modified to when the rule takes effects. When the number of days since the object was last modified exceeds the specified number of days, the object is deleted. If you set the Days property to 30, objects that were last modified on January 1, 2016 are deleted by the backend application on January 31, 2016.
CreatedBeforeDate String No No The time before which the rule takes effect. Specify the time in the ISO 8601 standard. The time must be at 00:00:00 UTC. Example: 2002-10-11T00:00:00.000Z.

LoggingConfiguration syntax

"LoggingConfiguration": {
  "TargetBucket": String,
  "TargetPrefix": String
}

LoggingConfiguration properties

Property Type Required Editable Description Constraint
TargetBucket String No No The bucket that is used to store access logs. None.
TargetPrefix String No No The prefix of the names of access logs that are saved. None.

WebsiteConfiguration syntax

"WebsiteConfiguration":{
  "IndexDocument": String,
  "ErrorDocument": String
}

WebsiteConfiguration properties

Property Type Required Editable Description Constraint
IndexDocument String No No The homepage for the hosted static website. None.
ErrorDocument String No No The error page of the hosted static website. None.

RefererConfiguration syntax

"RefererConfiguration":{
  "AllowEmptyReferer": String,
  "RefererList": List
}

RefererConfiguration properties

Property Type Required Editable Description Constraint
AllowEmptyReferer Boolean No No Specifies whether to allow access requests that have an empty Referer field. Default value: true. Valid values:
  • true: allows access requests that have an empty Referer field.
  • false: does not allow access requests that have an empty Referer field.
RefererList List No No The Referer whitelist. OSS allows requests whose Referer field values are in the Referer whitelist. None.

ServerSideEncryptionConfiguration syntax

"ServerSideEncryptionConfiguration":{
  "KMSMasterKeyID": String,
  "SSEAlgorithm": String
}

ServerSideEncryptionConfiguration properties

Property Type Required Editable Description Constraint
KMSMasterKeyID String No No The ID of the customer master key. This property is required when the SSEAlgorithm property is set to KMS and a specified key is used for encryption.
SSEAlgorithm String Yes No The default server-side encryption method. Valid values:
  • KMS
  • AES256

Return values

Fn::GetAtt

  • Name: the bucket name, which must be globally unique.
  • DomainName: the public domain name of the specified bucket.
  • InternalDomainName: the internal domain name of the specified bucket.

Examples

  • YAMLformat

    ROSTemplateFormatVersion: '2015-09-01'
Description: Creates a simple oss bucket
Parameters: {}
Metadata: {}
Resources:
  MyBucket:
    Type: ALIYUN::OSS::Bucket
    Properties:
      AccessControl: private
      BucketName: simple-oss-bucket
Outputs:
  BucketDomainName:
    Value:
      Fn::GetAtt:
        - MyBucket
        - DomainName

  • JSONformat

    {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Creates a simple oss bucket",
  "Parameters": {
  },
  "Metadata": {
  },
  "Resources": {
    "MyBucket": {
      "Type": "ALIYUN::OSS::Bucket",
      "Properties": {
        "AccessControl": "private",
        "BucketName": "simple-oss-bucket"
      }
    }
  },
  "Outputs": {
    "BucketDomainName": {
      "Value": {
        "Fn::GetAtt": [
          "MyBucket",
          "DomainName"
        ]
      }
    }
  }
}

For more examples, visit Bucket.json and Bucket.yml.