FAQ about Object Storage
What is Yandex Object Storage?
Yandex Object Storage is a universal scalable solution for data storage. It is equally suited for high-load services requiring reliable and fast access to data and for projects with moderate storage infrastructure requirements.
What can I do with Yandex Object Storage?
With Object Storage, you can:
- Store your project (website or server app) files in Object Storage with public or private access to them. The files can be of any format.
- Store large archive data (up to 5 TB per file) and make them available based on access permissions.
- Enable shared work with data inside a distributed organization.
- Make your data accessible from anywhere in the world where there is internet.
How do I get started with Yandex Object Storage?
To get started with Object Storage:
- Sign up for Yandex Cloud.
- Create a folder.
At this step, you can already use Object Storage via the Yandex Cloud management console. You can create and delete buckets, as well as upload objects to and download them from buckets. - Get static keys to use the Object Storage HTTP API or ready-made SDKs and apps.
For more detailed instructions, see Getting started with Yandex Object Storage and How to use the S3 API.
What data formats can I store?
You can store data in any format. Yandex Object Storage saves data in its original form without any modification.
How can I leave feedback on Yandex Object Storage?
Use the feedback form in the support center
How do I contact technical support?
You can contact technical support from the management console in the Support
How much data can I store?
See Quotas and limits in Object Storage.
How can I delete multiple objects at a time?
You can delete multiple objects via the Yandex Cloud management console or the API using the deleteMultipleObjects method.
A service account cannot access a bucket, why is that?
Make sure the service account is assigned the role that allows accessing the bucket.
If encryption is enabled for the bucket, assign the service account the kms.keys.encrypterDecrypter
role for the KMS key used to encrypt the bucket. You can do this, for example, using the following CLI command:
yc kms symmetric-key add-access-binding \
--id <key_ID> \
--service-account-id <service_account_ID> \
--role kms.keys.encrypterDecrypter
Where:
--id
: KMS key ID.--service-account-id
: Service account ID.
What does Yandex Cloud do with the data I store in Yandex Object Storage?
The data is saved in the form in which it was transmitted by the user.
Does Yandex use Object Storage to store its own data?
Yes. Object Storage is used in the Yandex infrastructure. A number of Yandex services store their websites' static data in Object Storage.
Which data consistency model does Yandex Object Storage use?
For overwritable (PUT) and removable (DELETE) objects, the strong consistency model is used.
What AWS S3 features are supported in Yandex Object Storage?
Object Storage supports:
- Authorization using static tokens.
- Some HTTP API methods. For a full list of supported methods, see the API reference.
Where is my data stored?
Data is stored in several geographically distributed data centers located in Russia. For more information, see Availability zones.
How is my data protected in Yandex Object Storage?
Physical media are located in Yandex Cloud data centers, which are high-security facilities.
Data is stored in an encrypted format and none of those who have access to the physical media can read the data.
By default, the storage is accessed via HTTPS.
How do you guarantee the performance of Yandex Object Storage?
Object Storage has internal SLAs and SLOs that guarantee a specific speed of sending data to the customer, which, among other things, depend on the storage class.
The Object Storage response time depends on multiple factors:
- Client-side performance (network speed, CPU load, or disk subsystem load).
- Speed of trunk connections, connections between data centers, or client-server connections.
- Performance of Object Storage itself.
This is why we cannot specify a particular response time value. However, we do not consider a sharp increase in response time or a marked decrease in the speed of sending data to be the norm, and keep working to improve the technical characteristics of Object Storage.
on Personal Data
?
Does the service meet the requirements under Russian Federation Federal Law No. 152-FZ Yes, it does. You can read the full security audit conclusion
Can I get logs of my operations with services?
Yes, you can request log records about your resources from Yandex Cloud services. For more information, see Data requests.
How do I add my own domain to a Object Storage bucket?
To add your domain to a bucket:
-
Create a bucket with the same name as your domain.
-
Configure the bucket as hosting.
-
On your DNS server, create a CNAME record to link your domain to the bucket.
-
(Optional) Add your own certificate to Certificate Manager or issue a free-of-charge Let's Encrypt certificate.
-
Configure HTTPS by linking a certificate from Certificate Manager to your bucket or uploading your own.
Once you have successfully completed all steps, the objects will be accessible through links in <domain_name>/<object_key>
format.
Why did I lose access to the bucket after creating/updating a bucket policy?
Possible causes:
-
Bucket policies treat objects within a bucket and the bucket itself as different resources. For a bucket policy rule to apply both to the bucket and the objects in it, specify them as separate resources, e.g.,
samplebucket
andsamplebucket/*
. -
If a bucket policy with no rules is applied to the bucket, access is denied to all users. To disable request verification for a bucket policy, delete it.
-
If a bucket is interacting with a Hive Metastore or Yandex Managed Service for Apache Airflow™ cluster and the bucket has a bucket policy assigned to it, the cluster cannot write data to or read data from the bucket without a service account with the appropriate role. For more information, see these guides for Metastore and Managed Service for Apache Airflow™.
How do I get access to Object Storage from a Virtual Private Cloud cloud network?
For resources hosted in a VPC cloud network and having no public IP addresses or no access to the internet, you can set up a connection to Object Storage via an API endpoint. The FQDN of the endpoint will be translated to a public IP using DNS.