- Print
- PDF
Object Storage overview
- Print
- PDF
Overview
NAVER Cloud Platform Object Storage provides the S3 API for managing and using storage.
Version: Amazon S3 v2006-03-01
Calling domain (endpoint)
While it supports both HTTP/HTTPS protocols, we recommend using HTTPS for data protection.
Calling domains by Region
Region | Region Name | Calling Domain |
---|---|---|
Korea | kr-standard | https://kr.object.ncloudstorage.com |
US West (New) | us-standard | https://us.object.ncloudstorage.com |
Singapore (New) | sg-standard | https://sg.object.ncloudstorage.com |
Japan (New) | jp-standard | https://jp.object.ncpstorage.com |
Germany (New) | de-standard | https://de.object.ncloudstorage.com |
We plan to continue to expand the Regions we offer.
Authentication key (credential)
Use the API authentication key created in Portal My Page > Manage account > Manage authentication key.
The following describes all the operations you can use when accessing NAVER Cloud Platform's Object Storage using the S3 API.
For more information on how to use operations, including samples, see the Bucket operations and Object operations pages.
Account-related operations
At the account level, only operations that retrieve bucket lists belonging to that account are supported. The number of buckets for an account is limited to 1000.
Operations | Description |
---|---|
GET Account(List Buckets) | View the bucket list belonging to the account |
Bucket operations
The following describes operations that create, delete, view, and control buckets.
GET Bucket (List Objects) Version 2 to view the list of objects in a bucket is not supported.
Operations | Description |
---|---|
PUT Bucket | Create bucket The number of buckets for an account is limited to 1000. |
GET Bucket(List Objects) | View objects included in a bucket List up to 1000 objects at a time |
HEAD Bucket | View bucket headers |
DELETE Bucket | Delete empty buckets |
PUT Bucket ACL | Create an access control list (ACL) to apply to a bucket |
GET Bucket ACL | View the access control list (ACL) applied to a bucket |
PUT Bucket CORS | Create CORS settings to apply to a bucket |
GET Bucket CORS | View CORS settings applied to a bucket |
DELETE Bucket CORS | Delete CORS settings applied to a bucket |
List Multipart Uploads | View incomplete or canceled multipart uploads |
Object operations
The following describes operations that create, delete, view, and control objects.
Operations | Description |
---|---|
PUT Object | Add objects to a bucket (upload) |
PUT Object (Copy) | Create a copy of an object |
GET Object | View objects (download) |
HEAD Object | View object headers |
DELETE Object | Delete an object from a bucket |
DELETE Multiple Objects | Delete a multipart object from a bucket |
PUT Object ACL | Create an access control list (ACL) to apply to an object |
GET Object ACL | View the access control list (ACL) applied to an object |
OPTIONS Object | Check the CORS settings to see if a specific request can be sent |
Initiate Multipart Upload | Create an upload ID to assign to the part set to be uploaded |
Upload Part | Upload parts of an object associated with an upload ID |
Complete Multipart Upload | Combine partitioned objects associated with an upload ID |
Abort Multipart Upload | Stop the upload and delete parts associated with the upload ID |
Common headers
Common request headers
The following table describes the common request headers supported by NAVER Cloud Platform Object Storage.
NAVER Cloud Platform's Object Storage ignores common headers that are not listed in the following table, even if the request is sent.
However, some requests may support other headers as defined in this document.
More information about creating authentication headers can be found on the "Manage authentication" page.
Headers | Description |
---|---|
Authorization | Required (AWS Signature Version 4) |
Host | Required |
x-amz-date | Required, may be specified as a date |
x-amz-content-sha256 | Required However, it is applicable when uploading objects or if the request information is included in the body |
Content-Length | Required However, it is applicable when uploading objects Chunked encoding supported |
Content-MD5 | 128-bit MD5 hash value of the body of the request being sent |
Expect | If 100-continue, wait for headers to be authorized before sending request body |
Common response headers
The following table describes common response headers.
Headers | Description |
---|---|
Content-Length | Length of the request body (unit: bytes) |
Connection | Whether it's connected |
Date | Timestamp of the request message |
ETag | MD5 hash value of the request message |
x-amz-request-id | Unique identifier generated on request |
Response status codes
Error Code | Description | HTTP status code |
---|---|---|
AccessDenied | Access denied | 403 Forbidden |
BadDigest | The specified Content-MD5 doesn't match the received content | 400 Bad Request |
BucketAlreadyExists | Requested bucket name not available The bucket's namespace is shared by all users on the system Need to select a different name and try again | 409 Conflict |
BucketNotEmpty | The bucket being deleted is not empty | 409 Conflict |
CredentialsNotSupported | The request does not support credentials | 400 Bad Request |
EntityTooSmall | The size of the object being uploaded is smaller than the minimum size allowed | 400 Bad Request |
EntityTooLarge | The size of the object being uploaded exceeds the maximum size allowed | 400 Bad Request |
IncompleteBody | No value specified for the Content-Length HTTP header | 400 Bad Request |
IncorrectNumberOfFilesInPostRequest | Only one file can be uploaded with a POST request | 400 Bad Request |
InlineDataTooLarge | The size of the inline data exceeds the maximum size allowed | 400 Bad Request |
InternalError | Internal error occurred Retry required | 500 Internal Server Error |
InvalidAccessKeyId | The entered AWS access key ID doesn't exist in the database | 403 Forbidden |
InvalidArgument | Invalid parameter | 400 Bad Request |
InvalidArgument | Invalid MD5 hash value for secret key MD5 hashes must be Base64-encoded | 400 Bad Request |
InvalidArgument | MD5 hash value does not match input value | 400 Bad Request |
InvalidBucketName | Specified bucket is invalid | 400 Bad Request |
InvalidBucketState | The request is invalid with the current bucket state | 409 Conflict |
InvalidDigest | The specified Content-MD5 is invalid | 400 Bad Request |
InvalidEncryptionAlgorithmError | The specified encryption request is invalid Supported values are AES256 | 400 Bad Request |
InvalidLocationConstraint | Location constraint is invalid | 400 Bad Request |
InvalidObjectState | The operation is invalid in the current object state | 403 Forbidden |
InvalidPart | One or more of the specified parts could not be found The part might not have been uploaded, or the specified entity tag might not match the entity tag of the part | 400 Bad Request |
InvalidPartOrder | The part list is not sorted in ascending order They must be sorted by part number | 400 Bad Request |
InvalidRange | Unable to meet requested range | 416 Requested Range Not Satisfiable |
InvalidRequest | Need to use the AWS4-HMAC-SHA256 algorithm | 400 Bad Request |
InvalidSecurity | The security credentials entered are invalid | 403 Forbidden |
InvalidURI | Unable to parse the syntax of the specified URI | 400 Bad Request |
KeyTooLong | The key is too long | 400 Bad Request |
MalformedACLError | The entered XML format is incorrect, or the published schema has not been validated | 400 Bad Request |
MalformedPOSTRequest | Invalid value for multipart/form-data attribute in POST request body | 400 Bad Request |
MalformedXML | Error when sending misconfigured XML (XML that doesn't follow XSD conventions) Error message: "The XML you provided was not well-formed or did not validate against our published schema." | 400 Bad Request |
MaxMessageLengthExceeded | The request is too long | 400 Bad Request |
MaxPostPreDataLengthExceededError | POST request field in front of upload file is too large | 400 Bad Request |
MetadataTooLarge | The size of the header in the metadata exceeds the maximum size allowed | 400 Bad Request |
MethodNotAllowed | The specified method is not available for this resource | 405 Method Not Allowed |
MissingContentLength | Content-Length HTTP header must be provided | 411 Length Required |
MissingRequestBodyError | Error when sending an empty XML document Error message: "Request body is empty." | 400 Bad Request |
NoSuchBucket | Specified bucket does not exist | 404 Not Found |
NoSuchKey | Specified key does not exist | 404 Not Found |
NoSuchUpload | Specified multipart upload does not exist The upload ID may be invalid, or the multipart upload may have been aborted or completed | 404 Not Found |
NotImplemented | Entered headers mean unimplemented features | 501 Not Implemented |
OperationAborted | Conditional operation conflicts with this resource and needs to be retried | 409 Conflict |
PreconditionFailed | One or more of the specified prerequisites are not performed | 412 Precondition Failed |
Redirect | Temporarily redirected to a new location | 307 Moved Temporarily |
RequestIsNotMultiPartContent | Bucket POST requests must specify an enclosure-type multipart/form-data attribute value | 400 Bad Request |
RequestTimeout | Socket connection failed to reach the server within the timeout period | 400 Bad Request |
RequestTimeTooSkewed | The difference between request time and server time is too large | 403 Forbidden |
SignatureDoesNotMatch | The entered signature value does not match the measured signature value Need to verify AWS secret key and signing method | 403 Forbidden |
ServiceUnavailable | Need to reduce request frequency | 503 Service Unavailable |
SlowDown | Need to reduce request frequency | 503 Slow Down |
TemporaryRedirect | Redirect to bucket while updating DNS | 307 Moved Temporarily |
TooManyBuckets | Maximum number of buckets allowed to be created | 400 Bad Request |
UnexpectedContent | The request does not support the content | 400 Bad Request |
UnresolvableGrantByEmailAddress | The account matching the entered email address doesn't exist in the database | 400 Bad Request |
UserKeyMustBeSpecified | Bucket POST requests must include the specified field names If field names are specified, check field order | 400 Bad Request |
Authentication
NAVER Cloud Platform's Object Storage APIs are authenticated through the Authorization header, and you can see the authentication method in the Object Storage API User Guide.
Access control list (ACL)
You can grant access to buckets and objects to members who are using NAVER Cloud Platform's Object Storage service.
When a member subscribes to NAVER Cloud Platform's Object Storage, they are issued an ID that can be used in Object Storage.
This ID is used to set access permissions for buckets and objects.
You can also set public-read and public-write permissions to allow access without authentication.
The following table describes the types of permissions and the possible operations when they are granted.
Permission | When granted to a bucket | When granted to an object |
---|---|---|
READ | View the list of objects in buckets | Read object data and metadata |
WRITE | Create new objects or overwrite or delete existing objects | N/A |
READ_ACP | View bucket ACL | View object ACL |
WRITE_ACP | Set bucket ACL | Set object ACL |
FULL_CONTROL | Perform all operations possible with READ, WRITE, READ_ACP, and WRITE_ACP permissions | Perform all operations possible with READ, READ_ACP, and WRITE_ACP permissions |
The following table describes the default ACLs supported by NAVER Cloud Platform Object Storage. Values not mentioned in this table are not supported.
Default ACL | Application target | Description |
---|---|---|
private | Bucket, object | Grant FULL_CONTROL permissions to the owner (default) |
public-read | Bucket, object | Grant FULL_CONTROL permissions to the owner and READ permissions to all users |
public-read-write | Bucket, object | Grant FULL_CONTROL permissions to the owner and READ and WRITE permissions to all users |
authenticated-read | Bucket, object | Grant FULL_CONTROL permissions to the owner and READ permissions to authenticated users |
When READ permissions are applied to a bucket, including public-read, you can only view the objects, but not access the objects themselves.