Overview of Object Storage

The Oracle Cloud Infrastructure Object Storage service is an internet-scale, high-performance storage platform that offers reliable and cost-efficient data durability. The Object Storage service can store an unlimited amount of unstructured data of any content type, including analytic data and rich content, like images and videos.

With Object Storage, you can safely and securely store or retrieve data directly from the internet or from within the cloud platform. Object Storage offers multiple management interfaces that let you easily manage storage at scale. The elasticity of the platform lets you start small and scale seamlessly, without experiencing any degradation in performance or service reliability.

Object Storage is a regional service and is not tied to any specific compute instance. You can access data from anywhere inside or outside the context of the Oracle Cloud Infrastructure, as long you have internet connectivity and can access one of the Object Storage endpoints. Authorization and resource limits are discussed later in this topic.

The following list summarizes some of the ways that you can use Object Storage.

big data/Hadoop support
You can use Object Storage as the primary data repository for big data. Object Storage offers a scalable storage platform that lets you store large data sets and operate seamlessly on those data sets. The HDFS connector provides connectivity to various big data analytic engines like Apache Spark and MapReduce. This connectivity enables the analytics engines to work directly with data stored in Object Storage. For more information, see Hadoop Support.
You can use Object Storage to preserve backup and archive data that must be stored for an extended duration to adhere to various compliance mandates.
content repository
You can use Object Storage as your primary content repository for data, images, logs, and video. You can reliably store and preserve this data for a long time, as well as serve this content directly from Object Storage. The storage scales as your data storage needs scale.
log data
You can use Object Storage to preserve application log data so that you can retroactively analyze this data to determine usage pattern and/or debug issues.
very large data sets
You can use Object Storage to store generated application data that needs to be preserved for future use. Pharmaceutical trials data, genome data, and Internet of Things (IoT) data are examples of generated application data that you can preserve using Object Storage.

Object Storage Resources

The following summarizes the Object Storage resources. Authorization and resource limits are discussed later in this topic.

Any type of data, regardless of content type, is stored as an object. The object is composed of the object itself and metadata about the object. Each object is stored in a bucket.
A logical container for storing objects. Users or systems create buckets as needed. A bucket is associated with a single compartment that has policiesA document in the IAM that specifies who has what type of access to your resources. It is used in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources. that determine what actions a user can perform on a bucket and on all the objects in the bucket.
A logical entity that serves as a top-level container for all buckets and objects, allowing you to control bucket naming within your tenancy. Each tenancy is provided one unique and uneditable namespace that is global, spanning all compartments and regions. Bucket names must be unique within a namespace, but can be repeated across different namespaces. Within a namespace, buckets and objects exist in flat hierarchy, but you can simulate a directory structure to help navigate a large set of objects (for example, guitars/fender/stratocaster.jpg, guitars/gibson/lespaul.jpg).
Note that if your namespace was created based on your tenancy name, your namespace uses all lower-case letters (regardless of the presence of capital letters in your tenancy name). When using the API, CLI, or SDKs, do not use capital letters in your namespace string.
A collection of related resources that can be accessed only by those who are explicitly granted access permission by an administrator. Compartments help you organize resources and make it easier to control the access to those resources. Object Storage automatically creates a root compartment when a compartment is provisioned. An administrator can then create additional compartments within the root compartment and add access rules for those compartments. A bucket can only exist in one compartment.

Object Storage Features

Object Storage provides the following features:

strong consistency
When a read request is made, Object Storage always serves the most recent copy of the data that was written to the system.
Object Storage is a regional service and is available across all the availability domainsOne or more isolated, fault-tolerant Oracle data centers that host cloud resources such as instances, volumes, and subnets. A region contains several availability domains. within a region. Data is stored redundantly across multiple storage servers and across multiple availability domains. Object Storage actively monitors data integrity using checksums and automatically detects and repairs corrupt data. Object Storage actively monitors and ensures data redundancy. If a redundancy loss is detected, Object Storage automatically creates additional data copies.
custom metadata
You can define your own extensive metadata as key-value pairs for any purpose. For example, you can create descriptive tags for objects, retrieve those tags, and sort through the data.
Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own key. Object keys are encrypted with a master encryption key that is frequently rotated. Encryption is enabled by default and cannot be turned off.

Object Storage Tiers

Object Storage offers two distinct storage class tiers to address the need for both performant, frequently accessed "hot" storage, as well as less frequently accessed "cold" storage. Storage tiers help you maximize performance where appropriate and minimize costs where possible.

  • Use the Standard Object Storage tier for data to which you need fast, immediate, and frequent access. Data accessibility and performance justifies a higher price point to store data in the Standard tier.
  • Use the Archive Storage tier for data to which you seldom or rarely access, but that must be retained and preserved for long periods of time. The cost efficiency of the Archive Storage tier offsets the long lead time required to access the data. For more information, see Archive Storage.

You interact with the data stored in either tier using the same bucket and object resources, as well as the same management interfaces.

Ways to Access Object Storage

You can access Object Storage using any of the following options, based on your preference and its suitability for the task you want to complete:

  • The Console is an easy-to-use, browser-based interface. When you sign up to use Oracle Cloud Infrastructure, you receive a customized URL for your organization. For example, https://console.us-ashburn-1.oraclecloud.com?tenant=CompanyABC. If you instead use the base URL, you are prompted to specify your tenant (for example, CompanyABC) on the sign-in page, along with your user name and password. You can also use the Console link at the top of this page to go to the sign-in page.
  • The Object Storage command line interface (CLI) provides both quick access and full functionality without the need for programming. For more information, see SDKs and Other Tools.
  • The Object Storage REST API provides the most functionality, but requires programming expertise. For general information about using the API, including endpoints, see About the API.
  • The Oracle Cloud Infrastructure SDKs offer tools to interact with Object Storage without having to create a framework. For general information about using the SDKs, see SDKs and Other Tools.

Using Object Storage

If you are ready to use Object Storage, you can find more information in the following topics:

Limits on Object Storage Resources

See Service Limits for a list of applicable limits and instructions for requesting a limit increase.

Additional limits include:

  • Number of namespaces per root compartment: 1
  • Maximum size of object metadata: 2 K

Authentication and Authorization

Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).

An administrator in your organization needs to set up groupsA collection of users who all need a particular type of access to a set of resources or compartment., compartmentsA collection of related resources that can be accessed only by certain groups that have been given permission by an administrator in your organization., and policiesA document in the IAM that specifies who has what type of access to your resources. It is used in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources. that control which users can access which services, which resources, and the type of access. For example, the policies control who can create new users, create and manage the cloud network, launch instances, create buckets, download objects, etc. For more information, see Getting Started with Policies. For specific details about writing policies for each of the different services, see Policy Reference.

If you’re a regular user (not an administrator) who needs to use the Oracle Cloud Infrastructure resources that your company owns, contact your administrator to set up a user ID for you. The administrator can confirm which compartment or compartments you should be using.