# oss-storage-guide Part of **OSS** # Object Storage Service Storage Console Guide ## Operations Overview | Operation | Console Navigation Path | Prerequisites | Description | |------|-----------|---------|------| | Batch Operations | Console > OSS > Bucket Management > Batch Operations | A valid OSS bucket created; appropriate permissions (e.g., oss:ListObjects, oss:DeleteObject) | Perform bulk actions like delete, copy, or set ACL on multiple objects | | Block Public Access | Console > OSS > Buckets > Bucket Settings > Block Public Access | An existing OSS bucket; RAM user with sufficient permissions | Prevent unauthorized public access to buckets and objects | | Manage Lifecycle | Console > OSS > Buckets > Lifecycle Management | A bucket already created; permissions to manage bucket lifecycle rules | Configure rules for automatic object transition or deletion | | Configure Pay-by-Requester | Console > OSS > Buckets > Select Bucket > Permissions > Pay-by-Requester | A bucket already created; user has permissions to modify bucket ACLs | Enable requester-pays billing mode for data access | | Enable Real-time Archive Access | Console > OSS > Buckets > Select Bucket > Object Management > Archive Objects > Enable Real-time Access | Bucket in supported region; archive objects exist; permissions to modify bucket properties | Allow immediate retrieval of archive objects without restoration delay | | Convert Storage Redundancy | Console > OSS > Buckets > Select Bucket > Redundancy Type Conversion | Bucket must be empty or meet conversion prerequisites; permissions to modify bucket properties | Change the data redundancy type (e.g., Standard to ZRS) | | Set Retention Policy | Console > OSS > Buckets > Select Bucket > Lifecycle Rules > Retention Policy | Bucket in supported region; oss:PutLifecycleConfiguration permission | Configure immutable retention rules for compliance | | Configure Static Website | Console > OSS > Buckets > Select Bucket > Website Hosting | Bucket created and accessible; sufficient permissions | Host static websites with index and error document settings | | Tag Objects | Console > OSS > Buckets > Select Bucket > Objects > Tagging | Bucket exists; permissions to modify object metadata | Apply key-value tags to one or more objects | | Manage Directories | Console > OSS > Buckets > Manage Directories | Existing bucket; permissions to manage objects and directories | Create and organize virtual directories within a bucket | | Manage Object Access Control | Console > OSS > Buckets > Select Bucket > Permissions > ACL Management | Bucket exists; permissions to modify ACLs | Set bucket- or object-level ACLs (Private, Public-Read, etc.) | | Monitor Object Access | Console > OSS > Buckets > [Bucket Name] > Monitoring > Access Tracking | Bucket exists; read permissions; account-level access tracking enabled | Enable and view logs of who accesses your objects | | Manage Object Storage | Console > OSS > Buckets > Manage Objects | Alibaba Cloud account; bucket created in desired region | Perform basic operations like uploading, downloading, and setting storage class | | Configure Bucket Access Policy | Console > OSS > Buckets > Select Bucket > Permissions > Bucket Policy | Bucket created; RAM user with policy modification permissions | Define JSON-based bucket policies for fine-grained access control | | Manage Bucket | Console > OSS > Buckets > Manage Buckets | Active Alibaba Cloud account; OSS service enabled | Create, configure, or delete buckets | | Configure CORS Policy | Console > OSS > Buckets > Bucket Settings > CORS Configuration | Bucket already created; console access with permissions | Set Cross-Origin Resource Sharing rules for web applications | | Configure Custom Domain | Console > OSS > Buckets > Select Bucket > Domain Management > Custom Domain | Registered domain; DNS modification rights; existing bucket | Map a custom domain (e.g., static.example.com) to a bucket | | Enable Versioning | Console > OSS > Buckets > Select Bucket > Versioning | Bucket exists; permissions to modify bucket properties | Turn on object versioning to preserve multiple versions | | View and Analyze Storage Access Logs | Console > OSS > Log Management | OSS service enabled; bucket created; access logging enabled | Query and analyze bucket access logs by time, request type, or status | | Add Tags to Object | Console > OSS > Buckets > Select Bucket > Objects > Select Object > Tags | Bucket created; permissions to modify object metadata | Apply tags to individual objects for organization | | Configure Referer Rules | Console > OSS > Buckets > Select Bucket > Configuration > Referer | OSS bucket created; read/write permissions | Set anti-leech rules using Referer whitelist/blacklist | | Migrate Data | Console > OSS > Buckets > Migrate Data | Source and destination buckets exist; cross-bucket permissions | Copy data between buckets with filtering options | | Manage Bucket Permissions | Console > OSS > Buckets > Permissions | Bucket created; RAM user or role with permissions | Configure authorization policies via dropdown or custom JSON | ## Step-by-Step Instructions ### Batch Operations **Navigation**: Console > OSS > Bucket Management > Batch Operations **Prerequisites**: - A valid OSS bucket created - Appropriate permissions (e.g., oss:ListObjects, oss:DeleteObject) assigned to the user or role 1. Navigate to the OSS console and select the target bucket - Element: **Bucket Management** (link) — left navigation panel 2. Click on the 'Batch Operations' tab within the bucket - Element: **Batch Operations** (tab) — main content area 3. Select the operation type (e.g., Delete, Copy, Set ACL) - Element: **Operation Type** (dropdown) — top form section - Notes: Available options include Delete, Copy, Set ACL, and Set Metadata. 4. Specify the object prefix or list of objects to apply the operation to - Element: **Object Prefix** (text_input) — form field - Notes: Use wildcards like * or ? for pattern matching. 5. Review the operation summary and confirm by clicking 'Execute' - Element: **Execute** (button) — bottom-right corner - Notes: A confirmation dialog will appear before execution. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Operation Type | dropdown | Yes | Delete, Copy, Set ACL, Set Metadata | Defines the action to be performed on the selected objects. | | Object Prefix | text_input | No | — | Specifies a prefix to filter objects. Supports wildcards (*, ?). | | Destination Bucket | text_input | No | — | Required only when copying objects; specifies the target bucket. | | ACL Setting | dropdown | No | Private, PublicRead, PublicReadWrite | Sets the access control level for the objects being modified. | ### Block Public Access **Navigation**: Console > OSS > Buckets > Bucket Settings > Block Public Access **Prerequisites**: - An existing OSS bucket - RAM user with sufficient permissions (e.g., oss:PutBucketAcl, oss:GetBucketAcl) 1. Navigate to the target bucket in the OSS console - Element: **Buckets** (link) — left navigation panel 2. Click on the bucket name to open its details page - Element: **bucket-name** (link) — main content area 3. Go to the Bucket Settings tab - Element: **Bucket Settings** (tab) — top navigation bar 4. Select Block Public Access from the settings menu - Element: **Block Public Access** (menu) — left sidebar under Bucket Settings 5. Toggle the switch to enable or disable block public access - Element: **Enable Block Public Access** (toggle) — main content area - Notes: Enabling this setting prevents any public read/write access to the bucket. Disabling it may expose data to public access. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Enable Block Public Access | toggle | No | — | Controls whether public access to the bucket is blocked. When enabled, no public ACLs or policies can be set. | ### Manage Lifecycle **Navigation**: Console > OSS > Buckets > Lifecycle Management **Prerequisites**: - A bucket already created - Permissions to manage bucket lifecycle rules 1. Click the bucket name in the bucket list - Element: **Bucket Name** (link) — bucket list in the main content area 2. Navigate to the Lifecycle tab - Element: **Lifecycle** (tab) — top navigation panel of the bucket details page 3. Click Add Rule - Element: **Add Rule** (button) — top-right corner of the Lifecycle tab 4. Set the prefix filter for the rule - Element: **Prefix** (text_input) — Rule Configuration form - Notes: Optional: Use a prefix to apply the rule to specific object keys 5. Select the storage class to transition to - Element: **Transition to** (dropdown) — Rule Configuration form - Notes: Options include Standard, IA, Archive, Cold Archive 6. Set the number of days after which the transition should occur - Element: **After days** (number_input) — Rule Configuration form 7. Optionally set an expiration date - Element: **Expiration** (checkbox) — Rule Configuration form - Notes: If checked, specify the number of days after which objects are deleted 8. Click Save - Element: **Save** (button) — bottom of the form | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Prefix | text_input | No | — | Filter objects by key prefix to apply the rule only to matching objects | | Transition to | dropdown | Yes | Standard, IA, Archive, Cold Archive | The destination storage class for objects after transition | | After days | number_input | Yes | — | Number of days after object creation when the transition should occur | | Expiration | checkbox | No | — | Enable object deletion after a specified number of days | | Delete after days | number_input | No | — | Number of days after object creation when the object should be deleted | ### Configure Pay-by-Requester **Navigation**: Console > OSS > Buckets > Select Bucket > Permissions > Pay-by-Requester **Prerequisites**: - A bucket already created - User has permissions to modify bucket ACLs 1. Navigate to the bucket's permission settings - Element: **Permissions** (tab) — left navigation panel 2. Click on the 'Pay-by-Requester' section - Element: **Pay-by-Requester** (link) — main content area 3. Toggle the switch to enable pay-by-requester - Element: **Enable Pay-by-Requester** (toggle) — main content area - Notes: When enabled, the requester will be charged for GET and LIST operations. ### Enable Real-time Archive Access **Navigation**: Console > OSS > Buckets > Select Bucket > Object Management > Archive Objects > Enable Real-time Access **Prerequisites**: - Bucket must be in a supported region - Archive objects must exist in the bucket - User must have permissions to modify bucket properties 1. Navigate to the bucket containing Archive objects - Element: **Buckets** (link) — left navigation panel 2. Click on the bucket name to open its overview page - Element: **Bucket Name** (link) — main content area 3. Go to the Object Management tab - Element: **Object Management** (tab) — top navigation bar 4. Locate the Archive objects section and click 'Enable Real-time Access' - Element: **Enable Real-time Access** (button) — top-right corner - Notes: A confirmation dialog will appear. Click 'Confirm' to proceed. ### Convert Storage Redundancy **Navigation**: Console > OSS > Buckets > Select Bucket > Redundancy Type Conversion **Prerequisites**: - Bucket must be empty or have no objects with versioning enabled - User must have permissions to modify bucket properties - Bucket should not be part of a cross-region replication setup 1. Navigate to the OSS console and select the target bucket - Element: **Buckets** (menu) — left navigation panel 2. Click on the bucket name to open its details page - Element: **Bucket Name** (link) — main content area 3. Go to the 'Properties' tab and locate the 'Redundancy Type' section - Element: **Properties** (tab) — top navigation bar 4. Click the 'Change Redundancy Type' button - Element: **Change Redundancy Type** (button) — Redundancy Type section - Notes: This button is only visible if the current redundancy type supports conversion. 5. Select the new redundancy type from the dropdown menu - Element: **Redundancy Type Dropdown** (dropdown) — modal dialog - Notes: Available options include Standard, ZRS (Zone Redundant Storage), and Archive. 6. Confirm the change by clicking 'OK' - Element: **OK** (button) — bottom of modal - Notes: The conversion may take several minutes depending on the data size and selected redundancy type. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Redundancy Type | dropdown | Yes | Standard, ZRS (Zone Redundant Storage), Archive | Specifies the desired redundancy level for the bucket. Higher redundancy increases durability but may affect cost. | ### Set Retention Policy **Navigation**: Console > OSS > Buckets > Select Bucket > Lifecycle Rules > Retention Policy **Prerequisites**: - Bucket must be in a supported region - User must have oss:PutLifecycleConfiguration permission - Bucket should not have existing lifecycle rules conflicting with retention 1. Click on the bucket name in the bucket list - Element: **Bucket Name** (link) — main content area 2. Navigate to the Lifecycle Rules tab - Element: **Lifecycle Rules** (tab) — top navigation panel 3. Click Add Rule to create a new retention rule - Element: **Add Rule** (button) — top-right corner - Notes: A modal dialog will appear with configuration options 4. Select 'Retention Policy' as the rule type - Element: **Rule Type** (dropdown) — modal form - Notes: Available options include Expiration, Transition, and Retention Policy 5. Set the retention period in days - Element: **Retention Period (days)** (text_input) — form field - Notes: Minimum value is 1 day; maximum is 36500 days (100 years) 6. Enable legal hold if required for compliance - Element: **Legal Hold** (checkbox) — form field - Notes: Enabling this prevents deletion even after retention period expires 7. Click Save to apply the rule - Element: **Save** (button) — bottom of modal - Notes: The rule takes effect immediately upon saving | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Rule Type | dropdown | Yes | Expiration, Transition, Retention Policy | Specifies the type of lifecycle rule to apply | | Retention Period (days) | number_input | Yes | — | Number of days after which the object becomes immutable | | Legal Hold | checkbox | No | — | If enabled, object cannot be deleted even after retention period ends | ### Configure Static Website **Navigation**: Console > OSS > Buckets > Select Bucket > Website Hosting **Prerequisites**: - A bucket must be created and accessible - The bucket owner must have sufficient permissions to configure website hosting - The bucket should not already have a website configuration 1. Click on the bucket name in the bucket list - Element: **Bucket Name** (link) — main content area 2. Navigate to the Website Hosting tab - Element: **Website Hosting** (tab) — top navigation panel 3. Click the Enable button to activate static website hosting - Element: **Enable** (button) — top-right corner - Notes: Only available if no existing website configuration exists 4. Enter the index document name (e.g., index.html) - Element: **Index Document** (text_input) — form fields section - Notes: Must be a valid file name within the bucket 5. Enter the error document name (e.g., error.html) - Element: **Error Document** (text_input) — form fields section - Notes: Optional; defaults to index document if not set 6. Click Save to apply the configuration - Element: **Save** (button) — bottom of form - Notes: Configuration is applied immediately after saving | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Index Document | text_input | Yes | — | The default page served when a user accesses the root of the website URL | | Error Document | text_input | No | — | The page served when a requested resource is not found | ### Tag Objects **Navigation**: Console > OSS > Buckets > Select Bucket > Objects > Tagging **Prerequisites**: - A bucket must exist in the selected region - User must have permissions to modify object metadata 1. Navigate to the target bucket in the OSS console - Element: **Buckets** (link) — left navigation panel 2. Click on the specific bucket name to open its overview page - Element: **bucket-name** (link) — main content area 3. Go to the Objects tab and select one or more objects to tag - Element: **Objects** (tab) — top navigation 4. Click the 'Tagging' button to open the tagging interface - Element: **Tagging** (button) — top-right corner - Notes: Multiple objects can be tagged simultaneously 5. Enter key-value pairs for each tag in the form fields - Element: **Add Tag** (button) — tagging form - Notes: Tags are case-sensitive; maximum 128 characters per key and value | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Key | text_input | Yes | — | The label for the tag (e.g., 'Project', 'Department') | | Value | text_input | Yes | — | The value associated with the tag (e.g., 'Marketing', 'Q4-2023') | ### Manage Directories **Navigation**: Console > OSS > Buckets > Manage Directories **Prerequisites**: - An existing bucket must be created - User must have permissions to manage objects and directories 1. Click on the bucket name in the bucket list - Element: **Bucket Name** (link) — main content area 2. Navigate to the 'Directories' tab - Element: **Directories** (tab) — top navigation panel 3. Click the 'Create Directory' button - Element: **Create Directory** (button) — top-right corner - Notes: Enter directory name in the dialog box that appears 4. Enter the directory name and confirm - Element: **Directory Name** (text_input) — dialog form - Notes: Directory names must be unique within the bucket and cannot contain special characters | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Directory Name | text_input | Yes | — | The name of the directory to create. Must be unique within the bucket. | ### Manage Object Access Control **Navigation**: Console > OSS > Buckets > Select Bucket > Permissions > ACL Management **Prerequisites**: - A bucket must exist in the selected region - User must have permission to modify bucket or object ACLs 1. Navigate to the target bucket in the OSS console - Element: **Buckets** (link) — left navigation panel 2. Click on the bucket name to open its details page - Element: **Bucket Name** (link) — main content area 3. Go to the Permissions tab and select ACL Management - Element: **Permissions** (tab) — top navigation bar 4. Select a bucket or object to modify ACL - Element: **Select Object or Bucket** (dropdown) — ACL Management section - Notes: Users can choose between bucket-level or object-level ACLs 5. Set the desired access level using the dropdown menu - Element: **Access Level** (dropdown) — ACL configuration form - Notes: Options include Private, Public-Read, Public-Read-Write 6. Click Save to apply the new ACL settings - Element: **Save** (button) — bottom of the form - Notes: Changes take effect immediately | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Access Level | dropdown | Yes | Private, Public-Read, Public-Read-Write | Defines who can read or write the selected bucket or object | | Apply to | radio | Yes | Entire Bucket, Specific Object | Determines whether the ACL applies to all objects in the bucket or only a specific object | ### Monitor Object Access **Navigation**: Console > OSS > Buckets > [Bucket Name] > Monitoring > Access Tracking **Prerequisites**: - A bucket must exist in the OSS console - The user must have read permissions for the bucket - Access tracking feature must be enabled at the account level 1. Navigate to the bucket's monitoring page - Element: **Monitoring** (tab) — top navigation panel of the bucket details page 2. Click on 'Access Tracking' to open the access tracking settings - Element: **Access Tracking** (link) — Monitoring section - Notes: This option may only appear if access tracking is enabled at the account level. 3. Enable access tracking by toggling the switch - Element: **Enable Access Tracking** (toggle) — Access Tracking configuration panel - Notes: After enabling, access logs will be generated for all object operations. 4. View access logs in the table - Element: **Access Logs Table** (table) — main content area - Notes: Logs include timestamp, requester IP, operation type, and object key. ### Manage Object Storage **Navigation**: Console > OSS > Buckets > Manage Objects **Prerequisites**: - An Alibaba Cloud account with valid credentials - A bucket created in the desired region 1. Navigate to the OSS console - Element: **OSS** (link) — left navigation panel 2. Select the target bucket from the list - Element: **Bucket List** (dropdown) — main content area - Notes: Ensure the correct region is selected in the top-right corner. 3. Click on 'Upload File' to begin uploading a file - Element: **Upload File** (button) — top-right corner - Notes: You can drag and drop files or browse from your local system. 4. Configure access permissions for the uploaded object - Element: **Access Control** (tab) — upload dialog - Notes: Choose between public read, private, or custom ACL settings. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Bucket Name | text_input | Yes | — | The name of the bucket where the object will be stored. | | File Path | text_input | Yes | — | The path within the bucket where the file should be placed. | | Storage Class | dropdown | Yes | Standard, Infrequent Access, Archive, Cold Archive | Defines the cost and performance characteristics of the storage. | | Enable Versioning | toggle | No | — | Enables version control for objects in this bucket. | ### Configure Bucket Access Policy **Navigation**: Console > OSS > Buckets > Select Bucket > Permissions > Bucket Policy **Prerequisites**: - A bucket already created in OSS - RAM user or role with sufficient permissions to modify bucket policies 1. Click on the bucket name in the bucket list - Element: **Bucket Name** (link) — main content area 2. Navigate to the Permissions tab - Element: **Permissions** (tab) — top navigation panel 3. Click on the Bucket Policy section - Element: **Bucket Policy** (link) — left navigation panel 4. Click the Edit button to modify the policy - Element: **Edit** (button) — top-right corner - Notes: The policy editor opens in a modal dialog with JSON input field 5. Enter the JSON policy document in the editor - Element: **Policy Document** (text_input) — modal dialog - Notes: Policy must be valid JSON. Use the sample template provided for guidance. 6. Click Save to apply the updated policy - Element: **Save** (button) — bottom of modal - Notes: Changes take effect immediately after saving | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Policy Document | text_input | Yes | — | Enter the JSON-formatted bucket policy that defines access rules for the bucket | ### Manage Bucket **Navigation**: Console > OSS > Buckets > Manage Buckets **Prerequisites**: - An active Alibaba Cloud account - OSS service enabled - Required permissions to manage buckets 1. Click on the 'Create Bucket' button - Element: **Create Bucket** (button) — top-right corner of the Buckets page - Notes: Ensure you select the correct region before creating a bucket. 2. Select a region from the dropdown menu - Element: **Region** (dropdown) — main content area - Notes: The selected region determines where your bucket data will be stored. 3. Enter a unique bucket name in the text field - Element: **Bucket Name** (text_input) — form fields section - Notes: Bucket names must be globally unique across all users. 4. Set access control to 'Private' or 'Public Read' - Element: **Access Control** (dropdown) — form fields section - Notes: Choose based on whether the bucket contents should be publicly accessible. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Bucket Name | text_input | Yes | — | A globally unique identifier for the bucket. Must follow naming rules. | | Region | dropdown | Yes | China (Hangzhou), China (Beijing), International (Singapore), International (Virginia) | Specifies the geographical location of the bucket. | | Access Control | dropdown | Yes | Private, Public Read, Public Read-Write | Controls who can access objects in the bucket. | ### Configure CORS Policy **Navigation**: Console > OSS > Buckets > Bucket Settings > CORS Configuration **Prerequisites**: - A bucket already created - Access to the OSS console with appropriate permissions 1. Navigate to the bucket's settings page - Element: **Bucket Settings** (link) — left navigation panel 2. Click on the CORS Configuration tab - Element: **CORS Configuration** (tab) — top navigation bar of the bucket settings 3. Add a new CORS rule - Element: **Add Rule** (button) — main content area 4. Enter the allowed origin - Element: **Allowed Origin** (text_input) — form field in the rule editor - Notes: Enter a specific domain (e.g., https://example.com) or use '*' for all origins 5. Select allowed HTTP methods - Element: **Allowed Methods** (dropdown) — form field in the rule editor - Notes: Choose from GET, PUT, POST, DELETE, HEAD 6. Specify allowed headers - Element: **Allowed Headers** (text_input) — form field in the rule editor - Notes: Enter header names (e.g., Content-Type, Authorization) 7. Set the maximum age of the preflight response - Element: **Max Age (seconds)** (number_input) — form field in the rule editor - Notes: Default is 5 seconds; increase for better performance 8. Save the CORS rule - Element: **Save** (button) — bottom of the form | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Allowed Origin | text_input | Yes | — | The domain(s) that are allowed to access the bucket resources | | Allowed Methods | dropdown | Yes | GET, PUT, POST, DELETE, HEAD | The HTTP methods that are permitted for cross-origin requests | | Allowed Headers | text_input | No | — | The headers that are allowed in cross-origin requests | | Max Age (seconds) | number_input | No | — | How long the browser should cache the preflight response | ### Configure Custom Domain **Navigation**: Console > OSS > Buckets > Select Bucket > Domain Management > Custom Domain **Prerequisites**: - A valid domain name registered with a DNS provider - Permissions to modify DNS records for the domain - An existing OSS bucket 1. Click on the bucket name in the bucket list - Element: **Bucket Name** (link) — main content area 2. Navigate to the Domain Management tab - Element: **Domain Management** (tab) — top navigation panel 3. Click the Add Custom Domain button - Element: **Add Custom Domain** (button) — top-right corner 4. Enter the custom domain name (e.g., static.example.com) - Element: **Custom Domain Name** (text_input) — form field - Notes: The domain must be unique across all OSS buckets and not already used by another service. 5. Copy the CNAME target provided by OSS - Element: **CNAME Target** (text_input) — form field - Notes: This value must be added as a CNAME record in your DNS provider's console. 6. Save the configuration - Element: **Save** (button) — bottom of form - Notes: After saving, it may take up to 10 minutes for DNS propagation. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Custom Domain Name | text_input | Yes | — | The domain name you want to use (e.g., static.example.com). Must be unique and not already in use. | | Enable HTTPS | checkbox | No | — | Enables secure HTTPS access to the bucket via the custom domain. Requires SSL certificate management. | ### Enable Versioning **Navigation**: Console > OSS > Buckets > Select Bucket > Versioning **Prerequisites**: - A bucket must exist before enabling versioning - User must have the necessary permissions to modify bucket properties 1. Navigate to the bucket list in the OSS console - Element: **Buckets** (link) — left navigation panel 2. Click on the target bucket name - Element: **Bucket Name** (link) — main content area 3. Go to the Versioning tab - Element: **Versioning** (tab) — top navigation bar of the bucket details page 4. Click Enable Versioning - Element: **Enable Versioning** (button) — center of the Versioning section - Notes: After enabling, all new object uploads will create new versions. Existing objects remain unchanged unless explicitly updated. ### View and Analyze Storage Access Logs **Navigation**: Console > OSS > Log Management **Prerequisites**: - OSS service enabled - Bucket created - Access logging enabled 1. Enter the log management page - Element: **** (menu) — left navigation panel 2. Select the target bucket - Element: **** (dropdown) — top of page - Notes: Only shows buckets with logging enabled 3. Click the query button - Element: **** (button) — query condition area - Notes: Supports filtering by time range, request type, status code, etc. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Time Range | date_picker | No | — | Specify the time interval for log queries | | Request Type | dropdown | No | GET, PUT, POST, DELETE, HEAD | Filter by specific HTTP request types | | Status Code | text_input | No | — | Input specific HTTP status codes for filtering | ### Add Tags to Object **Navigation**: Console > OSS > Buckets > Select Bucket > Objects > Select Object > Tags **Prerequisites**: - A bucket already created - Permissions to modify object metadata 1. Click on the object you want to tag - Element: **Object name** (link) — Objects list 2. Click the 'Tags' tab - Element: **Tags** (tab) — Object details panel 3. Click 'Add Tag' - Element: **Add Tag** (button) — Tags section 4. Enter key and value for the tag - Element: **Key input field, Value input field** (text_input) — Tag form - Notes: Maximum length: 128 characters for both key and value 5. Click 'Save' to apply the tag - Element: **Save** (button) — Bottom of the form | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Key | text_input | Yes | — | The tag key used to categorize the object | | Value | text_input | Yes | — | The corresponding value for the tag key | ### Configure Referer Rules **Navigation**: Console > OSS > Buckets > Select Bucket > Configuration > Referer **Prerequisites**: - OSS bucket created - Read/write permissions 1. Enter the OSS console - Element: **** (link) — top navigation bar 2. Select the target bucket from the list - Element: **** (table) — main content area 3. Click the "Configuration" button next to the bucket - Element: **** (button) — action column 4. Select the "Referer" tab in configuration - Element: **** (tab) — left navigation menu 5. Enable referer protection - Element: **** (toggle) — feature switch area - Notes: Disabled by default; must be manually enabled 6. Set Referer whitelist or blacklist - Element: **Referer** (text_input) — Referer rule settings - Notes: Enter multiple domains, one per line; supports wildcards like *.example.com 7. Check whether to allow empty Referer requests - Element: **Referer** (checkbox) — Referer rule settings - Notes: If disabled, requests without Referer header will be rejected 8. Click "Save" to submit configuration - Element: **** (button) — bottom of page - Notes: Configuration takes effect immediately | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | toggle | No | — | Enable or disable referer protection | | Referer | text_input | No | — | List of allowed domains; supports wildcards | | Referer | text_input | No | — | List of blocked domains; supports wildcards | | Referer | checkbox | No | — | Allow requests without Referer header | ### Migrate Data **Navigation**: Console > OSS > Buckets > Migrate Data **Prerequisites**: - Source and destination buckets must exist - Access keys with sufficient permissions for both buckets - Network connectivity between source and destination regions 1. Click the 'Migrate Data' button in the bucket overview page - Element: **Migrate Data** (button) — top-right corner of the bucket details panel - Notes: Ensure the bucket is not in a locked state before starting migration. 2. Select the source bucket from the dropdown menu - Element: **Source Bucket** (dropdown) — main content area - Notes: Only buckets in the same account or with cross-account access can be selected. 3. Enter the destination bucket name or select it from the list - Element: **Destination Bucket** (text_input) — main content area - Notes: The destination bucket must be in the same region or a supported cross-region location. 4. Configure migration options such as filtering by prefix or date range - Element: **Filter Options** (tab) — left navigation panel - Notes: Use filters to reduce migration time and cost by excluding unnecessary objects. 5. Click 'Start Migration' to initiate the job - Element: **Start Migration** (button) — bottom of the form - Notes: Migration jobs can take hours depending on data size; monitor progress in the Jobs tab. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Source Bucket | dropdown | Yes | bucket-1, bucket-2, bucket-3 | The bucket containing the data to be migrated. | | Destination Bucket | text_input | Yes | — | The target bucket where data will be copied. | | Prefix Filter | text_input | No | — | Optional filter to migrate only objects with a specific prefix. | | Date Range | date_picker | No | — | Limit migration to objects created within a specified date range. | | Overwrite Existing Objects | checkbox | No | — | If enabled, existing objects in the destination will be overwritten. | ### Manage Bucket Permissions **Navigation**: Console > OSS > Buckets > Permissions **Prerequisites**: - A bucket already created - RAM user or role with appropriate permissions 1. Navigate to the bucket's permission settings - Element: **Permissions** (tab) — left navigation panel 2. Click on the 'Edit Policy' button to modify the bucket policy - Element: **Edit Policy** (button) — main content area - Notes: The policy editor opens in a modal dialog. 3. Select the type of policy to apply (e.g., public read/write, private) - Element: **Policy Type** (dropdown) — policy editor form - Notes: Options include: Private, Public Read, Public Read-Write, Custom Policy. 4. Enter the principal (user or service) to grant access to - Element: **Principal** (text_input) — policy editor form - Notes: Can be a RAM user ARN, service account, or anonymous (for public access). 5. Click 'Confirm' to save the updated policy - Element: **Confirm** (button) — bottom of modal - Notes: Changes take effect immediately after confirmation. | Parameter | Type | Required | Options/Values | Description | |-----------|------|----------|----------------|-------------| | Policy Type | dropdown | Yes | Private, Public Read, Public Read-Write, Custom Policy | Defines the level of access granted to the bucket. | | Principal | text_input | No | — | Specifies the user, group, or service that will receive the permission. | | Effect | dropdown | Yes | Allow, Deny | Determines whether the action is permitted or denied. | ## FAQ Q: Where do I find the option to enable versioning for my bucket? A: Navigate to your bucket in the OSS console, go to the **Versioning** tab, and click **Enable Versioning**. Note that once enabled, versioning cannot be disabled—only suspended. Q: What happens if I leave the "Error Document" field empty when configuring a static website? A: If no error document is specified, the bucket will return the index document (e.g., index.html) for 404 errors, which may result in incorrect user experience. It's recommended to provide a dedicated error page. Q: Can I modify a retention policy after it has been applied to a bucket? A: No. Once a retention policy is locked (which happens automatically after creation in compliance mode), it cannot be shortened or removed until the retention period expires. Ensure the duration is correct before saving. Q: Why can't I see the "Block Public Access" toggle in my bucket settings? A: This setting may be hidden if your bucket already has public ACLs or policies that conflict with blocking public access. You must first remove public permissions before enabling this security feature. Q: Do object tags affect billing or performance? A: Tags themselves do not impact performance. Most tagging operations are free, but some bulk tagging actions may incur minimal per-request fees. Tags can be used with lifecycle rules or access policies, which may indirectly influence costs. ## Pricing & Billing ### Billing Model Operations are billed per request (per-operation pricing). Some features like bucket policies, CORS, and basic ACLs are free. Storage and data transfer fees apply separately based on usage. ### Price Reference | Tier | Input Price | Output Price | |------|-------------|--------------| | Standard | 0.0004 /1000 requests | 0.0004 /1000 requests | | Infrequent Access (IA) | 0.0003 /1000 requests | 0.0003 /1000 requests | | Archive | 0.0002 /1000 requests | 0.0002 /1000 requests | | Archive with real-time access | 0.001 / | 0.002 / | | Batch operations | 0.0001 / | 0.0001 / | | Pay-by-requester | 0.0004 / | 0.0004 / | ### Free Tier - Static website hosting: 1 million free requests/month - Lifecycle management: 1,000 free operations/month - Batch operations: 100 free operations/month - Tagging: 1,000 free operations/month (some implementations are fully free) - Access log queries: 1,000 free queries/month - Real-time archive access: 100 free accesses/month ### Billing Notes - Conversion operations (e.g., redundancy type) are billed per request, not by data volume. - Enabling real-time access on archive objects incurs per-read fees; without it, reads are free but require restoration time. - Requester-pays mode shifts data access costs to the requester; the bucket owner is not charged for those operations. - Free tiers reset monthly and do not roll over. - Storage fees (e.g., 0.0001 /GB·day for Standard) are separate from request fees.