Concepts
Diese Seite ist noch nicht in deiner Sprache verfügbar. Englische Seite aufrufen
Buckets
Section titled “Buckets”A bucket is a logical container for storing objects in it. Everything you like to store on object storage needs to be stored within a bucket. You can have one or more buckets depending on your needs. Buckets can be used to organize the data like a folder on a file system. But in contrast to a folder on a filesystem, buckets cannot be nested. Bucket policies can be used to limit or grant access on the bucket. Buckets are region specific and distribute data across all data centers (known as Availability Zones) of the region. Bucket names must be unique for the selected region.
For more infos about Buckets operations, see Buckets operation overview.
Objects
Section titled “Objects”Objects are the fundamental entities that get stored inside a bucket. It consists out of three parts:
- Key: The key identifies the object is a UTF-8 string. It is unique within a bucket.
- Metadata: Additional information that describes the object. Consists out of key-value pairs.
- Data: refers to the actual data, that is stored in the object.
Our Object Storage has per default the following consistency pattern for metadata: Read-after-new-write: Provides read-after-write consistency for new objects and eventual consistency for object updates.
Object Prefixes
Section titled “Object Prefixes”As buckets cannot be nested in order to organize the objects within a bucket you can use object prefixes to organize the objects within a bucket.
For example you can choose ”/” as a delimiter and store objects with different prefixes on a bucket.
E.g. storing pictures with the year as a prefix on a bucket named test-bucket would look like:
2019/picture1
2019/picture2
2020/picture3
This prefix and choosed delimiter ”/” can then be used on further queries like listing and operations in order to retrieve only those objects which are using a specific prefix.
For more infos about Objects operations, see Buckets operation overview.
Security
Section titled “Security”Your data is encrypted at rest using AES256 by default. But you can also use customer provided keys for encryption (SSE-C).
Credentials
Section titled “Credentials”The Object Storage Service use a combination of access key and secret key for authentication and authorization.
Credentials are configured on a per portal project basis. This means that everyone who has access to a portal project can create credentials to access all data associated with this project on the object storage.
If you need to separate the access to the data on the object storage for different users you would need to create multiple projects.
Credentials can be created either through the Portal or through the Object Storage API.
Endpoints, Domains and URL’s
STACKIT provides dedicated endpoints for each Region.
| Region: | Purpose: | Endpoint URL: |
|---|---|---|
| EU01 | Public | https://object.storage.eu01.onstackit.cloud |
| EU02 | Public | https://object.storage.eu02.onstackit.cloud |
NOTE: All STACKIT endpoints support TLS 1.3 encryption.
The Object Storage service supports both, Virtual Hosted and Path Style to address Objects. To understand what [bucket_name] and [key_name] stands for please read abouts Objects.
| Virtual Hosted Style | https://[bucket_name].object.storage.eu01.onstackit.cloud/[key_name] |
|---|---|
| Path Style | https://object.storage.eu01.onstackit.cloud/[bucket_name]/[key_name] |