15. Object storage configuration - SanjeevOCI/Ocidocs GitHub Wiki

15 - OCI Object Storage: Bucket, Uploads, Pre-Auth & Lifecycle

Applies to: OCI Object Storage service
Goal: Create a bucket, upload objects, generate a pre-authenticated URL, and configure lifecycle & retention rules.

✅ Prerequisites

  • OCI tenancy with permissions for Object Storage (create buckets, policies)
  • A file (e.g. text/image) to upload
  • Understanding of bucket tiers, lifecycle rules, IAM policies

Note :- Object Storage is used for taking backups in OCI. It is a public service. It can be encrypted.

Difference between Block Volume and Object Storage

1. Block volume is a structured volume, which we can keep the data in the format of files and folders.

2. Object Storage is an unstructured volume, we can store the data of any format. Examples - Images and Videos

  1. Go to Oracle Cloud --> Burger Menu --> Storage --> Click on "Object Storage & Archive Storage"

Object_Storage_Configuration_1

  1. Click on "Create Bucket" and fill in all the details required to create a bucket

Standard Tier --> Used for immediate extraction of backups, like last month backup or 3 months backup. It is fast.

Archive Tier --> Used for Year old backup. Takes longer time and it is costly.

Enable Auto-Tiering --> will decide if backup is tool old and needs to be moved from standard to archive. Not selected by default

Enable Object versioning --> Maintains multiple versions of same file

Object_Storage_Configuration_2

Object_Storage_Configuration_3

  1. Bucket "Test_Bucket" has been created successfully

Object_Storage_Configuration_4

Object_Storage_Configuration_5

Step 2 : Upload objects in bucket

  1. Navigate to the left side of the bucket --> Select "Objects" under Resources --> Click on Upload

Object_Storage_Configuration_6

  1. Drop the files directly in the "Upload Objects" window. Upload a text file and an image file.

Object_Storage_Configuration_7

Object_Storage_Configuration_8

  1. Both the Objects - Test & Image file are now uploaded

Object_Storage_Configuration_9

Step 3 . Create Pre-Authenticated request

  1. Navigate to "Resources" on the left side of the bucket --> Select "Pre-Authenticated request" --> Click on "Create Pre-Authenticated Request"

Object_Storage_Configuration_10

  1. Select Request Target as "Object" and fill all the required details. After that click on Create Pre-Authenticated request

Object_Storage_Configuration_11

  1. "After clicking on Create Pre-Authenticated Request, a tab will appear on the screen containing a Pre-Authenticated Request URL address. You need to copy and save that URL because it will not be shown again.

Object_Storage_Configuration_12

  1. We can share this URL with the person to whom we want to give access for a particular object. They only need to copy the URL address and paste it into any browser to open the object. They can execute read/write actions depending on the access type given to them. The file will open directly

Object_Storage_Configuration_13

Step 4 : Create Lifecycle Rule & Retention Rule

  1. In the current Test Bucket, Auto-Tiering is enabled

Object_Storage_Configuration_14

  1. Navigate to "Resources" on the left side of the bucket --> Select "Lifecycle Policy Rules" --> Click on "Create Rule". We can see that the option for "infrequent access in the lifecycle action" is not available as Auto-Tiering is enabled

Object_Storage_Configuration_15

  1. We need to disable the Auto-Tiering option first. Just click on the Edit option in Auto-Tiering.

Object_Storage_Configuration_16

  1. uncheck Auto-tiering, and click on save changes

Object_Storage_Configuration_17

  1. Now Auto-tiering option is disabled.

Object_Storage_Configuration_18

  1. Now navigate to "Resources" on the left side of the bucket --> Select "Lifecycle Policy Rules" --> Click on "Create Rule" --> Now we are able to select the option "Move to Infrequent access" in lifecycle rule

Object_Storage_Configuration_19

  1. Mention number of days, enabled state and click on create

Object_Storage_Configuration_20

  1. As seen in the error message below, we don't have sufficient permission --> Permissions granted to the object storage service principal "objectstorage-us-ashburn-1" to this bucket are insufficient. (InsufficientServicePermissions)

Object_Storage_Configuration_21

  1. so, first we have to update policy for bucket. Navigate to Burger Menu --> Identity & Security --> Select Policies --> Click on "Create Policy" to create a lifecycle rule, as shown below

'Allow service objectstorage-us-ashburn-1 to manage object-family in compartment NP_Compute'

Object_Storage_Configuration_22

Object_Storage_Configuration_23

Object_Storage_Configuration_24

  1. Now navigate back to the Test_Bucket --> Select "Lifecycle Policy Rules" --> Click on "Create Rule" --> Now we are able to create the Lifecycle policy rule

Object_Storage_Configuration_25

Object_Storage_Configuration_26

Object_Storage_Configuration_27

  1. Also create a Retention Rule as shown below, by selecting "Retention Rules" --> Create Rule

Object_Storage_Configuration_28

Object_Storage_Configuration_29

✅ Summary

In this lab, you learned to:

  • Create an Object Storage bucket in OCI
  • Upload objects (files, images) to the bucket
  • Generate a Pre-Authenticated URL to access an object
  • Configure Lifecycle & Retention rules, and disable Auto-Tiering
  • Use IAM policies to grant Object Storage service rights for lifecycle management

This lab helps you build real-world backup, archival, data sharing, and lifecycle automation using OCI’s object storage features.