Bucket in Object Storage
A bucket is an Object Storage storage unit allocated for user data. Each Yandex Cloud bucket has a unique name used in requests to Object Storage.
Buckets store data as objects. To organize data, you can create multiple buckets or use folders and prefixes within a single bucket.
You can also use buckets to host static websites.
For more information on getting started with buckets, see Getting started with Yandex Object Storage.
You can create a bucket via the management console, YC CLI, Terraform, API, or using some popular tools designed to work with the Amazon S3 HTTP API.
Naming buckets
A bucket name is used as part of the data access URL and is visible to your users, e.g., https://storage.yandexcloud.net/bucket-name.
The naming requirements are as follows:
-
Bucket names are unique throughout Object Storage, which means you cannot create two buckets with the same name, even in different folders belonging to different clouds. You should keep this in mind if you are going to create buckets automatically through the API.
-
Bucket names are subject to the following restrictions:
- The name must be from 3 to 63 characters long.
- The name may contain lowercase Latin letters, numbers, hyphens, and periods.
- The first and last characters must be letters or numbers.
- The characters to the right and left of the period must be letters or numbers.
- The name must not look like an IP address, e.g.,
10.1.3.9.
When choosing a name for your bucket, keep in mind that names containing dots are used for hosting static websites. You may encounter a name conflict that will prevent you or another user from hosting a website in Object Storage.
Bucket URL
You can use the following URL formats to access a bucket:
http(s)://storage.yandexcloud.net/<bucket_name>?<parameters>http(s)://<bucket_name>.storage.yandexcloud.net?<parameters>
Note
If you use AWS SDK for .NET, access the s3.yandexcloud.net host.
Accessing a bucket via HTTPS
Object Storage supports secure connections over HTTPS.
Note
When using a URL in http(s)://<bucket_name>.storage.yandexcloud.net format, the HTTPS protocol is available for the bucket only if the bucket name does not contain dots. For example:
https://example.storage.yandexcloud.netHTTPS is available for this bucket.http://example.ru.storage.yandexcloud.netHTTPS is not available for this bucket.
This is because Object Storage uses Wildcard certificates, which only support one level of subdomains.
To provide HTTPS support for a bucket with a dot in the name, upload your own security certificate to Object Storage.
For more information on HTTPS support when hosting websites in Object Storage, see Static website hosting.
Bucket settings
You can:
-
Limit the maximum bucket size.
Object Storage will not allow you to upload an object if doing so leads to exceeding the maximum bucket size.
-
Set the default storage class.
By default, objects uploaded to a bucket are saved with the storage class specified for that bucket.
-
Configure a bucket for static website hosting.
-
Upload a CORS configuration for a bucket.
-
Enable bucket encryption.
By default, objects added to the bucket are encrypted with the specified KMS key.
-
Set up object lifecycles.
Accessing buckets from Yandex Virtual Private Cloud cloud networks
Warning
The Service connections functionality (VPC Private Endpoints) is at the Preview stage and will become available for testing from September 26, 2024. To request access, contact your account manager.
To make Object Storage buckets accessible from VPC cloud networks directly, use a VPC service connection. With this connection, Object Storage is accessible via VPC internal IP addresses, no Internet access needed.
For more information on configuring the access, see Accessing a bucket using a service connection from Yandex Virtual Private Cloud.
Public access to buckets
Object Storage incorporates multiple mechanisms for managing access to resources. To learn how these mechanisms interact, see Access management methods in Object Storage: Overview.
By default, buckets are created with restricted access, as specified in the IAM settings. You can allow public access:
- To read objects in a bucket.
- To access the list of objects in a bucket.
- To read settings:
Public access to each operation is provided separately. This means, if you have opened read-only access to your objects, anonymous users cannot get the list of objects and bucket settings.
Warning
Public access is granted to an unlimited number of anonymous users. Use it only when other access grant mechanisms are not available.
If required, you can configure permissions to the buckets and objects they contain using ACLs or the access policy.
Statistics
Object Storage automatically delivers bucket performance metrics to Yandex Monitoring.
Performance statistics are available from the bucket page or the Monitoring interface.
For a list of metrics delivered to Monitoring, see the reference.
You can also access aggregate bucket statistics through the Yandex Cloud CLI.
Recommendations and limitations
-
Updating bucket statistics may take up to 20 minutes. Therefore, sometimes the specified maximum bucket capacity may be exceeded (e.g., during fast sequential upload of multiple objects).
-
In the management console, the information about the number of objects in the bucket and used up space is updated with a delay.
-
You cannot rename buckets.
-
The number of buckets does not affect the performance of Object Storage. How many buckets you use to store your data is up to you.
-
Buckets cannot be nested.
-
You can delete only an empty bucket.
-
After you delete objects from a bucket, the vacated space is not considered free for a while longer.
-
After deleting a bucket, you may not be able to create a new one with the same name right away. There is also a risk that another Yandex Cloud user may create a bucket with this name before you claim it again. Do not delete buckets without a good reason.
Note
If you limit the maximum size of a bucket, it may remain temporarily unavailable for writes even after you free up enough space for new objects.