Help Center/ Object Storage Service/ User Guide/
Updated on 2025-03-12 GMT+08:00
View PDF
Share

Creating a Bucket

You can use OBS Console, SDKs, OBS Browser+, obsutil, or APIs to create a bucket. A bucket is a container that stores objects in OBS. Before you can store data in OBS, you must create a bucket.

Prerequisites

To create a bucket, make sure you have a registered account, sufficient account balance, access keys (AK and SK), and the endpoint information. For details, see Getting Started.

Constraints

  • After a bucket is created, its name and region cannot be changed. Make sure that the bucket name and region you set are appropriate.
  • An account (including all IAM users under the account) can create a maximum of 100 buckets. You can use the fine-grained access control of OBS to properly plan and use buckets. For example, you can create folders in a bucket based on object prefixes and use fine-grained permission control to isolate permissions between different departments. There is no limit on the number and total size of objects in a bucket.
  • A bucket name is part of the access domain name and needs to be resolved. Therefore, the bucket name must conform to the DNS domain naming rules. When receiving a bucket creation request, OBS strictly checks the bucket name. A bucket name:
    • Must be unique across all accounts and regions. The name of a deleted bucket can be reused for another bucket or a parallel file system at least 30 minutes after the deletion.
    • Must be 3 to 63 characters long. Only lowercase letters, digits, hyphens (-), and periods (.) are allowed.
    • Cannot start or end with a period (.) or hyphen (-), and cannot contain two consecutive periods (..) or contain a period (.) and a hyphen (-) adjacent to each other.
    • Cannot be formatted as an IP address.

    If you use a bucket with periods (.) in its name to access OBS, the client will display a message indicating that the bucket is risky, for example, a red alarm may be displayed in the browser security prompt. This is because the SSL wildcard certificate matches only buckets without periods (.) in their names when HTTPS is used for OBS access. We recommend that you avoid using periods (.) in bucket names.

Ways to Create a Bucket

You can use OBS Console, APIs, SDKs, OBS Browser+, or obsutil to create a bucket.

Using OBS Console

  1. In the navigation pane of OBS Console, choose Object Storage.
  2. In the upper right corner, click Create Bucket. The Create Bucket page is displayed.

    Figure 1 Creating a bucket

  3. Configure bucket parameters.

    Table 1 Bucket parameters

    Parameter

    Description

    Replicate Settings from Existing Bucket

    Optional. To use this function, click Select Bucket and select a bucket from the list as the replication source. After the replication source is selected, the following settings are replicated to the bucket you are creating: region, data redundancy policy, storage class, bucket policy, server-side encryption, direct reading, enterprise project, and tags.

    You can still change some or all of the replicated settings as needed.

    Region

    Region where the bucket is located. For low latency and faster access, select the region nearest to you. Once the bucket is created, its region cannot be changed.

    Most OBS features are available in all regions, but some are only available for certain regions. Consider the feature availability in each region when you select a region for a bucket. For details, see Function Overview.

    If your ECS needs to access an OBS bucket over the intranet, ensure that the bucket and the ECS are in the same region. For details, see Accessing OBS over an Intranet.

    Bucket Name

    Name of the bucket. A bucket name must be unique across all accounts and regions. Once a bucket is created, its name cannot be changed.

    According to the globally applied DNS naming rules, an OBS bucket name:

    • Must be unique across all accounts and regions. The name of a deleted bucket can be reused for another bucket or a parallel file system at least 30 minutes after the deletion.
    • Must be 3 to 63 characters long. Only lowercase letters, digits, hyphens (-), and periods (.) are allowed.
    • Cannot start or end with a period (.) or hyphen (-), and cannot contain two consecutive periods (..) or contain a period (.) and a hyphen (-) adjacent to each other.
    • Cannot be formatted as an IP address.
      NOTE:

      When you access OBS through HTTPS using virtual hosted-style URLs, if the bucket name contains a period (.), the certificate verification will fail. To work around this issue, you are advised not to use periods (.) in bucket names.

    Data Redundancy Policy
    • Multi-AZ storage: Data is stored in multiple AZs to achieve higher reliability.
    • Single-AZ storage: Data is stored in a single AZ, with lower costs.

    For details about the performance comparison between multi-AZ and single-AZ storage, see Comparison of Storage Classes.

    Once a bucket is created, the data redundancy policy cannot be changed, so choose the policy that can meet your needs.

    • Multi-AZ storage is not available for buckets in the Archive storage class.

    Storage Class

    Storage classes of a bucket. These storage classes can meet different needs for storage performance and costs.

    • The Standard storage class is for storing a large number of hot files or small files that are frequently accessed (multiple times per month on average) and require quick retrieval.
    • The storage class is for storing data that is less frequently accessed (less than 12 times per year on average) and requires quick retrieval.
    • The Archive storage class is for archiving data that is rarely accessed (once a year on average) and has no requirements for quick retrieval.

    For details, see Storage Classes.

    Block All Public Access

    Used to centrally set certain levels of public access to buckets.

    Enabling all the settings will prevent the creation of an ACL or a bucket policy to allow public access. When APIs are used for authentication, such ACLs or bucket policies will be ignored. However, existing bucket policies that allow public access remain unaffected.

    The following four settings are supported:

    • Enabling the setting will prevent creating or modifying an ACL to allow public read/write or grant anonymous users read/write permissions. Enabling this setting does not affect existing ACLs that allow public read/write or grant anonymous users read/write permissions.
    • Enabling the setting will prevent creating or modifying a bucket policy to allow public access (read/write permissions for non-bucket owners). Enabling this setting does not affect existing bucket policies that allow public access.
    • Enabling the setting will ignore ACLs that allow public read/write or grant anonymous users read/write permissions when OBS APIs are used for authentication.
    • Enabling the setting will ignore bucket policies that allow public access (read/write permissions for non-bucket owners) when OBS APIs are used for authentication.
    NOTE:

    To block all public access, your account must have the PutBucketPublicAccessBlock permission.

    For details, see Block Public Access.

    Bucket Policy

    Controls read and write permissions for buckets.

    • Private: No access beyond the bucket ACL settings is granted.
    • Public Read: Anyone can read objects in the bucket.
    • Public Read and Write: Anyone can read, write, or delete objects in the bucket.

    Enterprise Project

    You can add a bucket to an enterprise project for unified management.

    Create an enterprise project by referring to Creating an Enterprise Project. The default enterprise project is named default.

    On the Enterprise Project Management Service page, create an enterprise project, and add a user group to the enterprise project. By doing so, users in this user group obtain the operation permissions for the buckets and objects in the enterprise project.

    NOTE:

    Only an enterprise account can configure enterprise projects.

    OBS ReadOnlyAccess and OBS OperateAccess are the fine-grained authorizations of the enterprise project user group in OBS.

    Direct Reading

    Direct reading allows you to directly download objects from the Archive storage class without restoring them first. Direct reading is a billable function. For details, see Product Pricing Details.

    No matter which default storage class you select, you can enable direct reading for your bucket. For example, if you select the Standard storage class and enable direct reading for your bucket, you can directly download objects stored in the Archive storage class from your bucket.

    Server-Side Encryption

    Choose SSE-KMS. DEW APIs have traffic control limits. For details, see DEW API Overview. After SSE-KMS is enabled, your service access may be affected by traffic control.

    • You can choose Default to use the default key in the current region to encrypt the objects you upload to the bucket. If you do not have a default key, OBS automatically creates one the first time you upload an object.
    • You can also choose Custom to use a custom key for encryption. If there is no custom key available, click View KMS Keys to create one.
    • You can also select Shared to enter a shared key ID. The key shared by other users will be used to encrypt your objects. For details about how to obtain a shared key ID, see Viewing a CMK.
      NOTE:

      A shared key from a project or a subproject can be configured here. However, if a shared key from a subproject is specified, the owner of the shared key cannot access objects encrypted with that key, but the bucket owner can.

    Selecting SSE-OBS for Encryption Method will use the keys created and managed by OBS for encryption.

    When Server-Side Encryption is enabled for a bucket, you can configure the object you upload to inherit encryption from the bucket or choose SSE-KMS or SSE-OBS.

    WORM

    When you enable write-once-read-many (WORM), you can configure a retention policy for the current bucket. The object version which the retention policy is applied to cannot be deleted within a specified period. You can only enable WORM when you create a bucket. Once enabled for a bucket, WORM cannot be disabled. When you enable WORM, OBS automatically enables versioning for the bucket, and versioning cannot be suspended later for that bucket.

    Tags

    Optional. Tags are used to identify and classify buckets in OBS. Each tag is represented by a key-value pair.

    For more information, see Adding Tags to a Bucket.

  4. Click Create Now.

Using the API

Creating a Bucket

Using SDKs

Java

Python

C

Go

BrowserJS: not supported

.NET

Android

iOS

PHP

Node.js

Using the GUI Tool - OBS Browser+

  1. Log in to OBS Browser+.
  2. In the upper part of the page, click Create Bucket.
  3. In the displayed dialog box, configure bucket parameters, as shown in Figure 2.

    Figure 2 Creating a bucket
    Table 2 Bucket creation parameters

    Parameter

    Description

    Region

    Enter the region where you want to create a bucket. Once the bucket is created, its region cannot be changed.

    Storage Class

    Storage class of the bucket. Different storage classes meet customers' needs for storage performance and costs.

    • Standard: applicable to scenarios where a large number of hot files or small files need to be accessed frequently (multiple times per month on average) and require fast access response.
    • Infrequent Access: ideal for storing data that is not frequently accessed (less than 12 times per year on average) but requires fast access response.
    • Archive: suitable for archiving data that is rarely accessed (averagely once a year) and has no requirements for quick response.

    For more information, see Storage Class.

    Bucket ACL

    Controls read and write permissions on buckets.

    • Private: Only users granted permissions by the ACL can access the bucket.
    • Public Read: Anyone can read objects in the bucket.
    • Public Read and Write: Anyone can read, write, or delete objects in the bucket.

    Multi-AZ Mode

    If multi-AZ is enabled, data will be stored in multiple AZs.

    • Once a bucket is created, its multi-AZ status cannot be changed. Therefore, plan in advance and determine whether to enable the multi-AZ function during bucket creation.

    Bucket Name

    Name of the bucket you want to create, which must be globally unique. A bucket name:

    • Must be 3 to 63 characters long and start with a digit or letter. Only lowercase letters, digits, hyphens (-), and periods (.) are allowed.
    • Cannot be formatted as an IP address.
    • Cannot start or end with a hyphen (-) or period (.).
    • Cannot contain two consecutive periods (..), for example, my..bucket.
    • Cannot contain a period (.) and a hyphen (-) adjacent to each other, for example, my-.bucket or my.-bucket.

    You can click next to the bucket name to learn about the bucket naming rules. A user can create a maximum of 100 buckets in OBS.

    • When a URL is used to access a bucket, the bucket name will become part of the URL. According to the DNS rule, URLs do not support uppercase letters and cannot recognize buckets whose name contains uppercase letters. Therefore, a bucket name can contain only lowercase letters, digits, hyphens (-), and periods (.). For example, if you attempt to access bucket MyBucket using a URL, the URL will parse MyBucket as mybucket. This results in an access error.
    • DNS naming rules can standardize bucket names globally, facilitating the resolution during bucket access. With the DNS naming rules used, you can benefit from new functions and optimized features, and configure static website hosting for buckets.
    • Once a bucket is created, its name cannot be changed. Make sure that the bucket name you set is appropriate.

  4. Click OK. If the bucket is successfully created, it is displayed in the bucket list. If the creation fails, an error message will be displayed.

Using the CLI Tool - obsutil

Command Line Structure

  • In Windows 
    obsutil mb obs://bucket [-fs] [-az=xxx] [-acl=xxx] [-sc=xxx] [-location=xxx] [-config=xxx] [-e=xxx] [-i=xxx] [-k=xxx] [-t=xxx]
  • In Linux or macOS 
    ./obsutil mb obs://bucket [-fs] [-az=xxx] [-acl=xxx] [-sc=xxx] [-location=xxx] [-config=xxx] [-e=xxx] [-i=xxx] [-k=xxx] [-t=xxx]

Examples

  • Take the Windows OS as an example. Run the obsutil mb obs://bucket-test command to create a bucket. The creation is successful. 
    obsutil mb obs://bucket-test
Start at 2024-09-29 07:52:11.3769487 +0000 UTC

Create bucket [bucket-test] successfully, request id [000001923CC401864018BA75753D2D5F]
  • Take the Windows OS as an example. Run the obsutil mb obs://bucket001 command to create a bucket with the same name as the bucket of another account. The creation fails. 
    obsutil mb obs://bucket001
Start at 2024-09-30 07:03:50.1378331 +0000 UTC

Create bucket [bucket001] failed, status [409], error code [BucketAlreadyExists], error message [The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.], request id [0000019241BE18DB4019EDD66E135C56]

Parameter Description

Parameter

Optional or Mandatory

Description

bucket

Mandatory

Bucket name

NOTE:
A bucket name must comply with the following rules:
  • Contains 3 to 63 characters, including lowercase letters, digits, hyphens (-), and periods (.), and starts with a digit or letter.
  • Cannot be an IP address.
  • Cannot start or end with a hyphen (-) or period (.).
  • Cannot contain two consecutive periods (.), for example, my..bucket.
  • Cannot contain periods (.) and hyphens (-) adjacent to each other, for example, my-.bucket or my.-bucket.

fs

Optional (additional parameter)

Creates a parallel file system.

az

Optional (additional parameter)

Specifies a bucket's data redundancy policy. Possible values are:

  • multi-az
NOTE:

If multi-az is used, a bucket with the multi-AZ storage policy will be created. If this parameter is not specified, a bucket with the single-AZ storage policy will be created.

acl

Optional (additional parameter)

Access control policies that can be specified when creating a bucket. Possible values are:

  • private
  • public-read
  • public-read-write
NOTE:

The preceding three values indicate private read and write, public read, and public read and write.

sc

Optional (additional parameter)

Default bucket storage class that can be specified when creating a bucket. Possible values are:

  • standard: Standard storage class. It features low access latency and high throughput, and is applicable to storing frequently accessed data (multiple accesses per month) or data that is smaller than 1 MB.
  • warm: Infrequent Access storage class. It is ideal for storing infrequently accessed (less than 12 times a year) data, but when needed, the access has to be fast.
  • cold: Archive storage class. It provides secure, durable, and inexpensive storage for rarely-accessed (once a year) data.
  • deep-archive: Deep Archive storage class (under limited beta testing). It is suitable for storing data that is barely (once every few years) accessed. This storage class costs less than the Archive storage class, but takes longer time (usually several hours) to restore data.

location

Mandatory unless the region where the OBS service resides is not the default region (additional parameter)

Region where the bucket resides.

NOTE:

This parameter indicates the region where a bucket will be created. It is mandatory only when the endpoint belongs to any other regions than the default one CN North-Beijing1 (cn-north-1). To view the currently valid regions, see Regions and Endpoints.

config

Optional (additional parameter)

User-defined configuration file for executing the current command. To learn the parameters that can be configured in this file, see Configuration Parameters.

e

Optional (additional parameter)

Specifies the endpoint.

i

Optional (additional parameter)

Specifies the user's AK.

k

Optional (additional parameter)

Specifies the user's SK.

t

Optional (additional parameter)

Specifies the user's security token.

Related Operations and FAQs

Changing the Bucket Storage Class

After the bucket is created, you can change its storage class by performing the following steps: For details, see Configuring a Storage Class and Changing the Storage Classes of Buckets and Objects.

  1. In the navigation pane of OBS Console, choose Object Storage.
  2. In the bucket list, locate the bucket you want and click Change Storage Class on the right.
  3. Select the desired storage class and click OK.

    • Changing the storage class of a bucket does not change the storage class of existing objects in the bucket.
    • If you do not specify a storage class for an object when uploading it, it inherits the bucket's storage class by default. After the bucket's storage class is changed, newly uploaded objects will inherit the new storage class of the bucket by default.

Accessing a Bucket

After a bucket is created, you can use the domain name to access the bucket. You can assemble the bucket domain name by putting the bucket name and endpoint together, or you can obtain it by viewing the basic bucket information on OBS Console or OBS Browser+.

An access domain name is structured as follows:

[Structure] BucketName.Endpoint

[Example] bucketname.obs.ap-southeast-1.myhuaweicloud.com

Causes of Bucket Creation Failures and Solutions

Why Am I Unable to Create a Bucket?

More FAQs

FAQ for Buckets and Objects

Parent Topic: Bucket Management