To help you easily understand how to use NAVER CLOUD PLATFORM’s various services and APIs, two different types of documentation are provided: [Manuals] and [API References].

Object Storage API Reference >>
Object Storage Manual >>

We are preparing a localization service for the content. We will do our best to provide the localization service as soon as possible.

Before use

Q. What is Object Storage used for?

NAVER CLOUD PLATFORM's Object Storage is a file storage service that helps users store and look up data anytime, anywhere. It is used for the following purposes.

  • Storage, sharing and distribution of files: You can store content, which can be then shared with or distributed to other users.
  • Large repositories: You can store mass data in Object Storage.
  • Data backup and long-term retention: You can back up important data and retain it for a long time.

Q. What are the limitations and limits when using Object Storage?

The following limitations and limits apply:

  • Bucket quantity: Up to 1,000 (※ You can contact us to request increases for bucket quantity.)
  • Object name string length (including folder path): Up to 1,024 bytes
  • Maximum capacity of a single object when uploading: You can upload up to 2 GB per file when uploading from the console, and up to 10 TB per file when using the API. (※ There is no limit to the storage capacity of buckets.)
  • When the object lock setting (WORM) feature is applied, you can't delete or modify until after the retention period expires.

Q. How do I use Object Storage?

You can request and use Object Storage in NAVER CLOUD PLATFORM’s Console.
Follow the procedure below.

1. Go to the Console and click Object Storage.

2. Click Application for use to sign up for Object Storage.

3. Create a bucket in the Console.

4. Upload or download files to or from the bucket as needed.

To use the Object Storage API, go to My Page > Manage Auth Key in the portal and create an API authentication key. After creating an API authentication key, use the Object Storage API by referring to Object Storage API Reference.

Q. What is the difference between Public administration and Permissions?

Public administration allows you to open your buckets or files to users who are not the members of NAVER CLOUD PLATFORM. Permissions for buckets are different from those for files.

  • Make buckets public: Allows users to view the list of objects (files and folders) in the bucket and upload files.
  • Make files public: Allows users to view file information and download files.

Permissions enables you to assign permissions to NAVER CLOUD PLATFORM users. You can use this to grant specific permissions to specified users.

  • Permissions for buckets: List Object, Upload, ACL Lookup, and Edit ACL
  • Permissions for files: Download, ACL Lookup and Edit ACL

Q. Can I use a tool working with S3?

Since Object Storage provides AWS S3 compatible API, you can use any tool that works with S3 in Object Storage. Follow the procedure below to use S3 Browser.

1. Download and install the latest version of S3 Browser (https://s3browser.com/download.aspx).

2. Run S3 Browser, and go to Menu > Account > Add New Account to set the following.

  • Account Type: S3 Compatible Storage
  • REST Endpoint: kr.object.ncloudstorage.com
  • Access Key ID: access key (Enter the API authentication key that you selected when you request Object Storage. Go to My Page > Manage Account > Manage Auth Key in the portal to get the authentication key.)
  • Secret Access Key: Secret key (Enter the secret key connected with the API authentication key.)
  • Use secure transfer (SSL/TLS): Select the option.

3. Check if it is successfully connected on the Task tab.

  • Check if you can create and delete buckets, upload and download files, and create and delete folders.
  • We recommend you to use NAVER CLOUD PLATFORM’s console or the related APIs in order to grant permissions.

Q. How much does Object Storage cost?

The price plans for Object Storage are basically pay-as-you-go.

Object Storage charges = Data storage charges + charges for API requests + network transmission charges

  • Data storage charges: Changes calculated based on the amount of capacity used to store your data in Object Storage and the storage period.
  • Charges for API requests: Charges for API requests made to view a list of containers (buckets), upload and download files, etc.
  • Network transmission charges: Charges for downloading files.

Note: No charges apply for network transmissions between Object Storage and CDN+/Global CDN.

Q. What is Lifecycle Management?

Usually, access to data becomes less frequent over time. So, you can keep frequently used data in storage with fast I/O, and those that need long-term retention for compliance and future analysis purposes in inexpensive storage to reduce TCO.

Since NAVER CLOUD PLATFORM’s Object Storage supports faster I/O speed than Archive Storage, it provides Lifecycle Management helping you store frequently used data in Object Storage and those that need long-term retention in Archive Storage.

With automatic data transfer from Object Storage to Archive Storage according to schedule-based policies, you can reduce costs as well as systematically manage your data.

Q. How do I use Lifecycle Management?

You can request and use Lifecycle Management in NAVER CLOUD PLATFORM’s Console. Follow the procedure below.

1. Go to the Console and click Object Storage.

2. Click Lifecycle Management in Object Storage.

3. Click Create Lifecycle Policy to add a policy.

Q. Does it cost any extra charges to use Lifecycle Management?

No extra charges apply.

Q. (Lifecycle Management) Is there an Overwrite Existing File feature?

Such a feature is not supported., Meaning, if an Object of an Object Storage is changed, it will not be changed in the Archive Storage.

Q. (Lifecycle Management) How long does a transfer take?

As transfer times can differ depending on the state of the infrastructure, it is hard to guarantee an exact transfer time. Transfer times may be delayed depending on the situation.

Q. How do I connect to Object Storage in VPC?

When connecting to Object Storage from a server within VPC, here is the method below.

1. Servers in Public Subnet

  • Internet-based communication is possible using the public domain kr.object.ncloudstorage.com.
  • Private communication is possible using the private domain kr.object.private.ncloudstorage.com.

2. Servers in Private Subnet

  • By default, communication is possible using the private domain kr.object.private.ncloudstorage.com.
  • You can also use the NAT Gateway to communicate using the public domain kr.object.ncloudstorage.com.

How to use Object Storage

Step 1. Prepare an authentication key

To use Object Storage through the API, you need an API authentication key. Go to My Page > Manage Account > Manage Auth Key in the portal page to create an API authentication key.

1. Click Create a New API Authentication Key.

  • An account can have up to two API authentication keys.

Step 2. Request Object Storage

Click Object Storage in the console.

1. Click Application for use.

2. Check the information and click OK to complete the request process.

Step 3. Create a bucket

1. Click Create Bucket.

2. Enter a bucket name.

  • A bucket name once created cannot be changed. As a bucket name is used for the domain of the object, it must be carefully selected.
  • A bucket name must be unique in the NAVER CLOUD PLATFORM region.

3. Select whether to make the bucket public.

  • Only the list of files and folders in the bucket is made public. Whether or not to make files public can be set in each file.

4. Share the bucket with other accounts in NAVER CLOUD PLATFORM.

  • You can choose some or all of the permissions, “List Object,” “Upload,” “ACL Lookup” and “Edit ACL” and grant them.

5. (If necessary) Apply for object lock setting (WORM).

  • This protects data by blocking changes and deletions of objects during the period defined by users.
  • If you need to retain long-term data, applying WORM can prevent data from unintentionally being changed and deleted.
  • Please note that when using WORM, the data is protected until the specified expiration date, so you can't cancel the subscription and delete the account.
  • It is currently only available to enterprise customers. If you're a private customer and want to use the service, then please send a request through our customer center.

6. Set object lock.

  • Maximum retention period: The maximum retention period allowed for the bucket. You can set it between 0 to 365 days.
  • Default retention period: This is the default retention period applied when saving objects in a bucket. You can set a separate retention period within the maximum retention period for objects in the bucket. You can set it between 0 to 365 days.

7. Confirm the settings and create the bucket.

Step 4. Upload/download files

Select a bucket and upload files to it.

1. Click the name of the bucket you want to upload files to.

2. Click Upload files and upload files.

  • The maximum size of files you can upload using the Console is 2 GB, and the maximum size using the API is 5 TB.
  • You can conveniently grant the same permissions to files when uploading them.

3. Select a file to see the details.

  • When you select a file, the Download button is enabled.

Bucket Access Log Management

With bucket access log management, you can save a history of requests that accessed a bucket.

1. Select a bucket for which you need to save its access log, and then click Log Management.

2. Select a bucket whose log you want to save. The bucket must be one that you own.

3. Select a prefix for the access log that you want to save in the bucket.

※ Once created, you can view the access log setting history in Bucket Information.

4. Click the Add button to the right to add a bucket where you want to save the access log.

5. Click OK at the bottom of the page to complete setting up the access log.

How to use Lifecycle Management

Step 1. Select a policy type.

Policy mainly consists of 3 types:

1) Delete after expiration: The object is deleted after a certain period of time. 2) Transfer: The object is transferred to the archive storage after a certain period of time. 3) Delete after transfer: The object is transferred to the archive storage after a certain period of time and the original object is deleted.

For Delete after expiration and Delete after transfer, you should be careful because the "delete" logic applies.

After selecting a policy, enter the time when the policy will become valid. You can enter the time in days when the object is to be transferred or deleted, compared to the time when the object is saved to the object storage. (1 day to 3,650 days)

Step 2. Select a bucket and object from the managed object storage.

You can select a managed object based on its prefix.

  • Example: /apache/log/access_

Managed object prefix policy applies to the entire path of the object. (including folder and file names)

E.g., if applying the prefix "test10", the policy applies to both of the following.

① If the prefix is included in the file name: test101.jpg

② If the prefix is included in the folder name on a path: test1010/img1.jpg

Step 3. (For Transfer/Delete after transfer) Enter the information about the bucket of the archive storage to which the object is to be transferred and the detailed path.

  • Example: /apache_log/

Step 4. Review the entered policy, and then apply. After application, the policy is automatically turned on.

You can turn the policy on/off as needed.

Use object lock (WORM: Write Once Read Many)

This protects data by blocking changes and deletions of objects during the period defined by users. If you need to retain long-term data, applying WORM can prevent data from unintentionally being changed and deleted. The bucket with object lock management must add a content MD5 value to the header as required when uploading the object.

※ Please note that when using WORM, the data is protected until the specified expiration date, so you can't cancel the subscription and delete the account.

Request conditions

  • You can apply object lock management upon initial bucket creation or when a bucket is empty.
  • It is currently only available to enterprise customers. If you're a private customer and want to use the service, then please send a request through our customer center.

Lock management settings

  • Set at bucket level Bucket level settings are possible in [bucket management] - [bucket detail] - [object lock] menu.

    ① Maximum retention period: The maximum retention period allowed for the bucket. You can set it between 0 to 365 days.

    ② Default retention period: This is the default retention period applied when saving objects in a bucket. You can set a separate retention period within the maximum retention period for objects in the bucket. You can set it between 0 to 365 days.

  • Set at object level You can set the retention period when uploading an object. When uploading, you can set up various forms of retention in [Permission and metadata settings] - [Lock management] menu. The following 2 retention types are provided. When uploading, the retention period set on the object can only be extended within the maximum retention period specified in the bucket.

    ① Period: You can freely enter the retention period of the object within the maximum retention period specified in the bucket.

    ② Date: You can explicitly enter the expiration date of retention. When entering the date, you can enter one within the maximum retention period specified in the bucket.

You can set the object lock regardless of the retention period specified in the bucket. You can also explicitly manage the reasons for retaining the objects via labels. Objects with legal retention are protected, so you can't change and delete them.

Check and change lock information

  • You can check the bucket's lock information in the bucket's lock management. Once a bucket's lock settings are enabled, you can't disable the lock management. You can change the maximum and default retention periods.

  • You can check an object's lock information in [Details] – [Lock management] after selecting the object. You can check the lock expiration date and lock setting of the object, and you can also extend the retention period.

Q. What is Sub Account?

Sub Account is a free permissions management platform provided by NAVER CLOUD PLATFORM, allowing you to create sub accounts under your main account. For more information, refer to “How to Use Sub Account.”

Q. What types of Object Storage access permissions does Sub Account have?

All sub accounts that have access to Object Storage are assigned the same permissions as their main account, with the following roles and access types.

Roles Access types
Console Access API Gateway Access Console Access + API Gateway Access
Infra manager
(NCP_INFRA_MANAGER)
This user type has access to Object Storage using the Console.
(same permission as the main account/API is not available)
This user type has access to Object Storage using the API.
(same permission as the main account/Console is not available)
This user type has access to Object Storage using the Console and the API.
(same permission as the main account)
Object Storage Manager
(NCP_OBJECT_STORAGE_MANAGER)
This user type has access to Object Storage using the Console.
(same permission as the main account/API is not available)
This user type has access to Object Storage using the API.
(same permission as the main account/Console is not available)
This user type has access to Object Storage using the Console and the API.
(same permission as the main account)

Sub accounts that are not assigned the roles specified in the table above do not have access to Object Storage.

Use the Access Control feature

You may set the Object Storage to be accessed by only the servers allowed by a client.

1. Select a bucket to be access controlled.

2. Click on Access Control and enable the Access Control feature.

3. Select a server to grant access permission to a selected bucket.

※ Only possible within a VPC server that you own.

4. Click the right arrow button to add a server to the ACL Settings Information.

※ To delete a previously set server, click on the ACL Settings Information on the right, then click the left arrow button to remove a server from the settings.

5. Click OK to apply the feature.

※ You cannot use CDN+/GCDN for buckets that are access controlled. ※ Communication between the VPC server and the bucket with access control is possible through the private domain kr.object.private.ncloudstorage.com.

See also

You can see the related topics below.

results matching ""

    No results matching ""

    Processing...