LAB 14 (Object Storage Configuration) - arunsinghchauhan38-arch/CLOUDARCHITECTDOC GitHub Wiki

Object Storage Configuration

In Oracle Cloud Infrastructure (OCI), Object Storage configuration refers to the process of setting up and managing buckets, policies, and access methods so you can store and retrieve data securely and efficiently.

Core Components of Object Storage Configuration

1. Buckets

  • Buckets are logical containers for objects (files).

  • You configure:

Name (unique within a namespace).

Compartment (to organize resources).

Storage tier (Standard or Archive).

Encryption (default is Oracle-managed keys, but you can use your own).

2. Namespaces

  • Each tenancy has a unique namespace

  • The namespace is part of the Object Storage URL and ensures uniqueness across regions.

3. Access Control

  • Managed through OCI Identity and Access Management (IAM).

  • You define policies to grant users/groups permissions like:

  • read buckets

  • manage objects

  • write objects

  • Fine-grained access can be controlled with pre-authenticated requests or PARs.

4. Authentication

  • Options include:

Console access (via OCI web interface).

Auth tokens (for CLI or SDKs).

API keys (for programmatic access).

Pre-authenticated requests (temporary public access).

5. Lifecycle Rules

  • Automate object transitions:

  • Move objects to Archive Storage after a set time.

  • Delete objects after retention periods.

  • Helps with compliance and cost optimization.

6. Networking & Security

  • Configure private endpoints if you want Object Storage accessible only within your VCN.

  • Use encryption at rest and in transit (enabled by default).

Steps to Create Bucket

Step 1

Go to burger menu - storage - Object Storage & Archive Storage - Click on Bucket

Before click on Create bucket select the compartment Hub_Compute_and_storage_compartment, now click on Create Bucket

Step 2

Fill the all details and select bucket scope as namespace and Default storage tier as Standard.

After done everything click on Create Bucket.

Step 3 Now we upload object into the bucket

Click on Created Test_Bucket - Object - click on Upload Objects after this we select the select file or image from our computer and upload it and click on next and in last click on upload objects.

Step 4 Create pre-authenticated request**

To Create Pre-authenticated request we go to management option and click on Create pre-authenticated request button

  • Now fill the name - Test-bucket-20260507

  • Pre-authenticated request target Object

  • Object name - image.png (fill the name same as per the object created)

  • Access Type - Select permit object reads

We select expiration date and time for the object file. because its very important for data safety.

After click on create and popup window open with some details from this page we will copy the link before closing it because if we close it without copying it, its not available for view again.

https://objectstorage.us-ashburn-1.oraclecloud.com/p/hCipQMWsnYZ74GrjIvJLLpQ-JH91IJv4ny0uTJKP59-gApPYaHnWrJNvqoEj41vw/n/idbeq2eev32c/b/Test_Bucket/o/image.png

Step 5 Lifecycle policy rules

A lifecycle rule in a bucket (like in Oracle Cloud Infrastructure) is a way to automatically manage your files over time — kind of like setting up a cleaning schedule for your digital storage.

Step 6 Retention rules

A retention rule in an OCI bucket is like putting a “do not delete or change” sticker on your files — for a set amount of time.

During that time, nobody can delete or change those files — not even admins.

You can choose between: (a) Time-bound rules (e.g. keep for 90 days) (b) Indefinite rules (keep forever until you remove the rule) And if you lock the rule, it becomes permanent — even Oracle Support can’t undo it. So it’s powerful, but you’ve got to use it carefully.

Under Resources, select Retention rule, and then click Create rule. fill all the details and click create