Object Storage Objects

Learn about how to manageObject Storage objects, which are files or unstructured data that you can upload to an Object Storage bucket to a compartment.

In the Object Storage service, an object is a file or unstructured data you upload to a bucket within a compartment  within an Object Storage namespace. The object can be any type of data, for example, multimedia files, data backups, static web content, or logs. You can store objects that are up to 10 TiB. Objects are processed as a single entity. You can't edit or append data to an object, but you can replace the entire object.

Object Storage allows versioning of objects, which creates an accessible and downloadable copy of a particular version of an object you uploaded to a bucket. Object versioning protects objects from accidental or malicious overwrite or deletion. For more information, see Object Storage Versioning.

These topics describes how to manage objects within a single bucket. For information on copying an object to another bucket, see Copying Objects.

You can perform the following Object Storage object tasks:

You can perform certain tasks on a group of objects at a time using the Command Line Interface. See Bulk Object Tasks for more information.

Required IAM Policy

To use Oracle Cloud Infrastructure, you must be granted security access in a policy  by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don’t have permission or are unauthorized, verify with your administrator what type of access you have and which compartment  to work in.

If you're new to policies, see Getting Started with Policies and Common Policies.

For administrators:

  • The policy Let Object Storage admins manage buckets and objects lets the specified group do everything with buckets and objects. Objects always reside in the same compartment as the bucket.

  • If you need to write a more restrictive policy for objects, the inspect objects lets you list all the objects in a bucket and do a HEAD operation for a particular object. In comparison, read objects lets you download the object itself.

  • To create more restrictive policies that grant individual permissions:

    • OBJECT_VERSION_DELETE is required to delete previous object versions on your behalf using lifecycle policies.

    • OBJECT_UPDATE_TIER is required to change the storage tier of an object.

See Details for Object Storage, Archive Storage, and Data Transfer for more information on Object Storage user permissions.

Pre-Authenticated Requests

Pre-authenticated requests provide a way to let users access a bucket or object without having their own credentials. For example, you can create a request that lets a user upload backups to a bucket without owning API keys. See Pre-Authenticated Requests for Object Storage for details.

Object Names

Unlike other resources, objects don't have Oracle Cloud Identifiers (OCIDs). Instead, users define an object name when they upload an object.

Use the following guidelines when naming an object:

  • Use from 1 to 1024 characters.

  • Valid characters are letters (upper or lowercase), numbers, and characters other than line feed, carriage return, and NULL.

    Important

    Bucket names and object names are case-sensitive. Object Storage handles q3-field-assets.xslx and Q3-Field-Assets.XSLX as separate objects.

  • Use only Unicode characters for which the UTF-8 encoding doesn't exceed 1024 bytes. Clients are responsible for URL-encoding characters.

  • Avoid entering confidential information.

  • Make the name unique within the bucket. Don't use the name of an existing object within the bucket when naming an object unless you intend to overwrite the existing object with the contents of the new or renamed object.

Tip

Object names can include one or more forward slash (/) characters in the name. See Object Naming Using Prefixes and Hierarchies for more information on using the forward slash in object names to create hierarchies.

Object Naming Using Prefixes and Hierarchies

Within an Object Storage namespace, buckets and objects exist in a flat structure. However, you can simulate a directory structure by adding a prefix string that includes one or more forward slashes (/) to an object name. Doing so lets you list one directory at a time, which is helpful when navigating a large set of objects.

For example:

marathon/finish_line.jpg
marathon/participants/p_21.jpg

If you added prefixes to object names, you can:

  • Use the CLI or API to perform bulk downloads and bulk deletes of all objects at a specified level of the hierarchy.

  • Use the Console to display a hierarchical view of your objects in virtual folders. In the previous example, marathon would be displayed as a folder containing an object named finish_line.jpg and participants would be a subfolder of marathon, containing an object named p_21.jpg. You can bulk upload objects to any level of the hierarchy and perform bulk deletes of all the objects in a bucket or folder.

Bulk operations at a specified level of the hierarchy don't affect objects in any preceding level.

When naming objects, you can also use prefix strings without a delimiter. No delimiters would allow search operations in the Console and certain bulk operations in the CL or API to match on the prefix portion of the object name. For example, in the object names below, the string gloves_27_ can serve as a prefix for matching purposes when performing bulk operations:

gloves_27_dark_green.jpg
gloves_27_light_blue.jpg	

When you perform bulk uploads with the Console, CLI, or API, you can prepend a prefix string to the names of the files you're uploading.

For hierarchy and prefix string details for a particular management interface, see the individual tasks in Object Storage Buckets.

Optional Response Headers and Metadata

When you upload objects, you can provide optional response headers and user-defined metadata. Response headers are HTTP headers sent from Object Storage to Object Storage clients when objects are downloaded. User-defined metadata are name-value pairs stored with an object. You can use the Console, REST API, or CLI to provide these optional attributes.

Important

No validation is performed on the response headers or metadata you provide.

You can specify values for the following response headers:

  • Content-Disposition

    Defines presentation only information for the object. Specifying values for this header has no effect on Object Storage behavior. Programs that read the object decide what to do based on the value provided. For example, you could use this header to let users download objects with custom file names in a browser:

    attachment; filename="fname.ext"

    See https://tools.ietf.org/html/rfc2616#section-19.5.1 for more information.

  • Cache-Control

    Defines the caching behavior for the object. Specifying values for this header has no effect on Object Storage behavior. Programs that read the object decide what to do based on the value provided. For example, you could use this header to identify objects that require caching restrictions:

    no-cache, no-store

    See https://tools.ietf.org/html/rfc2616#section-14.9 for more information.

You specify user-defined metadata in the form of name-value pairs. User-defined metadata names are stored and returned to Object Storage clients with the mandatory prefix of opc-meta-.

Object Lifecycle Management

Object Lifecycle Management lets you automatically manage the deletion of uncommitted multipart uploads, the movement of objects to a different storage tier, and the deletion of supported resources on your behalf within a given bucket. These automated actions are based on rules that you define and manage. See Object Lifecycle Management for Object Storage for more information about this feature.

Multipart Uploading and Downloading

The Oracle Cloud Infrastructure Object Storage service supports multipart uploading and downloading for objects.

Monitoring Resources

You can monitor the health, capacity, and performance of your Oracle Cloud Infrastructure resources by using metrics, alarms, and notifications. For more information, see Monitoring and Notifications.

For more information about monitoring objects, see Object Storage Metrics.

Creating Automation for Objects Using the Events Service

You can create automation based on state changes for your Oracle Cloud Infrastructure resources by using event types, rules, and actions. For more information, see Overview of Events.