product introduction · you to manage obs locally and easily. obs browser+ tool guide obsutil...

Object Storage Service

Product Introduction

Issue 15

Date 2020-10-13

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without priorwritten consent of Huawei Technologies Co., Ltd. Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respectiveholders. NoticeThe purchased products, services and features are stipulated by the contract made between Huawei andthe customer. All or part of the products, services and features described in this document may not bewithin the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,information, and recommendations in this document are provided "AS IS" without warranties, guaranteesor representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute a warranty of any kind, express or implied.

Issue 15 (2020-10-13) Copyright © Huawei Technologies Co., Ltd. i

Contents

1 About OBS................................................................................................................................. 1

2 Advantages............................................................................................................................... 5

3 Functions Overview................................................................................................................ 9

4 Restrictions............................................................................................................................. 17

5 Billing....................................................................................................................................... 21

6 Permissions Management................................................................................................... 29

7 Related Services.....................................................................................................................36

8 Basic Concepts........................................................................................................................388.1 Objects...................................................................................................................................................................................... 388.2 Buckets..................................................................................................................................................................................... 398.3 Parallel File System.............................................................................................................................................................. 408.4 Access Keys (AK/SK)............................................................................................................................................................ 408.5 Endpoints and Domain Names........................................................................................................................................ 418.6 Region and AZ....................................................................................................................................................................... 43

9 Change History...................................................................................................................... 45

Object Storage ServiceProduct Introduction Contents

Issue 15 (2020-10-13) Copyright © Huawei Technologies Co., Ltd. ii

1 About OBS

About Object Storage Service

Object Storage Service (OBS) is a cloud storage service optimized for storingmassive amounts of data. It provides unlimited, secure, and highly reliable storagecapabilities at a relatively low cost.

OBS provides users with unlimited storage capacity, stores files in any format, andcaters to the needs of common users, websites, enterprises, and developers.Neither the entire OBS system nor any single bucket has limitations on storagecapacity or the number of objects/files that can be stored. As a web service, OBSsupports APIs over Hypertext Transfer Protocol (HTTP) and Hypertext TransferProtocol Secure (HTTPS). You can use OBS Console or OBS tools to access andmanage data stored in OBS anytime, anywhere. With OBS-provided SDKs andAPIs, you can easily manage data stored in OBS and develop upper-layer serviceapplications.

HUAWEI CLOUD deploys OBS infrastructures in multiple regions and deliversflexible expansion and enhanced reliability. You can deploy OBS in specific regionsfor faster access speeds at an affordable price.

Product Architecture

Bucket and object are the two basic concepts in OBS.

A bucket is a container for storing objects in OBS. Each bucket is specific to aregion and has specific storage class and access permissions. A bucket is accessiblethrough its access domain name over the Internet.

An object is the basic unit of data storage in OBS. An object consists of a key,metadata, and data.

● A key specifies the name of an object. An object key is a UTF-8 string rangingfrom 1 to 1024 characters. Each object is uniquely identified by a key within abucket.

● Metadata: Metadata describes an object, and is classified into systemmetadata and custom metadata. The metadata is a set of key-value pairs thatare assigned to the object stored in OBS.

Object Storage ServiceProduct Introduction 1 About OBS

Issue 15 (2020-10-13) Copyright © Huawei Technologies Co., Ltd. 1

https://www.huaweicloud.com/intl/en-us/product/obs.html

– System metadata is automatically assigned by OBS for managing theobject. System metadata includes Date, Content-Length, Last-Modified,Content-MD5, and more.

– You can specify custom metadata to describe the object when you uploadthe object to OBS.

● Data: refers to the content that the object contains.

With secondary development based on OBS REST APIs, HUAWEI CLOUD providesOBS Console, SDKs, and a variety of tools for you to easily access buckets andobjects in different scenarios. You can also use OBS SDKs and APIs to developapplications that meet your business needs.

Figure 1-1 Product architecture

Storage ClassesOBS offers the following storage classes: Standard, Infrequent Access, and Archive,comprehensively meeting various requirements for storage performance and costs.● The Standard storage class features low access latency and high throughput.

It is therefore suitable for storing a massive number of hot files (frequentlyaccessed every month) or small files (less than 1 MB). The applicationscenarios include big data analytics, mobile apps, hot videos, and social apps.

● The Infrequent Access storage class is ideal for storing data that is semi-frequently accessed (less than 12 times a year), with requirements for quickresponse. The application scenarios include file synchronization, file sharing,and enterprise backup. It provides the same durability, access latency, andthroughput as the Standard storage class but at a lower cost. However, theInfrequent Access storage class has lower availability than the Standardstorage class.

● The Archive storage class is suitable for archiving data that is rarely-accessed(averagely once a year). The application scenarios include data archiving andlong-term data backups. The Archive storage class is secure, durable, and



inexpensive, and can be used to replace tape libraries. However, it may takehours to restore data from the Archive storage class.

When an object is uploaded to a bucket, it inherits the storage class of the bucketby default. You can change the default storage class when you upload the object.

Changing the storage class of a bucket does not change the storage classes ofexisting objects in the bucket, but newly uploaded objects inherit the new storageclass by default.

Table 1-1 Comparison between storage classes

Compared Item Standard InfrequentAccess

Archive

Feature Top-notchperformance,highly reliableand available

Reliable,inexpensive, andreal-time storageaccess

Long-termstorage forarchived data at avery low cost

Applicationscenarios

Cloud application,data sharing,content sharing,and hot datastorage

Web diskapplications,enterprise backup,active archiving,and datamonitoring

Archive, medicalimage storage,video materialstorage, andreplacement oftape libraries

Designeddurability

99.999999999% 99.999999999% 99.999999999%

Designeddurability (multi-AZ)

99.9999999999% 99.9999999999% -

Designavailability

99.99% 99.99% 99.99%

Designedavailability(multi-AZ)

99.995% 99.995% -

Minimum storageduration

Not required 30 days 90 days

Data restoration N/A Chargedaccording to theamount of datarestored(measured in GB)

Two restorationoptions: urgentand standardChargedaccording to theamount of datarestored(measured in GB)

Image processing Supported Supported Not supported



https://support.huaweicloud.com/intl/en-us/obs_faq/obs_faq_0058.html










How to Access OBSOBS provides various resource management tools. You can use any of the toolslisted in Table 1-2 to access and manage resources in OBS.

Table 1-2 OBS resource management tools

Tool Description How to Use

OBS Console OBS Console is a web-based GUI. You canperform operations on OBS Console easily.

ConsoleOperation Guide

OBS Browser(abandoned)

OBS Browser has been abandoned since April15, 2020. Its functions are inherited by thenew client tool OBS Browser+ that providesyou with better user experience. Downloadthe latest OBS Browser+ We apologize forany inconvenience and appreciate yourunderstanding.

-

OBS Browser+

OBS Browser+ is an OBS management toolrunning on the Windows operating system.OBS Browser+ is also a GUI tool that allowsyou to manage OBS locally and easily.

OBS Browser+Tool Guide

obsutil obsutil is a command line tool for accessingOBS. You can use this tool to performcommon configurations in OBS. If you arefamiliar with command line interface (CLI),obsutil is recommended as an ideal tool forbatch processing and automated tasks.

obsutil ToolGuide

obsfs obsfs, built on the basis of Filesystem inUserspace (FUSE), is a file system toolprovided by OBS for mounting parallel filesystems to Linux operating systems. Itenables you to easily access the infinitestorage space in OBS in the same way as youoperate a local file system.

obsfs Tool Guide

SDK OBS SDKs encapsulate APIs provided by OBSto simplify user development. Users candirectly use API functions provided by theOBS SDKs to obtain the OBS servicecapabilities.

SDK Reference

API With APIs, you can easily access OBS fromweb applications. By making API calls, youcan upload and download data at anytime,anywhere, or through any Internet device.

API Reference



https://support.huaweicloud.com/intl/en-us/usermanual-obs/obs_03_0054.html


https://support.huaweicloud.com/intl/en-us/browsertg-obs/obs_03_1003.html



https://support.huaweicloud.com/intl/en-us/utiltg-obs/obs_11_0001.html


https://support.huaweicloud.com/intl/en-us/fstg-obs/obs_12_0001.html

https://developer.huaweicloud.com/intl/en-us/sdk?OBS

https://support.huaweicloud.com/intl/en-us/api-obs/en-us_topic_0031051947.html

2 Advantages

Comparison Between OBS and On-Premises Storage ServersIn this information era, it becomes increasingly difficult for conventional on-premises storage servers to deal with enterprises' explosive data growth. Table 2-1details a comprehensive comparison between OBS and on-premises storageservers.

Table 2-1 Comparison between OBS and on-premises storage servers

Item OBS On-Premises Storage Server

Storagecapacity

OBS provides storage capacityfor massive amounts of data,with data centers deployedacross the world. All servicesand storage nodes aredeployed in distributedclusters. You can expand anode or cluster separately,and the storage capacity willnever be insufficient.

Confined storage space due tolimited capacity of hardwaredevices. You need to purchaseextra disks and perform manualexpansion. The storage capacityis eventually a limitation.

Security OBS uses the HTTPS/SSLprotocol and supportsencryption for data uploads.In addition, OBS uses accesskey IDs (AKs) and secretaccess keys (SKs) toauthenticate user identities. Italso leverages IAMpermissions, bucket policies,access control lists (ACLs),and technologies such asuniform resource locator(URL) validation to ensuresecurity for data transmissionand access.

Exposes the owner and users tosecurity risks such as cyberattacks, technologicalvulnerabilities, and accidentaloperations.

Object Storage ServiceProduct Introduction 2 Advantages


Item OBS On-Premises Storage Server

Reliability OBS provides a five-levelreliability architectureensuring 99.9999999999%data durability and 99.995%service continuity, muchhigher than that of theconventional architecture.

Due to limited investment, on-premises storage servers cannotensure reliability at all levels,namely at the media, server,cabinet, data center, and regionlevels. Therefore, a fault ordisaster may easily causeirreversible data loss toenterprises.

Costs OBS is an out-of-the-boxservice, which requires zerocost for physical devices. Italso provides O&M services.You only need to pay as yougo. OBS offers tiered-pricing,meaning the more you use,the more discounts you canget.

Expensive hardware devices;long-term construction;difficulties in installation; highO&M costs. All thesedisadvantages of on-premisesstorage servers can impede thegrowth of enterprises. Inaddition, you may incurexpenditure for securityassurance.

OBS Advantages● Reliable data durability and service continuity: OBS is used by the cloud

album for Huawei mobile phones, and supports access for hundreds ofmillions of users. Cross-region replication, cross-AZ disaster recovery, intra-AZdevice and data redundancy, slow disk and bad sector detection of storagemedia, and other technologies together ensure data durability of up to99.9999999999% and service continuity of up to 99.995%, far higher than theconventional architecture.



Figure 2-1 Five-level reliability architecture

● Multi-level protection and authorization management: OBS has theTrusted Cloud Service (TRUCS) certification. The multiple data protectionmechanisms, including versioning, server-side encryption, URL validation,virtual private cloud (VPC)-based network isolation, access log audit, andfine-grained permission control, ensure persistent data security.

● Unlimited number of objects and high-level concurrency: With intelligentscheduling and response, optimized data access paths, and technologies suchas event notification, transmission acceleration, and big data verticaloptimization, you can store hundreds of billions of objects in OBS, and stillexperience smooth concurrency of hundreds of billions of tasks, ultra-highbandwidth, and low latency.



Figure 2-2 Experiences of data access to unlimited number of objects at high-level concurrency

● Easy to use and manage: OBS provides standard REST APIs, SDKs thatsupport multiple programming languages, and data migration tools to helpyou quickly move your services to the cloud. You do not need to plan storagecapacity beforehand or worry about storage capacity expansion or reduction,because storage resources are available for linear and nearly infiniteexpansion. OBS supports online upgrade and capacity expansion, which areimplemented by HUAWEI CLOUD and imperceptible to users.

● Various storage classes and flexible billing modes: OBS can be subscribedthrough pay-per-use and monthly/yearly billing modes. Data in each of theStandard, Infrequent Access, and Archive storage classes are separatelymetered and charged, significantly reducing storage costs.



3 Functions Overview

Table 3-1 lists the basic functions of OBS.

It is recommended that you get familiar with the basic concepts of OBS beforeusing OBS.

Table 3-1 OBS functions

FunctionName

Description LaunchedRegions

OBS 2.0 OBS 3.0

Storageclasses

OBS provides the followingstorage classes: Standard,Infrequent Access, andArchive, to meet differentrequirements for storageperformance and cost.

All Supported √

Bucketmanagement

Buckets are containers thatstore objects in OBS. OBSallows you to create, list,search for, view, and deletebuckets.

All Supported Supported

Objectmanagement

An object is the basic unitof data storage in the OBS.You can perform thefollowing operations onobjects: upload, download,listing, searching, sharing,resumable transfer, andmultipart operations.


Object Storage ServiceProduct Introduction 3 Functions Overview


https://support.huaweicloud.com/intl/en-us/usermanual-obs/en-us_topic_0050937852.html








FunctionName


OBS 2.0 OBS 3.0

Permissionmanagement

OBS uses IAM permissions,bucket/object policies, andACLs to implementpermission management.You can grant differentaccounts and users withdifferent accesspermissions, and configurebucket/object policies orACLs to control read andwrite permissions forbuckets and objects.


Server-SideEncryption

To enhance data security,you can encrypt data beforestoring it in OBS. OBSprovides two server-sideencryption modes: SSE-KMSand SSE-C.

All regionsexcept AP-Bangkok,LA-Santiago,CN North-Beijing4,and CNEast-Shanghai1

Supported Supported

Lifecyclemanagement

Lifecycle rules enable you tomanage object lifecycles.You can configure lifecyclerules to automaticallydelete objects at scheduledtime and automaticallytransition object storageclass at specified intervals.


Staticwebsitehosting

You can upload the contentfiles of static websites toyour bucket in OBS, grantthe read permission toanonymous users for thesefiles, and configure staticwebsite hosting for thebucket to host these files.














FunctionName


OBS 2.0 OBS 3.0

CORS CORS is a browser-standardmechanism provided by theWorld Wide WebConsortium (W3C). Itdefines the interactionmethods between a clientweb application in oneorigin and resources inanother origin. For generalweb page requests, websitescripts and contents in oneorigin cannot interact withthose in another originbecause of Same OriginPolicies (SOPs). OBSsupports CORS rules andallows resources in OBS tobe accessed across origins.


URLvalidation

OBS provides the URLvalidation to prevent linkstealing. URL validation isbased on the Refererheader field in HTTPrequests. You can alsoconfigure whitelists andblacklists to ensure accesssecurity.


Eventnotification

Notifications will be sent tothe endpoints specified inthe Simple MessageNotification (SMN) topicwhen the selected eventsoccur.

All regionsexcept LA-SaoPaulo1and LA-MexicoCity1

Supported Supported

Buckettags

Tags are used to identifyand classify OBS buckets. Ifyou add tags to a bucket,charging data records(CDRs) generated by therequests for this bucket willbe added with these tags,so that you can use thetags to classify CDRs fordetailed cost analysis.












FunctionName


OBS 2.0 OBS 3.0

User-defineddomainnames

You can bind a domainname to an OBS bucket anduse the domain name toaccess data in the bucket.For example, you can usethis function if a user needsto migrate files from awebsite to OBS and doesnot want to modify the webpage code, that is, the userdoes not want to changethe link to the website.

AP-HongKong, AP-Bangkok,AP-Singapore,and LA-Santiago

Notsupported

Supported

Cross-regionreplication

You can create a cross-region replication rule toautomatically,asynchronously replicateobjects from a sourcebucket in one region to adestination bucket inanother region, as long asboth the source anddestination buckets areunder your account.Therefore, cross-regionreplication provides thecapability for data disasterrecovery across regions,catering to your needs foroff-site data backup.

All regionsexcept LA-SanPaulo1

Notsupported

Supported

Imageprocessing

You can use the imageprocessing function toquickly process imagesstored in OBS. You canperform different imageprocessing operations,including compressing,cropping, resizing,watermarking, and formatconversion.

AP-HongKong, AP-Bangkok,and AP-Singapore

Notsupported

Supported











https://support.huaweicloud.com/intl/en-us/fg-obs/obs_01_0001.html



FunctionName


OBS 2.0 OBS 3.0

Bucketinventory

A bucket inventory ruleallows the system toperiodically scan objectsaccording to specificconfigurations, list theobjects with their properties(such as metadata, size,modification time, andstorage class in CSV files),and store the files in thespecified bucket.


Notsupported

Supported

ParallelFileSystem

Parallel File System (PFS),provided by OBS, is a high-performance file system,with access latency inmilliseconds. PFS cansupport a bandwidthperformance up to the TB/slevel millions of IOPS,suitable for processinghigh-performancecomputing (HPC)workloads. You can callstandard OBS APIs to readdata in a parallel filesystem, or use the obsfstool to mount a parallel filesystem to a Linux server inthe cloud. Managing filesand directories in a parallelfile system is just likeoperating a local filesystem.


Notsupported

Supported

Logging You can use the loggingfunction to obtain bucketaccess data. When thelogging function of abucket is enabled, OBSautomatically logs everyaccess request for thebucket, packs multiple logsinto a log file, and writes itto the specified bucket, sothat you can easily performlog analysis and audits.






https://support.huaweicloud.com/intl/en-us/pfsfg-obs/obs_13_0007.html




FunctionName


OBS 2.0 OBS 3.0

Versioning

OBS can store multipleversions of an object. Youcan quickly search for andrestore different versions orrestore data in the event ofaccidental deletions orapplication faults.


Appending objects

You can call theAppendObject API to writedata to an appendableobject in a specified bucket.An object created by callingthe AppendObject API is anappendable object, and anobject created by calling thePutObject API is a normalobject.


Notsupported

Supported

Customizingmetadata

You can add, modify, ordelete metadata ofuploaded objects.


Bucketstoragequota

You can set the bucketspace quota to limit themaximum amount of datathat can be stored in abucket. The maximum valueis 263-1, in bytes. By default,the quota of a newlycreated bucket is notlimited.


Directreading

Direct reading allowsobjects in the Archivestorage class to be directlydownloaded without beingrestored in advance. Directreading is a billablefunction.

CN North-Beijing4

Notsupported

Supported

Objectsharing

You can share a file orfolder stored in OBS with allusers by using a temporaryURL. File sharing istemporary. All shared URLsare valid temporarily.


Supported Supported





https://support.huaweicloud.com/intl/en-us/api-obs/obs_04_0088.html












FunctionName


OBS 2.0 OBS 3.0

Fragmentmanagement

You can use the fragmentmanagement function toclear fragments that maybe generated duringmultipart upload to savestorage space in a bucket.


Enterpriseproject

When creating a bucket,you can specify anenterprise project to whichthe bucket belongs, tofacilitate bucket resourceand permissionmanagement.

AP-Singapore,CN North-Beijing4

Notsupported

Supported

Bucketencryption

You can configure defaultencryption for a bucket.After a bucket is encrypted,all objects uploaded to thebucket are automaticallyencrypted.

AP-HongKong, AP-Singapore,CN East-Shanghai2, CNNorth-Beijing1,CN South-Guangzhou, AF-Johannesburg

Notsupported

Supported

Multi-AZ When creating a bucket,you can enable the multi-AZ storage, so that data willbe stored redundantly inmultiple AZs, improvingdata reliability. OBS usesErasure Code (EC)algorithm, instead ofmultiple copies, to ensuredata redundancy.

AP-Singapore,CN North-Beijing4

Notsupported

Supported

IAMagency

Through IAM agency, youcan authorize other cloudservices or HUAWEI CLOUDaccounts to manage yourOBS resources.

All Notsupported

Supported














FunctionName


OBS 2.0 OBS 3.0

Monitoring

OBS Console and Cloud Eyemonitor bucket trafficstatistics and number ofrequests. The monitoringfunction provides the latestresource usage status andenables you to planresource usage.


Audit You can use CTS to collect,store, and query eventoperation records ofbuckets and objects in OBSfor security analysis,compliance audits, resourcetracing, and fault location.


Tools OBS provides a bunch oftools, including OBSBrowser+, obsfs, andobsutil, to meet datamigration and managementrequirements in differentscenarios.


API OBS provides REST APIs.You can call these APIsusing HTTP/HTTPS requeststo create, modify, anddelete buckets and upload,download, and deleteobjects.


SDK OBS provides SDKs inmultiple programminglanguages, facilitatingsecondary development.The supported languagesare: Java, Python, C, Go,BrowserJS, .NET, Android,iOS, PHP, and Node.js







https://support.huaweicloud.com/intl/en-us/tg-obs/obs_09_0001.html

https://support.huaweicloud.com/intl/en-us/api-obs/en-us_topic_0031051947.html

https://support.huaweicloud.com/intl/en-us/sdkreference-obs/obs_02_0001.html

4 Restrictions

This section describes use restrictions of OBS features.

Table 4-1 OBS use restrictions

Restriction Item Description

Resourcepackages

● A resource package can be used only in the specifiedregion and cannot be shared across regions. So select anappropriate region when purchasing a resource package.

● OBS provides resource packages only for some billingitems. For other billing items, the pay-per-use billingmode applies. For details, see Billing.

● Any resource usage beyond your package quotas in thecurrent month is billed in the pay-per-use mode. A newlypurchased resource package cannot cover the alreadygenerated resource usage.

● A storage package must be consistent with your bucket'sdata redundancy policy (single-AZ storage or multi-AZstorage) and storage class (Standard, Infrequent Access,or Archive). Otherwise, the pay-per-use billing modeapplies..

● Resources in archive storage packages and internetoutbound traffic packages can be shared by parallel filesystems and object storage buckets. Specifically, if youhave an internet outbound traffic package, it can coverthe internet outbound traffic generated by both of yourparallel file systems and object storage buckets, as longas the usage is within the package quota.

Object Storage ServiceProduct Introduction 4 Restrictions



Access rules Based on the DNS resolution performance and reliability,OBS requires that the bucket name must be placed in frontof the domain when a request carrying a bucket name isconstructed to form a third-level domain name, or virtualhosting access domain name.For example, you have a bucket named test-bucket in thecn-north-4 region, and you want to access the ACL of anobject named test-object in the bucket. The correct URL ishttps://test-bucket.obs.cn-north-4.myhuaweicloud.com/test-object?acl.

Bucket ● On OBS, each bucket name must be unique and cannotbe changed.

● After a bucket is created, its bucket name, region, anddata redundancy storage policy cannot be changed.

● An account (including all IAM users under the account)can create a maximum of 100 buckets. You can leveragethe fine-grained permission control capability of OBS toproperly plan and use buckets. For example, you cancreate folders in a bucket based on object prefixes anduse fine-grained permission control to implementpermission isolation between departments.

● By default, neither the entire OBS system nor any singlebucket has limitations on storage capacity or the numberof objects that can be stored.

● A bucket can be deleted only after all objects in thebucket have been deleted.



https://support.huaweicloud.com/intl/en-us/perms-cfg-obs/obs_40_0023.html


Uploadingobjects

● OBS Console supports uploading files in a batch. Amaximum of 100 files can be uploaded in a batch withthe total size of no more than 5 GB. If you upload onlyone file using the batch upload mode, the maximum sizeof the file is 5 GB.

● If you upload an object through OBS Browser+, obsutil, orusing the API and SDK, the maximum size of the object is48.8 TB.

● The batch upload function is available only when thefollowing conditions are met:1. The region where the bucket resides supports batch

upload. Currently, the following regions support batchupload: AP–Hong Kong, AP–Bangkok, and AP–Singapore.

2. The bucket version must be 3.0.● If versioning is disabled and the name of a newly

uploaded file is the same as that of a file in the bucket,the newly uploaded file automatically overwrites theexisting file and does not retain the ACL information ofthe existing file. If the name of the newly uploaded folderis the same as that of a folder in the bucket, the twofolders will be merged, and files in the new folder willoverwrite the same-name files in the old folder.

● If versioning is enabled and the name of a newlyuploaded file is the same as that of a file in the bucket, anew version is added to the existing file.

Bucket Policy There is no limit on the number of bucket policies(statements) for a bucket. However, the total size of JSONdescriptions of all bucket policies in a bucket cannot exceed20 KB.

ACL ● A bucket ACL supports a maximum of 100 permissiongrants.

● An object ACL supports a maximum of 100 permissiongrants.




Restoring objectsfrom Archivestorage

● If an Archive object is being restored, you cannot suspendor delete the restoration task.

● You cannot re-restore an object that is in the Restoringstate.

● After an object is restored, a copy of the object isgenerated and saved in the Standard storage class. In thisway, the object in the Archive storage class and its copy inthe Standard storage class co-exist in the bucket. Duringthe restoration validity period, you will be charged for thestorage space taken by both the object in the Archivestorage and its copy in the Standard storage. The copywill be automatically deleted upon expiration of itsvalidity period.

Deleting objects If versioning is not enabled for a bucket, deleted objectscannot be recovered. Exercise caution when performing thisoperation.

Parallel FileSystem

For details, see the Parallel File System Feature Guide.

Image processing For details, see the Image Processing Feature Guide.

Cross-regionreplication

For details, see Cross-Region Replication Overview

User-defineddomain namebinding

● Only buckets whose version is 3.0 support user-defineddomain name binding.

● A maximum of 20 user-defined domain names can bebound to each bucket.

● Currently, user domain names bound to OBS only allowaccess requests over HTTP.If you want to use a user domain name to access OBSover HTTPS, you need to enable CDN to manage HTTPScertificates.For details about how to manage HTTPS certificates onthe CDN management console, see HTTPS Settings.

● A user-defined domain name can be bound to only onebucket.

Bucket inventory For details, see Bucket Inventory Overview.






https://support.huaweicloud.com/intl/en-us/usermanual-cdn/en-us_topic_0064907771.html


5 Billing

This section describes the OBS billing items and billing modes. For informationabout Parallel File System (PFS) billing, see Product Pricing Details.

Billing ItemsFigure 5-1 lists OBS billing items. For details about each billing item, see Table5-1.

Figure 5-1 OBS billing items

Object Storage ServiceProduct Introduction 5 Billing


https://www.huaweicloud.com/intl/en-us/pricing/index.html?tab=detail#/obs

Table 5-1 OBS billing

Category Billing Item Description PaymentOptions

Storage space Standardstorage class

The space occupied by data inthe Standard storage class,using single- or multi-AZdeployment. For details, seeUnderstand the DifferencesBetween the Single-AZ Modeand Multi-AZ Mode in OBS● Storage duration: You are

billed based on the actualstorage duration.

● Minimum storage size: 64KB. If a stored object issmaller than 64 KB, you arebilled for 64 KB of storage.If the object is larger than64 KB, the storage space ischarged based on its actualsize.

Pay-per-useYearly/Monthly

InfrequentAccessstorage class

The space occupied by data inthe Infrequent Access storageclass, using single- or multi-AZdeployment. For details, seeUnderstand the DifferencesBetween the Single-AZ Modeand Multi-AZ Mode in OBS● Minimum storage duration:

30 days. For objects storedover 30 days, you are billedbased on the actual storageduration. If objects aredeleted or transitioned toother storage classes beforethey have been stored forthis minimum period, youwill still be charged for thefull period of 30 days.


Pay-per-use










Archivestorage class

The space occupied by data inthe Archive storage class.● Minimum storage duration:

90 days. For objects storedover 90 days, you are billedbased on the actual storageduration. If objects aredeleted or transitioned toother storage classes beforethey have been stored forthis minimum period, youwill still be charged for thefull period of 90 days.


Pay-per-use

Requests All types ofrequests

The number of OBS API calls,including PUT, POST, COPY,LIST, GET, and HEAD requestsHow Are Requests Counted?

Pay-per-use

Data traffic Inboundtraffic overintranet/internet

The amount of datatransferred over a networkconnection to OBS.

Free

Outboundtraffic overintranet

The amount of datatransferred from OBS to ECSs,CCEs, and BMSs in the sameregion over HUAWEI CLOUD'sintranet.You need to configurenetwork settings before youcan access OBS over theintranet of a given region. Fordetails, see Accessing OBSover Intranet.

Free

Outboundtraffic overthe internet

The amount of datadownloaded from OBS overthe internet





https://support.huaweicloud.com/intl/en-us/bestpractice-obs/obs_05_0410.html



Cross-regionreplicationtraffic

The amount of datatransferred from a sourcebucket to a destination bucketusing cross-region replication

Pay-per-use

Pull traffic The amount of datadownloaded by CDN fromOBS 3.0 buckets(Downloading data from OBS2.0 buckets consumes theinternet outbound traffic,which can be offset by yourquota of internet outboundtraffic packages.)





Datarestoration

The amountof datarestored

● Reading an object stored inthe Infrequent Accessstorage class will incur datarestoration charges basedon the size of the object.

● Reading an object stored inthe Archive storage classwill incur data restorationcharges based on the sizeof the object and therestoration speed.

You are billed for datarestoration regardless ofwhether the object is readover an intranet or internetconnection. If you use aninternet connection, you willalso be charged for theamount of data that is read.When an archived object isrestored, a copy of the objectis generated and stored in theStandard storage class. For thelength of the retention periodof the restored object, you willbe charged for the storagespace occupied by the objectand its copy. When theretention period expires, therestored copy of the archivedobject will be automaticallydeleted. The storage fee forthe object copy in thestandard storage class withinthe entire validity period willbe charged when the objectcopy is restored.Restoring data from theInfrequent Access storageclass or direct reading of datain the Archive storage classdoes not generate copies ofobjects, so you will not bebilled for additional storagespace.After direct reading is enabled,downloading and copying

Pay-per-use




Archive objects will consumedata read traffic.

Dataprocessing

Imageprocessing

The size of the processedimage

Pay-per-use

Billing ModesOBS provides two billing modes: pay-per-use and yearly/monthly. Pay-per-use isrecommended if you are unsure of your future service needs and want to avoidpaying for unused resources. However, if you are sure of your needs, yearly/monthly will be less expensive.

● Pay-per-usePay-per-use billing is the default setting for OBS. With this billing mode, yourservice account is only billed for the time (hours) when resources are actuallyused. There is no minimum billing threshold.The system collects usage statistics every hour and generates CDRs based onthe actual usage of the previous hour. For example, a CDR generated at 19:30usually records the cost from 18:00 to 19:00 or from 17:00 to 18:00 due topossible delays.Cost calculation formula: Cost = Actual resource usage x Resource unitpriceThe minimum settlement duration is an hour regardless of when objects areuploaded. Specifically, if an object is uploaded between 18:00 and 19:00, thebilled storage duration is the entire hour between 18:00 and 19:00.Example: The unit price of Standard storage (single AZ) is US $0.0230/GB permonth and there are 100,000 GB Standard storage objects in a bucket. In thiscase, the cost of Standard storage (single AZ) for an settlement hour is: US$0.0230/GB per month × 100,000 GB × (1/24/30) month = US $3.19.For details about pay-per-use pricing, see Product Pricing Details. You canuse the Price Calculator to quickly calculate an estimated price for theresources that you select.

● Yearly/MonthlyYou can also purchase a yearly/monthly resource package for a better priceand a free quota of OBS API read and write calls. However, if your usageexceeds the package quota, subsequently used resources will be charged on apay-per-use basis.Table 5-2 lists the resource packages provided for OBS. For details aboutpricing of resource packages, see Product Pricing Details. You can use thePrice Calculator to quickly calculate an estimated price for the resources thatyou select.




https://www.huaweicloud.com/intl/en-us/pricing/index.html#/obs


https://www.huaweicloud.com/intl/en-us/pricing/index.html#/obs

Table 5-2 Yearly/Monthly resource packages

ResourcePackage

Description Use Restrictions

Standardstorage(single-AZ)

Provides storage for datastored in the Standardstorage class.

Applies only to data storedin the Standard storage class(single-AZ) and in the regionyou specified for thepurchased package.

Standardstorage(multi-AZ)

Provides storage for datastored in the Standardstorage class.

Applies only to data storedin the Standard storage class(multi-AZ) and in the regionyou specified for thepurchased package.

Internetoutboundtraffic

Provides network trafficvolumes for data transferredfrom OBS to local devicesover the internet.

Applies to single-AZ andmulti-AZ buckets in theregion that you specified forthe purchased package.

Pull traffic Provides network trafficvolumes for data transferredby CDN from OBS buckets,when OBS buckets are usedas origin sites of CDN.

Applies only to datatransferred from OBS 3.0buckets (including single-and multi-AZ buckets) in theregion that you specified forthe purchased package.Scenarios when a pull datapackage can be used:● A user domain name is

bound to a bucketthrough OBS Console.

● An acceleration domainname is added throughthe CDN Console and itsorigin server is set to anOBS bucket domainname.

Changing Billing ModePay-per-use billing is the default setting for OBS. You can also purchase yearly/monthly packages, which provide resource quotas in the regions that you specifiedfor the purchased packages. If the actual usage exceeds your package quota, youwill be billed for subsequently used resources on a pay-per-use basis.

ExpirationAfter a yearly/monthly package expires, you will be billed for subsequently usedresources on a pay-per-use basis. Expiration time is not applicable to pay-per-usebilling. You can use OBS resources as long as your account balance is sufficient.



RenewalYou can renew a resource package upon its expiration, or you can set auto-renewal rules for a resource package. For more information about renewingresource packages, see Renewal Management.

Overdue PaymentPossible causes of overdue payment:

● The resource usage exceeds the quota of your resource package, and youraccount balance is insufficient to pay for the subsequently used resources onthe pay-per-use basis.

● Your account balance is insufficient to pay for the used resources on the pay-per-use basis, and you do not have any resource packages either.

Service status and operation restrictions when an account is in arrears:

If an account is in arrears, a retention period is provided according to thecustomer tier of the account. During the retention period, your data stored in OBSwill be retained, but you cannot access or use OBS. If the outstanding payment isnot cleared before the retention period expires, data stored in OBS will be deletedand cannot be recovered.

For details about the retention period, see Retention Period

FAQFor more questions about OBS billing, see OBS FAQs.



https://support.huaweicloud.com/intl/en-us/usermanual-billing/renewals_topic_10000000.html

https://support.huaweicloud.com/intl/en-us/usermanual-billing/en-us_topic_0083039587.html

https://support.huaweicloud.com/intl/en-us/obs_faq/obs_03_0101.html

6 Permissions Management

If you have OBS resources purchased on HUAWEI CLOUD and you need to grantdifferent access permissions to different user roles, you can leverage the Identityand Access Management (IAM) service for fine-grained permission control. IAMprovides identity authentication, permissions management, and access control,helping you provide secure access to your cloud resources.

With IAM, you can use your HUAWEI CLOUD account to create IAM users, andassign permissions to the users to control their access to specific resources onHUAWEI CLOUD. For example, if you have software developers and you want togrant them the permission to only access OBS but not delete OBS resources, youcan create an IAM policy that only grants the developers the permission to accessOBS.

If your HUAWEI CLOUD service account does not have individual IAM users, pleaseskip this section.

IAM is offered for free, and you pay only for the billable resources in your account.For more information about IAM, see What Is IAM?

OBS PermissionsBy default, new IAM users do not have permissions assigned. You need to add auser to one or more groups, and attach permissions policies or roles to thesegroups. Users inherit permissions from the groups to which they are added andcan perform specified operations on cloud services based on the permissions.

OBS is a global service because it is available for all physical regions. OBSpermissions are assigned to users in the Global project, and users do not need toswitch the region when accessing OBS.

You can grant users permissions by using roles and policies.

● Roles: A type of coarse-grained authorization mechanism that definespermissions related to user responsibilities. This mechanism provides only alimited number of service-level roles for authorization. When using roles togrant permissions, you need to also assign other roles on which thepermissions depend to take effect. However, roles are not an ideal choice forfine-grained authorization and secure access control.

● Policies: A type of fine-grained authorization mechanism that definespermissions required to perform operations on specific cloud resources under

Object Storage ServiceProduct Introduction 6 Permissions Management


https://support.huaweicloud.com/intl/en-us/productdesc-iam/iam_01_0026.html

certain conditions. This mechanism allows for more flexible policy-basedauthorization, meeting requirements for secure access control. For example,you can grant OBS users only the permissions for managing a certain type ofOBS resources. Most policies define permissions based on APIs. For the APIactions supported by OBS, see IAM Policies and Supported Actions.

NO TE

Due to data caching, a role and policy involving OBS actions will take effect 10 to 15minutes after it is attached to a user, an enterprise project, and user group.

Table 6-1 lists all system permissions of OBS.

Table 6-1 OBS system permissions

Role/PolicyName

Description Type Dependency

TenantAdministrator

Users with this permission can performall operations on all services exceptIAM.

System-definedrole

None

Tenant Guest Users with this permission can performread-only operations on all servicesexcept IAM.

System-definedrole

None

OBSAdministrator

Users with this permission is an OBSadministrator and can perform anyoperations on all OBS resources underthe account.

System-definedpolicy

None

OBS BucketsViewer

Users with this permission can listbuckets, obtain basic bucketinformation, and obtain bucketmetadata.

System-definedrole

None

OBSReadOnlyAccess

Users with this permission can listbuckets, obtain basic bucketinformation, obtain bucket metadata,and list objects.


None

OBSOperateAccess

Users with this permission can performall OBS ReadOnlyAccess operationsand perform basic object operations,such as uploading objects,downloading objects, deleting objects,and obtaining object ACLs.


None

Table 6-2 lists the common operations supported by each system-defined policyor role of OBS. Select the policies or roles as required.




Table 6-2 Permissions and the allowed operations on OBS resources

Operation

TenantAdministrator

TenantGuest

OBSAdministrator

OBSBucketsViewer

OBSReadOnlyAccess

OBSOperateAccess

Listingbuckets

Yes Yes Yes Yes Yes Yes

Creatingbuckets

Yes No Yes No No No

Deletingbuckets

Yes No Yes No No No

Obtaining basicbucketinformation

Yes Yes Yes Yes Yes Yes

Controllingbucketaccess

Yes No Yes No No No

Managing bucketpolicies

Yes No Yes No No No

Modifying bucketstorageclasses

Yes No Yes No No No

Listingobjects

Yes Yes Yes No Yes Yes

Listingobjectswithmultipleversions

Yes Yes Yes No No No

Uploading files

Yes No Yes No No Yes

Creatingfolders


Deletingfiles


Deletingfolders




Operation

TenantAdministrator

TenantGuest

OBSAdministrator

OBSBucketsViewer

OBSReadOnlyAccess

OBSOperateAccess

Downloading files

Yes Yes Yes No No Yes

Deletingfiles withmultipleversions


Downloading fileswithmultipleversions


Modifying objectstorageclasses

Yes No Yes No No No

Restoringfiles

Yes No Yes No No No

Canceling thedeletionof files


Deletingfragments


Controlling objectaccess

Yes No Yes No No No

Configuring objectmetadata

Yes No Yes No No No

Obtaining objectmetadata


Managingversioning

Yes No Yes No No No

Managing logging

Yes No Yes No No No



Operation

TenantAdministrator

TenantGuest

OBSAdministrator

OBSBucketsViewer

OBSReadOnlyAccess

OBSOperateAccess

Managing eventnotifications

Yes No Yes No No No

Managing tags

Yes No Yes No No No

Managinglifecyclerules

Yes No Yes No No No

Managing staticwebsitehosting

Yes No Yes No No No

Managing CORSrules

Yes No Yes No No No

Managing URLvalidation

Yes No Yes No No No

Managing domainnames

Yes No Yes No No No

Managing cross-regionreplication

Yes No Yes No No No

Managing imageprocessing

Yes No Yes No No No

Appending objects


Configuring objectACL

Yes No Yes No No No



Operation

TenantAdministrator

TenantGuest

OBSAdministrator

OBSBucketsViewer

OBSReadOnlyAccess

OBSOperateAccess

Configuring theACL foran objectof aspecifiedversion

Yes No Yes No No No

Obtaining objectACLinformation


Obtaining theACLinformation of aspecifiedobjectversion


Uploading in themultipartmode


Listinguploadedparts


Cancelingmultiparttasks


Managing OBS Resource Permissions

Access to OBS buckets and objects can be controlled by IAM user permissions,bucket policies, and ACLs.

For more information, see Permission Control.

References● What Is IAM?

● IAM Basic Concepts






● Creating an IAM User and Granting the User the Access Permissions toOBS Resources

● IAM Policies and Supported Actions






7 Related Services

Table 7-1 Related services

Interactive Function Related Service Reference

Migrate data to OBS usingthe related services.

Direct Connect (DC) MigratingLocal Data tothe OBSThroughDirectConnect

Access OBS from ECS overthe intranet of HUAWEICLOUD.

Elastic Cloud Server (ECS) Accessing OBSover Intranet

IAM provides the followingfunctions:● User identity

authentication● IAM user permission

control● IAM agency

configuration

Identity and AccessManagement (IAM)

PermissionsManagementConfiguringUserPermissions

Cloud Eye monitors OBSbuckets, to collect statisticsabout the upload traffic,download traffic, number ofGET and PUT requests, theaverage TTFB of GETrequests, and the number of4xx and 5xx errors.

Cloud Eye OBSMonitoringMetrics onCloud Eye

CTS collects records ofoperations on OBSresources, facilitatingquerying, audits, andbacktracking.

Cloud Trace Service (CTS) Cloud TraceService

Object Storage ServiceProduct Introduction 7 Related Services










https://support.huaweicloud.com/intl/en-us/productdesc-obs/obs_03_0045.html

https://support.huaweicloud.com/intl/en-us/productdesc-obs/obs_03_0045.html










Interactive Function Related Service Reference

SMN sends OBS relatedalarms and eventnotifications, and triggersworkflows.

Simple Message Notification(SMN)

EventNotification

Tags are used to label andclassify buckets in OBS.

Tag Management Service (TMS) Tags

KMS encrypts files uploadedto the OBS.

Data Encryption Workshop(DEW)

Server-SideEncryption

CDN accelerates thecustomized domain namesbound to OBS buckets.

Content Delivery Network(CDN)

User-DefinedDomainName Binding

DNS resolves domainnames configured for staticwebsite hosting in OBS.

Domain Name Service (DNS) Using a User-DefinedDomainName to Hosta StaticWebsiteUser-DefinedDomainName Binding

OBS can be used as the storage resource pool for other cloud services such asImage Management Service (IMS) and Cloud Trace Service (CTS).

Object Storage ServiceProduct Introduction 7 Related Services



















8 Basic Concepts

8.1 ObjectsObjects are basic units stored in OBS. It contains both data and the metadata thatdescribes data properties. Data uploaded to OBS is stored in buckets as objects.

An object consists of data, metadata, and a key.

● A key specifies the name of an object. An object key is a UTF-8 string rangingfrom 1 to 1024 characters. Each object is uniquely identified by a key within abucket.

● Metadata: Metadata describes an object, and is classified into systemmetadata and custom metadata. The metadata is a set of key-value pairs thatare assigned to the object stored in OBS.

– System metadata is automatically assigned by OBS for managing theobject. System metadata includes Date, Content-Length, Last-Modified,Content-MD5, and more.

– You can specify custom metadata to describe the object when you uploadthe object to OBS.

● Data: refers to the content that the object contains.

Generally, objects are managed as files. However, OBS is an object-based storageservice and there is no concept of files and folders. For easy data management,OBS provides a method to simulate folders. By adding a slash (/) to an objectname, for example, test/123.jpg, you can specify test as a folder and 123.jpg asthe name of a file in the test folder. The key of the object is test/123.jpg.

When uploading an object, you can set a storage class for the object. If no storageclass is specified, the object is stored in the same storage class as the bucket inwhich it resides. You can also change the storage class of an existing object in abucket.

On OBS Console or OBS clients, you can use folders the same way as they areused in a file system.

For details about how to operate an object, see Managing Objects.

Object Storage ServiceProduct Introduction 8 Basic Concepts



8.2 BucketsBuckets are containers for storing objects. OBS provides flat storage in the form ofbuckets and objects. Unlike the conventional multi-layer directory structure of filesystems, all objects in a bucket are stored at the same logical layer.

Each bucket has its own attributes, such as access permissions, storage class, andthe region. You can specify access permissions, storage class, and regions whencreating buckets. You can also configure advanced attributes to meet storagerequirements in different scenarios.

OBS provides the following storage classes for buckets: Standard, InfrequentAccess, and Archive. With diversified storage classes, OBS caters to both storageperformance and cost requirements. When creating a bucket, you can set astorage class for the bucket, which can be modified later.

Each bucket name in OBS is globally unique and cannot be changed after thebucket has been created. The region where a bucket resides cannot be changedonce the bucket is created. When a bucket is created, its ACL is generated bydefault. The ACL is used to grant resource permissions to users. Only authorizedusers can perform operations such as creating, deleting, viewing, and configuringbuckets.

An account (including all IAM users under the account) can create a maximum of100 buckets. However, there is no restriction on the number and total size ofobjects in a bucket.

OBS adopts the REST architectural style, and is based on HTTP and HTTPS. Youcan use URLs to locate resources.

Figure 8-1 illustrates the relationship between buckets and objects in OBS.

Figure 8-1 Relationship between objects and buckets

For details about bucket operations, see Managing Buckets.




8.3 Parallel File SystemParallel File System (PFS), a sub-product of OBS, is a high-performance filesystem, with access latency in milliseconds. PFS can support a bandwidthperformance up to the TB/s level and supports millions of IOPS, which makes itideal for processing high-performance computing (HPC) workloads.

It also supports data read and write through obsfs, a PFS client that supportsPOSIX. obsfs can be deployed on an ECS, and then you can use the obsfs to mounta parallel file system to the Linux OS running on the ECS. The mounted parallelfile system functions as a local file system. You can manage the mounted parallelfile system online, including creating, deleting, renaming files and folders, as wellas modifying files.

For details about PFS, see the Parallel File System Feature Guide.

8.4 Access Keys (AK/SK)OBS supports AK/SK authentication. The AK/SK encryption method is used toauthenticate a request sender. When you use OBS APIs for secondary developmentand use the AK and SK for authentication, the signature must be computed basedon the algorithm defined by OBS and added to the request.

OBS supports authentication using a permanent AK/SK pair, or using a temporaryAK/SK pair and a security token.

Permanent AK/SK Pair

You can create a pair of permanent AK and SK on the My Credentials page.

● Access key ID (AK): indicates the ID of the access key. It is the unique IDassociated with the SK. The AK and SK are used together to obtain anencrypted signature for a request.

● Secret access key (SK): indicates the private key used together with itsassociated AK to cryptographically sign requests. The AK and SK are usedtogether to identify a request sender to prevent the request from beingmodified.

Temporary AK/SK Pair

A temporary AK/SK pair and the security token are temporary access tokensgranted by the system to users. The validity period of the tokens ranges from 15minutes to 24 hours. After the tokens expire, you need to obtain the tokens again.A temporary AK/SK pair and the security token comply with the least privilegeprinciple and can only be used to temporarily access OBS. A 403 error will bereturned if the security token is not available.

● Temporary AK: indicates the ID of a temporary access key. It is the unique IDassociated with the SK. The AK and SK are used together to obtain anencrypted signature for a request.

● Temporary SK: indicates the temporary private key used together with itsassociated temporary AK. The AK and SK are used together to identify arequest sender to prevent the request from being modified.




● Security token: indicates the token used together with the temporary AK andSK to access all resources of a specified account.

When using the following tools to access OBS resources, you need to use theAK/SK pair for security authentication.

Table 8-1 OBS resource management tools

Tool AK/SK Configuration

OBS Browser+ Configure the AK and SK when configuring the loginaccount. For details, see Creating an Account.

obsutil Configure the AK and SK when initializing the configuration.For details, see Performing Initial Configuration.

SDK Configure the AK and SK in the initialization phase. Fordetails, see the SDK Reference.

API Add the AK/SK pair to the request when computing thesignature. For details, see User Signature Authentication.

ReferencesFor details about how to obtain a permanent AK/SK pair, see Creating AccessKeys (AKs and SKs).

For details about how to obtain a temporary AK/SK pair and security token, seeObtaining Temporary AK/SK.

8.5 Endpoints and Domain NamesEndpoint: OBS provides an endpoint for each region. An endpoint is a domainname to access OBS in a region and is used to process access requests of thatregion. For details about regions and endpoints, see Regions and Endpoints.

Bucket domain name: Each bucket in OBS has a domain name. A domain nameis the Internet address of a bucket and can be used to access the bucket over theInternet. It is applicable to cloud application development and data sharingscenarios.

An OBS bucket domain name is in the format of BucketName.Endpoint, whereBucketName indicates the name of the bucket, and Endpoint indicates the domainname of the region where the bucket is located.

Table 8-2 lists the bucket domain name and other domain names in OBS,including their formats and protocols.





https://developer.huaweicloud.com/intl/en-us/sdk?OBS


https://support.huaweicloud.com/intl/en-us/clientogw-obs/obs_03_0405.html

https://support.huaweicloud.com/intl/en-us/clientogw-obs/obs_03_0405.html

https://support.huaweicloud.com/intl/en-us/api-iam/iam_04_0002.html

https://developer.huaweicloud.com/intl/en-us/endpoint

Table 8-2 OBS domain names

Type Structure Description Protocol

Regionaldomainname

[Structure]Endpoint[Example]obs.cn-north-4.myhuaweicloud.com

Each region has an endpoint,which is the domain name ofthe region.For regions and endpoints, seeRegions and Endpoints.

HTTPSHTTP

Bucketdomainname

[Structure]BucketName.Endpoint[Example]bucketname.obs.cn-north-4.myhuaweicloud.com

After a bucket is created, youcan use the domain name toaccess the bucket. You cancompose the domain nameaccording to the structure ofbucket domain names, or youcan obtain it from basicinformation of the bucket onOBS Console or OBS Browser+.

HTTPSHTTP

Objectdomainname

[Structure]BucketName.Endpoint/ObjectName[Example]bucketname.obs.cn-north-4.myhuaweicloud.com/object.txt

After an object is uploaded toa bucket, you can use theobject domain name to accessthe object. You can composethe domain name according tothe structure of object domainnames, or you can obtain itfrom the object details on OBSConsole or OBS Browser+.Alternatively, you can call theGetObjectUrl API through theSDK to obtain the objectdomain name.

HTTPSHTTP

Staticwebsitedomainname

[Structure]BucketName.obs-website.Endpoint[Example]bucketname.obs-website.cn-north-4.myhuaweicloud.com

A static website domain nameis a bucket domain namewhen the bucket is configuredto host a static website.

HTTPSHTTP

Userdomainname

A licensed domain name You can bind a user domainname to a bucket so that youcan access the bucket throughthe user domain name.

HTTP




8.6 Region and AZ

Concept

A region and availability zone (AZ) identify the location of a data center. You cancreate resources in a specific region and AZ.

● Regions are classified based on geographical location and network latency.Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service(EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP(EIP), and Image Management Service (IMS), are shared within the sameregion. Regions are classified as universal regions and dedicated regions. Auniversal region provides universal cloud services for common tenants. Adedicated region provides services of the same type or only provides servicesfor specific tenants.

● An AZ contains one or more physical data centers. Each AZ has independentcooling, fire extinguishing, moisture-proofing, and electricity facilities. Withinan AZ, computing, network, storage, and other resources are logically dividedinto multiple clusters. AZs within a region are interconnected using high-speed optical fibers to allow you to build cross-AZ high-availability systems.

Figure 8-2 shows the relationship between the regions and AZs.

Figure 8-2 Regions and AZs

HUAWEI CLOUD provides services in many regions around the world. You canselect a region and AZ according to your requirement. For more information, seeHUAWEI CLOUD Global Regions.

How to Select a Region?

When selecting a region, consider the following factors:

● LocationYou are advised to select a region close to you or your target users. Thisreduces network latency and improves access speed. However, Chinesemainland regions provide the same infrastructure, BGP network quality, aswell as resource operations and configurations. Therefore, if you or your



https://www.huaweicloud.com/intl/en-us/global/

target users are in the Chinese mainland, you do not need to consider thenetwork latency differences when selecting a region.– If you or your target users are in the Asia Pacific area (excluding the

Chinese mainland), select the AP-Hong Kong, AP-Bangkok, or AP-Singapore region.

– If you or your target users are in Africa, select the AF-Johannesburgregion.

– If you or your target users are in Europe, select the EU-Paris region.● Resource price

Resource prices may vary in different regions. For details, see Product PricingDetails.

How to Select an AZ?When determining whether to deploy resources in the same AZ, consider yourapplications' requirements for disaster recovery (DR) and network latency.

● For high DR capability, deploy resources in different AZs in the same region.● For low network latency, deploy resources in the same AZ.

Regions and EndpointsBefore using an API to call resources, specify its region and endpoint. For detailsabout HUAWEI CLOUD regions and endpoints, see Regions and Endpoints.






9 Change History

ReleaseDate

What's New

2020-10-13 This issue is the fifteenth official release.This issue incorporates the following change:● Added section "Restrictions."

2020-03-31 This issue is the fourteenth official release.This issue incorporates the following change:● Added the "Billing" section.

2020-01-20 This issue is the thirteenth official release.This issue incorporates the following changes:● Updated the "Permissions Management" section.

2019-11-22 This issue is the twelfth official release.This issue incorporates the following change:● Added descriptions about the parallel file system.

2019-10-17 This issue is the eleventh official release.This issue incorporates the following changes:● Added content to the following sections: "About Object

Storage Service", "Advantages", and "Application Scenarios".● Added the section "Functions Overview".● Added the endpoint and domain name concepts to the section

"Basic Concepts".

2019-08-15 This issue is the tenth official release.This issue incorporates the following changes:● Added the concepts of region and AZ.

Object Storage ServiceProduct Introduction 9 Change History


ReleaseDate

What's New

2019-05-22 This issue is the ninth official release.This issue incorporates the following changes:● Updated the description about permission control.

2019-02-22 This issue is the eighth official release.This issue incorporates the following changes:● Updated the description about user permissions.

2018-11-30 This issue is the seventh official release.This issue incorporates the following changes:● Updated the section "Related Services".● Updated the section "Documentation Guide".

2018-10-31 This issue is the sixth official release.This issue incorporates the following changes:● Updated the description about user permissions.● Added the description about methods to access OBS.● Updated the application scenarios of OBS.

2018-08-13 This issue is the fifth official release.This issue incorporates the following changes:● Added the tag function.● Added the cloud trace function.

2018-06-08 This issue is the fourth official release.This issue incorporates the following changes:● Added the session of "Cloud Eye Monitoring Metrics".

2018-03-20 This issue is the third official release.This issue incorporates the following changes:● Added object storage classes.● Added the functions of changing bucket and object storage

classes.

2018-01-19 This issue is the second official release.This issue incorporates the following changes:● Added the section "Accessing OBS with Domain Names".● Added the section "Time Difference Is Longer Than 15

Minutes Between the Client and the Server".● Added error codes.● Updated the method to obtain AK/SK, account ID, and user ID.● Updated the description about the ACL.

2017-12-31 This issue is the first official release.

Object Storage ServiceProduct Introduction 9 Change History


product introduction · you to manage obs locally and easily. obs browser+ tool guide obsutil...

Documents