What is it?
What is it?
IBM Cloud Object Storage is a storage service that can be used to store unstructured data and is designed for high durability, resiliency and security. The data is accessible using SDKs or by using the IBM user interface.
What can I do with IBM Cloud Object Storage?
You can use IBM Cloud Object Storage to access your unstructured data from anywhere in the world, via a self-service portal backed by RESTful APIs and SDKs. Depending on your needs, you can use it as a repository for backup and recovery, archive, media content repository, data lake for analytics, and as your storage service for cloud-native applications.
What kind of data can I store in IBM Cloud Object Storage?
You can store any kind of data, such as images, videos, documents, etc., in any format.
How is my data organized in IBM Cloud Object Storage?
Information stored in IBM Cloud Object Storage is encrypted and dispersed across multiple geographic locations. This service makes use of the distributed storage technologies provided by the IBM Object Storage System.
Does IBM Cloud Object Storage service offer a Service Level Agreement (SLA)?
Yes. Please refer to IBM Cloud SLA here.
How many buckets can I provision?
You can provision 100 buckets per Cloud Object Storage service instance. If you need to provision more than this limit, please contact customer support.
Is there a size limit on the object I can upload and store?
You can upload objects up to 10TB in size. All object keys need to be no more than 1024 characters in length, and it's best to avoid any characters that might prove problematic within a web address (e.g. ?, =, <, etc.). Please, ensure to not use any information that can identify any user (natural person) by name, location or any other names (PII). There is no practical limit on the amount of storage you can use in a single storage instance, or within a single bucket for that matter. Each bucket can hold billions of objects.
Objects can't exceed 200 MB in size when you are using the console to upload unless the Aspera high-speed transfer is installed. Using the Aspera high-speed transfer, you can upload larger size objects in the background instead of in the active browser window. In addition, the transfers can be viewed, paused or canceled.
How do I decide between regional, cross region and single data center to store my data?
- Regional resiliency is for low latency. Your data is distributed across three IBM data centers within a single region.
- Cross-region resiliency is for mission-critical availability. Your data is stored in three IBM data centers across three or more different regions. Cross-region offers geographic resiliency and is available across multiple endpoints.
- Single data center is for when data locality is the top priority. Your data is stored within a single data center. Data is distributed across many physical storage appliances, but is contained within a single data center. These sites do not provide automated replication or backup in case of site destruction.
How do I determine what geographic location to store my data in?
You may want to consider several factors, in addition to deciding between regional, cross-region or single data center:
- You may want to pick a location based on your desire to reduce data access latency.
- You may want to pick a location to address legal and/or regulatory requirements.
- You may want to consider various pricing options.
- You may want to pick a location that is remote from your other operations, for redundancy.
Can I use IBM Cloud Object Storage even though I am not located in US or EU?
Yes, you can use IBM Cloud Object Storage from anywhere in the world. You just have to choose the location where you want to store your data when you create a bucket.
What storage classes does IBM Cloud Object Storage offer?
Smart Tier: Smart Tier can be used for any workload, especially for dynamic workloads where access patterns are unknown or difficult to predict. Smart Tier offers a simplified pricing structure and automatic cost optimization by classifying the stored data into (one of the three built-in tiers) "hot", "cool", and "cold" tiers based on monthly data activity. All data in the bucket is then billed at the lowest applicable rate. There are no thresholds for minimum object size or minimum storage duration, and there are no retrieval fees. For a detailed explanation of how it works, see the billing topic.
Standard: Designed for storing frequently accessed data, providing higher performance at lower cost for use cases such as collaboration, analytics, active content repositories and sync-and-share applications. Ideal for data that is accessed multiple times a month.
Vault: Use for storing your less frequently accessed data for functions such as tape replacement, backup and disaster recovery. Ideal for data that is accessed once a month or less.
Cold Vault: Use for storing data that is minimally accessed for use cases such as archiving, digital asset preservation and long-term backup for compliance. Use for long-term retention of data that needs minimal access.
If I want to store my data using the Vault or Cold Vault storage class, do I need to create another account?
No. The storage classes are defined at the bucket level. Simply create a new bucket that is set to the desired storage class.
Can I change the storage class on a bucket? For example, if you have production data in "standard," can we easily switch it to "vault" if we are not using it frequently to reduce costs?
Changing of storage class requires you to manually move or copy the data from one bucket to another bucket with the desired storage class.
What is policy-based archive?
IBM Cloud Object Storage policy-based archive (Archive) is our lowest-cost option for data that is rarely accessed. Archive works with any of our existing storage classes (Smart Tier, Standard, Vault or Cold Vault ) enabling you to set archive policy on a bucket for objects to transition to Archive after a specified duration of time. For example, customers can create an archive policy on an existing bucket or a new bucket in any of the storage-class tiers. With the archive policy, you can specify a duration to move new objects in the bucket to archive either immediately (by setting archive policy to 0 days) or set any other period (up to 10 years) for when objects should be archived.
Who can benefit from Archive?
With Archive, any organization can manage storage costs by setting archive policy to automatically transition bulk of aging data to the lowest cost Archive, based on the age of the objects.
How is Archive integrated with other IBM Cloud Object Storage classes?
You can set an archive policy on a bucket for transition of stored objects from any of the storage class tier (Smart Tier, Standard, Vault and Cold Vault,). You can use the same operations across all the storage tiers and utilize archive policies against their objects. There is no limit to how many objects you can store in each bucket.
Is Archive available in all the IBM Cloud Object Storage locations?
In order to use Archive, you need to create buckets in Regional offerings. Please view the available regions here.
Can I set up an archive policy on an existing bucket?
Yes, archive policy can be set on an existing bucket. This policy will apply to the new objects uploaded and does not affect existing objects on a bucket.
How can I move data directly to the archive?
You can set an archive policy on a bucket to 0 days for immediate archival. This policy applies to the new objects uploaded and does not affect existing objects on a bucket.
How do I retrieve my archived objects?
You will have to restore an archived object. The restored object can then be accessed from the original storage class-tier. Object restore may take up to 12 hours.
How do I run SQL queries on my archived data?
You must restore the object to the original storage class (Smart Tier, Standard, Vault or Cold Vault) and then run SQL queries against the restored object.
What happens if I modify/delete an existing archive policy?
Any changes to an existing archive policy on a bucket will affect new objects uploaded. The existing objects in the bucket will remain under the effect of the old archive policy prior to the policy changes.
What is the cost of storing data in the archive?
Archive usage is priced at USD0.00099 GB/Month for data storage and USD0.02 GB for data restore (US regional example). There are no hidden operational charges associated with storage/restore in Archive.
How secure is my data?
How secure is my data?
IBM Cloud Object Storage is highly secure. Initially, only the bucket and object owners have access to the cloud object storage service instance they create. The service supports user authentication to access data; you can use access control mechanisms such as bucket policies to selectively grant permissions to users and applications. You can securely upload/download your data via SSL endpoints using the HTTPS protocol.
If you need extra security, you can use the Key Protect Service or the Server-Side Encryption (SSE-C) with Customer-provided Keys option to encrypt data stored at rest. IBM Cloud Object Storage provides the encryption technology for both Key Protect and SSE-C. Both of these options provide server-side encryption.
How can I control access to data stored in IBM Cloud Object Storage?
You can use Identity and Access Management (IAM) to access controlling mechanisms in order to secure your data. IAM policies enable organizations with multiple employees to create and manage multiple users under a single IBM Cloud account. With IAM policies, companies can grant IAM users control of their Cloud Object Storage service instance, buckets, etc.
How durable is IBM Cloud Object Storage?
How durable is IBM Cloud Object Storage?
IBM Cloud Object Storage is designed to provide 99.999999999 percent durability of objects over a given year. In addition, the data is split using Dispersal Algorithms (IDAs) into unrecognizable “slices” that are distributed across a network of data centers, making transmission and storage of data inherently private and secure. No complete copy of the data resides in any single storage node.
Does IBM Cloud Object Storage provide encryption at rest and in motion?
Yes. Data at rest is encrypted with automatic server-side Advanced Encryption Standard (AES) 256-bit encryption and Secure Hash Algorithm (SHA)-256 hash. Data in motion is secured by using built-in, carrier-grade Transport Layer Security/Secure Sockets Layer (TLS/SSL) encryption.
What is the typical encryption overhead if I want to encrypt my data?
Server-side encryption is always ON for customer data and encryption is not a big portion of the processing cost of Cloud Object Storage.
Can I provide my own keys for encryption?
Yes. IBM Cloud supports two ways of providing your own key for encrypting your data at rest:
- Key-Protect – You can provide your own key during bucket creation using Key Protect. You can manage the lifecycle of your keys in IBM Cloud. Learn more.
- SSE-C – You can provide your own key for encryption. IBM Cloud does not save your key within IBM Cloud Object Storage. The onus is on you to manage your own key and provide it during the storing and retrieving of data.
I am a non-CPA (Custom Private Addressing) customer. How can I use IBM Cloud Object Storage over Direct Link?
- Client connects to Direct Link as usual;
- By default, Direct Link clients cannot access Cloud Object Storage on the private services network. They will have to create a route on their vRouter to traverse the private network and reach the private endpoint for Cloud Object Storage on the services network;
- Client needs to provision 1x or 2x Vyattas;
- Use cloud object private endpoints to access IBM Cloud Object Storage.
How much does IBM Cloud Object Storage cost?
IBM Cloud Object Storage is designed for you to pay as you go without any minimum cost. Please refer to the pricing section for details.
How is IBM calculating and tracking my Cloud Object Storage usage?
Cloud Object Storage offers four different storage classes: Smart Tier, Standard, Vault, and Cold Vault.. For each of the storage classes, some or all of the following metrics are collected and aggregated across all the Cloud Object Storage instances in the account.
IBM will track and meter the storage (in gigabytes) used to store data objects. The cost for total storage during a billing period is the sum of the daily average storage cost for all days. The average storage usage for a given day is calculated by collecting usage data points periodically throughout the day and then averaging all the data points.
Public outbound bandwidth
IBM will track and meter the public outbound bandwidth (in Gigabytes) when accessing the data objects through the public endpoints. The public outbound bandwidth for a billing period is calculated as the sum of all collected usage data points. The usage data points that include the bandwidth consumed during the measurement period are collected at least once every hour.
IBM will track and meter the total data retrieval (in gigabytes) when accessing the data objects through both public and private endpoints. The data retrieval for a billing period is calculated as the sum of all collected usage data points. The usage data points that include the data retrieval occurred during the measurement period are collected at least once every hour.
Class A API calls
IBM will track and meter the PUT, COPY, POST and LIST operations when manipulating the data objects. The Class A API calls for a billing period are calculated as the sum of all collected usage data points and that sum is rounded to the nearest thousand. The usage data points that include the calls made during the measurement period are collected at least once every hour.
Class B API calls
IBM will track and meter the GET and other operations for accessing the data objects. The Class B API calls for a billing period are calculated as the sum of the all collected usage data points and are rounded to the nearest ten thousand. The usage data points that include the calls made during the measurement period are collected at least once every hour.
What is Immutable Object Storage?
Immutable Object Storage provides the capability to preserve electronic records and maintain data integrity in a WORM (Write-Once-Read-Many), non-erasable and non-rewritable manner. It allows customers to set a retention policy on an IBM Cloud Object Storage bucket and prevent object deletion by setting specific retention periods or applying legal holds at an object level.
Who can benefit from Immutable Object Storage?
Any organization needing to preserve electronic records on IBM Cloud Object Storage for a specified time duration can benefit from this capability.
Is there an additional charge for using Immutable Object Storage?
This feature is included as part of the Standard pricing plan for IBM Cloud Object Storage.
What is the retention policy for an IBM Cloud Object Storage bucket?
A retention policy is applied at the IBM Cloud Object Storage bucket level and allows you to protect objects stored from deletion or overwriting for a specified duration of time. You can define and enforce a retention policy with minimum, maximum and default retention period settings.
What is a retention period?
The duration of time an object must remain stored in the IBM Cloud Object Storage bucket.
Can I add a retention policy to an existing IBM Cloud Object Storage bucket?
A retention policy can only be set on an empty bucket.
Can I delete a retention policy that was set on an IBM Cloud Object Storage bucket?
No, a retention policy, once set on a bucket, cannot be deleted.
Can I update retention policy settings for an IBM Cloud Object Storage bucket?
Yes, updated settings will apply only to the new objects uploaded and do not affect existing objects on a bucket.
Can retention be applied to an object?
Yes, retention can be applied on a per object basis that is different than a default retention of an IBM Cloud Object Storage bucket.
Can the retention period of an object be changed after it is initially set?
A retention period can only be increased for an object that was not stored with a permanent retention setting. The retention period must remain within the minimum and maximum retention duration, configured as part of retention policy for an IBM Cloud Object Storage bucket.
Can I disable a permanent retention setting on an IBM Cloud Object Storage bucket?
No, a permanent retention, once set on a bucket, cannot be disabled.
Can I delete an IBM Cloud Object Storage bucket with a set retention policy?
A bucket with a retention policy can only be deleted when empty. To delete an object in a retention policy bucket, the object should not be under retention and without legal hold(s).
How may legal holds can be applied to a single object?
Can I apply the same legal hold to more than one object?
Yes, using IBM Cloud Object Storage UI. When you upload multiple objects to an IBM Cloud Object Storage bucket with a retention policy, you have the option to specify a legal hold set on all objects.
Can I delete the object if it is under legal hold?
No, an object with legal hold(s) cannot be deleted until all holds are removed, and the retention period expires.
Can I delete objects uploaded with a permanent retention period setting?
No, as the term indicates, objects will be stored permanently and a retention period cannot be modified. You will also not be able to delete any IBM Cloud Object Storage buckets that have objects stored with a permanent retention period.
What storage class(es) are supported with a retention policy?
A retention policy can be set on all supported storage classes in IBM Cloud Object Storage; i.e. Smart Tier, Standard, Vault and Cold Vault storage classes.
Is Immutable Object Storage available in all the IBM Cloud Object Storage locations?
Immutable Object Storage capability for IBM Cloud Object Storage buckets is available in our regional offerings. You can view a list of our available regions here.
Where can I find more information about Immutable Object Storage?
Please visit our product page for additional information.
Get started on IBM Cloud Object Storage
IBM Cloud Object Storage offers scalable cloud storage, designed for high durability, resiliency and security.