ALIYUN::OSS::Bucket is used to create an Object Storage Service (OSS) bucket.
Syntax
{
"Type": "ALIYUN::OSS::Bucket",
"Properties": {
"AccessControl": String,
"RefererConfiguration": Map,
"ServerSideEncryptionConfiguration": Map,
"CORSConfiguration": Map,
"Tags": Map,
"LoggingConfiguration": Map,
"LifecycleConfiguration": Map,
"StorageClass": String,
"DeletionForce": Boolean,
"WebsiteConfiguration": Map,
"Policy": Map,
"BucketName": String
}
}
Properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| BucketName |
String |
Yes |
No |
The name of the bucket. |
The name must be 3 to 63 characters in length and can contain lowercase letters, digits,
and hyphens (-). The name must start and end with a lowercase letter or a digit.
|
| AccessControl |
String |
No |
No |
The access control configurations of the bucket. |
Valid values:
- private (default): The bucket is private.
- public-read: The bucket supports public reads.
- public-read-write: The bucket supports public reads and writes.
|
| CORSConfiguration |
Map |
No |
No |
The configurations of cross-origin resource sharing (CORS) for objects in the bucket.
|
For more information, see CORSConfiguration properties.
|
| LifecycleConfiguration |
Map |
No |
Yes |
The lifecycle configurations for objects in the bucket. |
For more information, see LifecycleConfiguration properties.
|
| LoggingConfiguration |
Map |
No |
No |
The log storage configurations. |
For more information, see LoggingConfiguration properties.
|
| RefererConfiguration |
Map |
No |
Yes |
The hotlink protection configurations. |
For more information, see RefererConfiguration properties.
|
| DeletionForce |
Boolean |
No |
No |
Specifies whether to forcibly delete objects from the OSS bucket. |
Valid values:
- true: forcibly deletes objects from the OSS bucket.
- false (default): does not forcibly delete objects from the OSS bucket.
|
| WebsiteConfiguration |
Map |
No |
No |
The configurations of the hosted static website. |
For more information, see WebsiteConfiguration properties.
|
| ServerSideEncryptionConfiguration |
Map |
No |
Yes |
The server-side encryption rules. |
For more information, see ServerSideEncryptionConfiguration properties.
|
| Tags |
Map |
No |
Yes |
The tags of the bucket. Tags exist as key-value pairs. |
A maximum of 20 tags can be specified.
A tag key must be 1 to 64 bytes in length and cannot start with http://, https://, or Aliyun.
A tag value must be 0 to 128 bytes in length and must be encoded in UTF-8.
|
| StorageClass |
String |
No |
No |
The type of the bucket. |
Default value: Standard. Valid values:
- Standard: Standard
- IA: Infrequent Access (IA)
- Archive: Archive
|
| Policy |
Map |
No |
No |
The bucket policy configurations. |
None |
CORSConfiguration syntax
"CORSConfiguration": {
"CORSRule": List
}
CORSConfiguration properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| CORSRule |
List |
No |
No |
The list of rules that define CORS of objects in the bucket. |
For more information, see CORSRule properties.
|
CORSRule syntax
"CORSRule": [
{
"MaxAgeSeconds": Number,
"AllowedMethod": List,
"ExposeHeader": List,
"AllowedOrigin": List,
"AllowedHeader": List
}
]
CORSRule properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| AllowedHeader |
List |
No |
No |
The allowed headers in cross-domain requests. |
Valid values:
- *
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
|
| AllowedMethod |
List |
No |
No |
The allowed methods for cross-domain requests. |
Valid values:
- *
- GET
- PUT
- POST
- DELETE
- HEAD
|
| AllowedOrigin |
List |
No |
No |
The origins from which you want to allow cross-domain requests. |
None |
| ExposeHeader |
List |
No |
No |
The response headers that you can access from your applications. |
Asterisks (*) cannot be used as wildcard characters. |
| MaxAgeSeconds |
Number |
No |
No |
The period of time that the browser can cache the response of a preflight (OPTIONS)
request to a specific resource.
|
None |
LifecycleConfiguration syntax
"LifecycleConfiguration": {
"Rule": List
}
LifecycleConfiguration properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| Rule |
List |
Yes |
No |
The list of rules that define how the bucket manages objects during their lifecycles.
|
For more information, see Rule properties.
|
Rule syntax
"Rule": [
{
"Status": String,
"AbortMultipartUpload": Map,
"Expiration": Map,
"Prefix": String,
"ID": String
}
]
Rule properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| ID |
String |
No |
No |
The unique ID of the rule. |
The ID can be up to 255 bytes in length. When this parameter is empty or not specified,
OSS generates a unique ID for the rule.
|
| Prefix |
String |
Yes |
No |
The prefix to which the rule applies. |
The rule takes effect only on objects that have a matching prefix. |
| Status |
String |
No |
Yes |
Specifies whether to enable the rule. |
Valid values:
- Enabled: enables the rule.
- Disabled: disables the rule.
|
| Expiration |
Map |
No |
No |
The expiration attributes of the rule for the specified object. |
For more information, see Expiration properties.
|
| AbortMultipartUpload |
Map |
No |
No |
The expiration attributes of the multipart upload tasks that are not complete. |
For more information, see AbortMultipartUpload properties.
|
Expiration syntax
"Expiration":{
"Days": Number,
"CreatedBeforeDate": String,
"Date": String
}
Expiration properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| Days |
Number |
No |
No |
The number of days from when the object was last modified to when the rule takes effect.
|
When the number of days since the object was last modified exceeds the specified number
of days, the object is deleted. If you set the Days parameter to 30, objects that
were last modified on January 1, 2016 are deleted by the backend application on January
31, 2016.
|
| CreatedBeforeDate |
String |
No |
No |
The date based on which the lifecycle rules are implemented. OSS performs the specified
operation on data that was last modified before this date.
|
Specify the time in the ISO 8601 standard. The time must be at 00:00:00 UTC. Example:
2002-10-11T00:00:00.000Z.
|
AbortMultipartUpload syntax
"AbortMultipartUpload": {
"CreatedBeforeDate": String,
"Days": Number
}
AbortMultipartUpload properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| Days |
Number |
No |
No |
The number of days from when the object was last modified to when the rule takes effect.
|
When the number of days since the object was last modified exceeds the specified number
of days, the object is deleted. If you set the Days parameter to 30, objects that
were last modified on January 1, 2016 are deleted by the backend application on January
31, 2016.
|
| CreatedBeforeDate |
String |
No |
No |
The time before which the rule takes effect. |
Specify the time in the ISO 8601 standard. The time must be at 00:00:00 UTC. Example:
2002-10-11T00:00:00.000Z.
|
LoggingConfiguration syntax
"LoggingConfiguration": {
"TargetBucket": String,
"TargetPrefix": String
}
LoggingConfiguration properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| TargetBucket |
String |
No |
No |
The bucket that is used to store access logs. |
None |
| TargetPrefix |
String |
No |
No |
The prefix of the names of access logs that are saved. |
None |
WebsiteConfiguration syntax
"WebsiteConfiguration":{
"IndexDocument": String,
"ErrorDocument": String
}
WebsiteConfiguration properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| IndexDocument |
String |
No |
No |
The homepage for the hosted static website. |
None |
| ErrorDocument |
String |
No |
No |
The error page of the hosted static website. |
None |
RefererConfiguration syntax
"RefererConfiguration":{
"AllowEmptyReferer": String,
"RefererList": List
}
RefererConfiguration properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| AllowEmptyReferer |
Boolean |
No |
No |
Specifies whether to allow access requests that have an empty Referer field. |
Valid values:
- true (default): allows requests that have an empty Referer field.
- false: denies requests that have an empty Referer field.
|
| RefererList |
List |
No |
No |
The Referer whitelist. OSS allows requests whose Referer field values are in the Referer
whitelist.
|
None |
ServerSideEncryptionConfiguration syntax
"ServerSideEncryptionConfiguration":{
"KMSMasterKeyID": String,
"SSEAlgorithm": String
}
ServerSideEncryptionConfiguration properties
| Property |
Type |
Required |
Editable |
Description |
Constraint |
| KMSMasterKeyID |
String |
No |
No |
The ID of the customer master key. |
The key ID is required only when the SSEAlgorithm parameter is set to KMS and a specified
key is used for encryption.
|
| SSEAlgorithm |
String |
Yes |
No |
The default server-side encryption method. |
Valid values:
|
Response parameters
Fn::GetAtt
- Name: the bucket name, which is globally unique.
- DomainName: the public domain name of the specified bucket.
- InternalDomainName: the internal domain name of the specified bucket.
Examples
JSON format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Policy": {
"Type": "Json",
"Description": "Bucket policy"
},
"CORSConfiguration": {
"Type": "Json",
"Description": "Rules that define cross-origin resource sharing of objects in this bucket."
},
"DeletionForce": {
"Type": "Boolean",
"Description": "Whether force delete the relative objects in the bucket. Default value is false.",
"AllowedValues": [
"true",
"false"
],
"Default": false
},
"BucketName": {
"Type": "String",
"Description": "bucket name."
},
"StorageClass": {
"Type": "String",
"Description": "Specifies the storage class of the bucket. Default is \"Standard\".",
"AllowedValues": [
"Standard",
"IA",
"Archive"
]
},
"LoggingConfiguration": {
"Type": "Json",
"Description": "Settings that defines where logs are stored."
},
"WebsiteConfiguration": {
"Type": "Json",
"Description": "The properties of website config."
},
"RefererConfiguration": {
"Type": "Json"
},
"LifecycleConfiguration": {
"Type": "Json",
"Description": "Rules that define how oss bucket manages objects during their lifetime."
},
"ServerSideEncryptionConfiguration": {
"Type": "Json",
"Description": "Specifies the bucket used to store the server-side encryption rule."
},
"AccessControl": {
"Type": "String",
"Description": "The access control list.",
"AllowedValues": [
"private",
"public-read",
"public-read-write"
],
"Default": "private"
},
"Tags": {
"Type": "Json",
"Description": "Bucket tags in k-v pairs format."
}
},
"Resources": {
"Bucket": {
"Type": "ALIYUN::OSS::Bucket",
"Properties": {
"Policy": {
"Ref": "Policy"
},
"CORSConfiguration": {
"Ref": "CORSConfiguration"
},
"DeletionForce": {
"Ref": "DeletionForce"
},
"BucketName": {
"Ref": "BucketName"
},
"StorageClass": {
"Ref": "StorageClass"
},
"LoggingConfiguration": {
"Ref": "LoggingConfiguration"
},
"WebsiteConfiguration": {
"Ref": "WebsiteConfiguration"
},
"RefererConfiguration": {
"Ref": "RefererConfiguration"
},
"LifecycleConfiguration": {
"Ref": "LifecycleConfiguration"
},
"ServerSideEncryptionConfiguration": {
"Ref": "ServerSideEncryptionConfiguration"
},
"AccessControl": {
"Ref": "AccessControl"
},
"Tags": {
"Ref": "Tags"
}
}
}
},
"Outputs": {
"DomainName": {
"Description": "The public DNS name of the specified bucket.",
"Value": {
"Fn::GetAtt": [
"Bucket",
"DomainName"
]
}
},
"InternalDomainName": {
"Description": "The internal DNS name of the specified bucket.",
"Value": {
"Fn::GetAtt": [
"Bucket",
"InternalDomainName"
]
}
},
"Name": {
"Description": "The name of Bucket",
"Value": {
"Fn::GetAtt": [
"Bucket",
"Name"
]
}
}
}
}
YAML format
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Policy:
Type: Json
Description: Bucket policy
CORSConfiguration:
Type: Json
Description: Rules that define cross-origin resource sharing of objects in this bucket.
DeletionForce:
Type: Boolean
Description: >-
Whether force delete the relative objects in the bucket. Default value is
false.
AllowedValues:
- 'true'
- 'false'
Default: false
BucketName:
Type: String
Description: bucket name.
StorageClass:
Type: String
Description: Specifies the storage class of the bucket. Default is "Standard".
AllowedValues:
- Standard
- IA
- Archive
LoggingConfiguration:
Type: Json
Description: Settings that defines where logs are stored.
WebsiteConfiguration:
Type: Json
Description: The properties of website config.
RefererConfiguration:
Type: Json
LifecycleConfiguration:
Type: Json
Description: Rules that define how oss bucket manages objects during their lifetime.
ServerSideEncryptionConfiguration:
Type: Json
Description: Specifies the bucket used to store the server-side encryption rule.
AccessControl:
Type: String
Description: The access control list.
AllowedValues:
- private
- public-read
- public-read-write
Default: private
Tags:
Type: Json
Description: Bucket tags in k-v pairs format.
Resources:
Bucket:
Type: 'ALIYUN::OSS::Bucket'
Properties:
Policy:
Ref: Policy
CORSConfiguration:
Ref: CORSConfiguration
DeletionForce:
Ref: DeletionForce
BucketName:
Ref: BucketName
StorageClass:
Ref: StorageClass
LoggingConfiguration:
Ref: LoggingConfiguration
WebsiteConfiguration:
Ref: WebsiteConfiguration
RefererConfiguration:
Ref: RefererConfiguration
LifecycleConfiguration:
Ref: LifecycleConfiguration
ServerSideEncryptionConfiguration:
Ref: ServerSideEncryptionConfiguration
AccessControl:
Ref: AccessControl
Tags:
Ref: Tags
Outputs:
DomainName:
Description: The public DNS name of the specified bucket.
Value:
'Fn::GetAtt':
- Bucket
- DomainName
InternalDomainName:
Description: The internal DNS name of the specified bucket.
Value:
'Fn::GetAtt':
- Bucket
- InternalDomainName
Name:
Description: The name of Bucket
Value:
'Fn::GetAtt':
- Bucket
- Name
To view more examples, visit Bucket.json and Bucket.yml.