Frequently asked questions
Get answers to the most commonly asked questions about Cloud Object Storage
What is IBM Cloud Object Storage?
IBM Cloud Object Storage is a storage service that can be used to store unstructured data and is designed for high durability, resiliency and security. The data is accessible using SDKs or by using the IBM user interface.
What kind of data can I store in IBM Cloud Object Storage?
You can store any kind of data, such as images, videos, documents, etc., in any format.
How is my data stored in IBM Cloud Object Storage?
Information stored in IBM Cloud Object Storage is encrypted and dispersed across multiple geographic locations. This service makes use of the distributed storage technologies provided by the IBM Object Storage System.
Does IBM Cloud Object Storage service offer a Service Level Agreement (SLA)?
How many buckets can I provision?
You can provision 100 buckets per IBM Cloud Object Storage service instance. If you need to provision more than this limit, please contact customer support.
Is there a size limit on the object I can upload and store?
You can upload objects up to 10TB. All object keys need to be no more than 1024 characters in length address. There is no practical limit on the amount of storage you can use in a single storage instance or within a single bucket Objects can't exceed 200 MB in size when you’re using the console to upload unless the Aspera high-speed transfer is installed.
Can I use IBM Cloud Object Storage even though I’m not located in US or EU?
Yes, you can use IBM Cloud Object Storage from anywhere in the world. You just choose the location where you want to store your data when you create a bucket.
What storage classes does IBM Cloud Object Storage Offer?
Smart Tier can be used for any workload, especially for dynamic workloads. Standard is used for storing frequently accessed data. Vault is used for storing your less frequently accessed data. Cold Vault is used for storing data that is minimally accessed.
If I want to store my data with Vault or Cold Vault storage class, do I need to create another account?
No. The storage classes are defined at the bucket level. Simply create a new bucket that’s set to the desired storage class.
Can I change the storage class on a bucket?
Changing storage class requires you to manually move or copy the data from one bucket to another bucket with the desired storage class.
What is policy-based archive?
IBM Cloud Object Storage policy-based archive (Archive) is our lowest-cost option for data that is rarely accessed. Archive works with any of our existing storage classes (Smart Tier, Standard, Vault or Cold Vault) enabling you to set archive policy on a bucket for objects to transition to Archive after a specified duration of time.
Is Archive available in all the IBM Cloud Object Storage locations?
What is the cost of storing data in the archive?
Archive usage is priced at USD 0.00099 GB per month for data storage and USD 0.02 GB for data restore (US regional example). There are no hidden operational charges associated with storage/restore in Archive.
How secure is my data?
Initially, only the bucket and object owners have access to the cloud object storage service instance they create. User authentication is supported to access data. If you need extra security, you can use the Key Protect Service or the Server-Side Encryption (SSE-C) with Customer-provided Keys option to encrypt data stored at rest.
How can I control access to data stored in IBM Cloud Object Storage?
Identity and Access Management (IAM) access controlling mechanisms better secure your data. IAM policies enable organizations with multiple employees to create and manage multiple users under a single IBM Cloud® account. With IAM policies, companies can grant IAM users control of their Cloud Object Storage service instance, buckets and the like.
Does IBM Cloud Object Storage provide encryption at rest and in motion?
Yes. Data at rest is encrypted with automatic server-side Advanced Encryption Standard (AES) 256-bit encryption and Secure Hash Algorithm (SHA)-256 hash. Data in motion is secured by using built-in, carrier-grade Transport Layer Security/Secure Sockets Layer (TLS/SSL) encryption.
Can I provide my own keys for encryption?
IBM Cloud supports two ways of providing your own key for encrypting your data at rest:
Key-Protect can provide your own key during bucket creation using Key Protect. You can manage the lifecycle of your keys in IBM Cloud. SSE-C can provide your own key for encryption. IBM Cloud does not save your key within IBM Cloud Object Storage.
I am a non-Custom Private Addressing (CPA) customer. Can I use IBM Cloud Object Storage on Direct Link?
Direct Link clients cannot access IBM Cloud Object Storage on the private services network. Create a route on vRouter to traverse the private network and reach a private endpoint for IBM Cloud Object Storage on the services network; Provision 1x or 2x Vyattas; Then use cloud object private endpoints to access IBM Cloud Object Storage.
How much does IBM Cloud Object Storage cost?
What is the retention policy for an IBM Cloud Object Storage bucket?
A retention policy is applied at the IBM Cloud Object Storage bucket level and allows you to protect objects stored from deletion or overwriting for a specified duration of time. You can define and enforce a retention policy with minimum, maximum and default retention period settings.
Can I delete an IBM Cloud Object Storage bucket with a set retention policy?
A bucket with a retention policy can only be deleted when empty. To delete an object in a retention policy bucket, the object should not be under retention and without legal hold(s).
How many legal holds can be applied to a single object?