Object Storage Compartments for the Amazon S3 Compatibility API and Swift API
Learn about how Object Storage provides API support for both Amazon S3 Compatibility API and Swift API. You can choose the default the compartment where this data is stored.
In the Object Storage service, a bucket is a container for storing objects in a compartment within an Object Storage namespace. A bucket is associated with a single compartment and data is stored as objects in buckets.
In addition to the native Object Storage APIs, Object Storage provides API support for both Amazon S3 Compatibility API and Swift API. However these APIs don't understand the Oracle Cloud Infrastructure concept of a compartment. By default, buckets created using the Amazon S3 Compatibility API or the Swift API are created in the root compartment of the Oracle Cloud Infrastructure tenancy. Instead, you can designate a different compartment for the Amazon S3 Compatibility API or Swift API to create buckets in.
When you choose a different compartment to use for the Amazon S3 Compatibility API or Swift API, any new buckets you create using the Amazon S3 Compatibility API or the Swift API are created in this compartment. Buckets created earlier in a different compartment aren't automatically moved to the newly-designated compartment. See Object Storage Buckets to move buckets you created earlier to this compartment.
You can perform the following tasks for the Amazon S3 Compatibility API and Swift API compartment designations:
Required IAM Policy
To use Oracle Cloud Infrastructure, you must be granted security access in a policy by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don't have permission or are unauthorized, verify with your administrator what type of access you have and which compartment to work in.
Compartments have policies that indicate what actions a user can perform on a bucket and all the objects in the bucket.
For administrators:
-
To change the default compartments for Amazon S3 Compatibility API and Swift API, a user must belong to a group with
OBJECTSTORAGE_NAMESPACE_UPDATE
permissions. -
To see the current default compartments for Amazon S3 Compatibility API and Swift API, a user must belong to a group with
OBJECTSTORAGE_NAMESPACE_READ
permissions. -
To move a bucket to a different compartment, a user must belong to a group with
BUCKET_UPDATE
andBUCKET_CREATE
permissions in the source compartment, andBUCKET_CREATE
permissions in the target compartment.
If you're new to policies, see Getting Started with Policies and Common Policies. To dig deeper into writing policies for buckets and objects, see Details for Object Storage, Archive Storage, and Data Transfer.