Object Storage overview
    • PDF

    Object Storage overview

    • PDF

    Article summary

    Overview

    NAVER Cloud Platform Object Storage provides the S3 API for managing and using storage.

    Version: Amazon S3 v2006-03-01

    Calling domain (endpoint)

    While it supports both HTTP/HTTPS protocols, we recommend using HTTPS for data protection.

    Calling domains by Region

    RegionRegion NameCalling Domain
    Koreakr-standardhttps://kr.object.ncloudstorage.com
    US West (New)us-standardhttps://us.object.ncloudstorage.com
    Singapore (New)sg-standardhttps://sg.object.ncloudstorage.com
    Japan (New)jp-standardhttps://jp.object.ncpstorage.com
    Germany (New)de-standardhttps://de.object.ncloudstorage.com

    We plan to continue to expand the Regions we offer.

    Authentication key (credential)

    Use the API authentication key created in Portal My Page > Manage account > Manage authentication key.

    The following describes all the operations you can use when accessing NAVER Cloud Platform's Object Storage using the S3 API.
    For more information on how to use operations, including samples, see the Bucket operations and Object operations pages.

    Account-related operations

    At the account level, only operations that retrieve bucket lists belonging to that account are supported. The number of buckets for an account is limited to 1000.

    OperationsDescription
    GET Account(List Buckets)View the bucket list belonging to the account

    Bucket operations

    The following describes operations that create, delete, view, and control buckets.

    GET Bucket (List Objects) Version 2 to view the list of objects in a bucket is not supported.

    OperationsDescription
    PUT BucketCreate bucket
    The number of buckets for an account is limited to 1000.
    GET Bucket(List Objects)View objects included in a bucket
    List up to 1000 objects at a time
    HEAD BucketView bucket headers
    DELETE BucketDelete empty buckets
    PUT Bucket ACLCreate an access control list (ACL) to apply to a bucket
    GET Bucket ACLView the access control list (ACL) applied to a bucket
    PUT Bucket CORSCreate CORS settings to apply to a bucket
    GET Bucket CORSView CORS settings applied to a bucket
    DELETE Bucket CORSDelete CORS settings applied to a bucket
    List Multipart UploadsView incomplete or canceled multipart uploads

    Object operations

    The following describes operations that create, delete, view, and control objects.

    OperationsDescription
    PUT ObjectAdd objects to a bucket (upload)
    PUT Object (Copy)Create a copy of an object
    GET ObjectView objects (download)
    HEAD ObjectView object headers
    DELETE ObjectDelete an object from a bucket
    DELETE Multiple ObjectsDelete a multipart object from a bucket
    PUT Object ACLCreate an access control list (ACL) to apply to an object
    GET Object ACLView the access control list (ACL) applied to an object
    OPTIONS ObjectCheck the CORS settings to see if a specific request can be sent
    Initiate Multipart UploadCreate an upload ID to assign to the part set to be uploaded
    Upload PartUpload parts of an object associated with an upload ID
    Complete Multipart UploadCombine partitioned objects associated with an upload ID
    Abort Multipart UploadStop the upload and delete parts associated with the upload ID

    Common headers

    Common request headers

    The following table describes the common request headers supported by NAVER Cloud Platform Object Storage.

    NAVER Cloud Platform's Object Storage ignores common headers that are not listed in the following table, even if the request is sent.

    However, some requests may support other headers as defined in this document.
    More information about creating authentication headers can be found on the "Manage authentication" page.

    HeadersDescription
    AuthorizationRequired (AWS Signature Version 4)
    HostRequired
    x-amz-dateRequired, may be specified as a date
    x-amz-content-sha256Required
    However, it is applicable when uploading objects or if the request information is included in the body
    Content-LengthRequired
    However, it is applicable when uploading objects
    Chunked encoding supported
    Content-MD5128-bit MD5 hash value of the body of the request being sent
    ExpectIf 100-continue, wait for headers to be authorized before sending request body

    Common response headers

    The following table describes common response headers.

    HeadersDescription
    Content-LengthLength of the request body (unit: bytes)
    ConnectionWhether it's connected
    DateTimestamp of the request message
    ETagMD5 hash value of the request message
    x-amz-request-idUnique identifier generated on request

    Response status codes

    Error CodeDescriptionHTTP status code
    AccessDeniedAccess denied403 Forbidden
    BadDigestThe specified Content-MD5 doesn't match the received content400 Bad Request
    BucketAlreadyExistsRequested bucket name not available
    The bucket's namespace is shared by all users on the system
    Need to select a different name and try again
    409 Conflict
    BucketNotEmptyThe bucket being deleted is not empty409 Conflict
    CredentialsNotSupportedThe request does not support credentials400 Bad Request
    EntityTooSmallThe size of the object being uploaded is smaller than the minimum size allowed400 Bad Request
    EntityTooLargeThe size of the object being uploaded exceeds the maximum size allowed400 Bad Request
    IncompleteBodyNo value specified for the Content-Length HTTP header400 Bad Request
    IncorrectNumberOfFilesInPostRequestOnly one file can be uploaded with a POST request400 Bad Request
    InlineDataTooLargeThe size of the inline data exceeds the maximum size allowed400 Bad Request
    InternalErrorInternal error occurred
    Retry required
    500 Internal Server Error
    InvalidAccessKeyIdThe entered AWS access key ID doesn't exist in the database403 Forbidden
    InvalidArgumentInvalid parameter400 Bad Request
    InvalidArgumentInvalid MD5 hash value for secret key
    MD5 hashes must be Base64-encoded
    400 Bad Request
    InvalidArgumentMD5 hash value does not match input value400 Bad Request
    InvalidBucketNameSpecified bucket is invalid400 Bad Request
    InvalidBucketStateThe request is invalid with the current bucket state409 Conflict
    InvalidDigestThe specified Content-MD5 is invalid400 Bad Request
    InvalidEncryptionAlgorithmErrorThe specified encryption request is invalid
    Supported values are AES256
    400 Bad Request
    InvalidLocationConstraintLocation constraint is invalid400 Bad Request
    InvalidObjectStateThe operation is invalid in the current object state403 Forbidden
    InvalidPartOne or more of the specified parts could not be found
    The part might not have been uploaded, or the specified entity tag might not match the entity tag of the part
    400 Bad Request
    InvalidPartOrderThe part list is not sorted in ascending order
    They must be sorted by part number
    400 Bad Request
    InvalidRangeUnable to meet requested range416 Requested Range Not Satisfiable
    InvalidRequestNeed to use the AWS4-HMAC-SHA256 algorithm400 Bad Request
    InvalidSecurityThe security credentials entered are invalid403 Forbidden
    InvalidURIUnable to parse the syntax of the specified URI400 Bad Request
    KeyTooLongThe key is too long400 Bad Request
    MalformedACLErrorThe entered XML format is incorrect, or the published schema has not been validated400 Bad Request
    MalformedPOSTRequestInvalid value for multipart/form-data attribute in POST request body400 Bad Request
    MalformedXMLError when sending misconfigured XML (XML that doesn't follow XSD conventions)
    Error message: "The XML you provided was not well-formed or did not validate against our published schema."
    400 Bad Request
    MaxMessageLengthExceededThe request is too long400 Bad Request
    MaxPostPreDataLengthExceededErrorPOST request field in front of upload file is too large400 Bad Request
    MetadataTooLargeThe size of the header in the metadata exceeds the maximum size allowed400 Bad Request
    MethodNotAllowedThe specified method is not available for this resource405 Method Not Allowed
    MissingContentLengthContent-Length HTTP header must be provided411 Length Required
    MissingRequestBodyErrorError when sending an empty XML document
    Error message: "Request body is empty."
    400 Bad Request
    NoSuchBucketSpecified bucket does not exist404 Not Found
    NoSuchKeySpecified key does not exist404 Not Found
    NoSuchUploadSpecified multipart upload does not exist
    The upload ID may be invalid, or the multipart upload may have been aborted or completed
    404 Not Found
    NotImplementedEntered headers mean unimplemented features501 Not Implemented
    OperationAbortedConditional operation conflicts with this resource and needs to be retried409 Conflict
    PreconditionFailedOne or more of the specified prerequisites are not performed412 Precondition Failed
    RedirectTemporarily redirected to a new location307 Moved Temporarily
    RequestIsNotMultiPartContentBucket POST requests must specify an enclosure-type multipart/form-data attribute value400 Bad Request
    RequestTimeoutSocket connection failed to reach the server within the timeout period400 Bad Request
    RequestTimeTooSkewedThe difference between request time and server time is too large403 Forbidden
    SignatureDoesNotMatchThe entered signature value does not match the measured signature value
    Need to verify AWS secret key and signing method
    403 Forbidden
    ServiceUnavailableNeed to reduce request frequency503 Service Unavailable
    SlowDownNeed to reduce request frequency503 Slow Down
    TemporaryRedirectRedirect to bucket while updating DNS307 Moved Temporarily
    TooManyBucketsMaximum number of buckets allowed to be created400 Bad Request
    UnexpectedContentThe request does not support the content400 Bad Request
    UnresolvableGrantByEmailAddressThe account matching the entered email address doesn't exist in the database400 Bad Request
    UserKeyMustBeSpecifiedBucket POST requests must include the specified field names
    If field names are specified, check field order
    400 Bad Request

    Authentication

    NAVER Cloud Platform's Object Storage APIs are authenticated through the Authorization header, and you can see the authentication method in the Object Storage API User Guide.

    Access control list (ACL)

    You can grant access to buckets and objects to members who are using NAVER Cloud Platform's Object Storage service.

    When a member subscribes to NAVER Cloud Platform's Object Storage, they are issued an ID that can be used in Object Storage.
    This ID is used to set access permissions for buckets and objects.

    You can also set public-read and public-write permissions to allow access without authentication.

    The following table describes the types of permissions and the possible operations when they are granted.

    PermissionWhen granted to a bucketWhen granted to an object
    READView the list of objects in bucketsRead object data and metadata
    WRITECreate new objects or overwrite or delete existing objectsN/A
    READ_ACPView bucket ACLView object ACL
    WRITE_ACPSet bucket ACLSet object ACL
    FULL_CONTROLPerform all operations possible with READ, WRITE, READ_ACP, and WRITE_ACP permissionsPerform all operations possible with READ, READ_ACP, and WRITE_ACP permissions

    The following table describes the default ACLs supported by NAVER Cloud Platform Object Storage. Values not mentioned in this table are not supported.

    Default ACLApplication targetDescription
    privateBucket, objectGrant FULL_CONTROL permissions to the owner (default)
    public-readBucket, objectGrant FULL_CONTROL permissions to the owner and READ permissions to all users
    public-read-writeBucket, objectGrant FULL_CONTROL permissions to the owner and READ and WRITE permissions to all users
    authenticated-readBucket, objectGrant FULL_CONTROL permissions to the owner and READ permissions to authenticated users

    When READ permissions are applied to a bucket, including public-read, you can only view the objects, but not access the objects themselves.


    Was this article helpful?

    What's Next
    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.