Operations on buckets
The StorageGRID system supports a maximum of 5,000 buckets for each S3 tenant account.
Each grid can have a maximum of 100,000 buckets.
To support 5,000 buckets, each Storage Node in the grid must have a minimum of 64 GB of RAM.
Bucket name restrictions follow the AWS US Standard region restrictions, but you should further restrict them to DNS naming conventions to support S3 virtual hosted-style requests.
See the following for more information:
The ListObjects (GET Bucket) and ListObjectVersions (GET Bucket object versions) operations support StorageGRID consistency values.
You can check whether updates to last access time are enabled or disabled for individual buckets. See GET Bucket last access time.
The following table describes how StorageGRID implements S3 REST API bucket operations. To perform any of these operations, the necessary access credentials must be provided for the account.
Operation | Implementation |
---|---|
CreateBucket |
Creates a new bucket. By creating the bucket, you become the bucket owner.
|
DeleteBucket |
Deletes the bucket. |
DeleteBucketCors |
Deletes the CORS configuration for the bucket. |
DeleteBucketEncryption |
Deletes the default encryption from the bucket. Existing encrypted objects remain encrypted, but any new objects added to the bucket aren't encrypted. |
DeleteBucketLifecycle |
Deletes the lifecycle configuration from the bucket. See Create S3 lifecycle configuration. |
DeleteBucketPolicy |
Deletes the policy attached to the bucket. |
DeleteBucketReplication |
Deletes the replication configuration attached to the bucket. |
DeleteBucketTagging |
Uses the Caution: If a non-default ILM policy tag is set for this bucket, there will be a |
GetBucketAcl |
Returns a positive response and the ID, DisplayName, and Permission of the bucket owner, indicating that the owner has full access to the bucket. |
GetBucketCors |
Returns the |
GetBucketEncryption |
Returns the default encryption configuration for the bucket. |
GetBucketLifecycleConfiguration (previously named GET Bucket lifecycle) |
Returns the lifecycle configuration for the bucket. See Create S3 lifecycle configuration. |
GetBucketLocation |
Returns the region that was set using the |
GetBucketNotificationConfiguration (previously named GET Bucket notification) |
Returns the notification configuration attached to the bucket. |
GetBucketPolicy |
Returns the policy attached to the bucket. |
GetBucketReplication |
Returns the replication configuration attached to the bucket. |
GetBucketTagging |
Uses the Caution: If a non-default ILM policy tag is set for this bucket, there will be a |
GetBucketVersioning |
This implementation uses the
|
GetObjectLockConfiguration |
Returns the bucket default retention mode and default retention period, if configured. |
HeadBucket |
Determines if a bucket exists and you have permission to access it. This operation returns:
|
ListObjects and ListObjectsV2 (previously named GET Bucket) |
Returns some or all (up to 1,000) of the objects in a bucket. The Storage Class for objects can have either of two values, even if the object was ingested with the
If the bucket contains large numbers of deleted keys that have the same prefix, the response might include some |
ListObjectVersions (previously named GET Bucket Object versions) |
With READ access on a bucket, using this operation with the |
PutBucketCors |
Sets the CORS configuration for a bucket so that the bucket can service cross-origin requests. Cross-origin resource sharing (CORS) is a security mechanism that allows client web applications in one domain to access resources in a different domain. For example, suppose you use an S3 bucket named |
PutBucketEncryption |
Sets the default encryption state of an existing bucket. When bucket-level encryption is enabled, any new objects added to the bucket are encrypted.StorageGRID supports server-side encryption with StorageGRID-managed keys. When specifying the server-side encryption configuration rule, set the Bucket default encryption configuration is ignored if the object upload request already specifies encryption (that is, if the request includes the |
PutBucketLifecycleConfiguration (previously named PUT Bucket lifecycle) |
Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle configuration. StorageGRID supports up to 1,000 lifecycle rules in a lifecycle configuration. Each rule can include the following XML elements:
StorageGRID does not support these actions:
See Create S3 lifecycle configuration. To understand how the Expiration action in a bucket lifecycle interacts with ILM placement instructions, see How ILM operates throughout an object’s life. Note: Bucket lifecycle configuration can be used with buckets that have S3 Object Lock enabled, but bucket lifecycle configuration is not supported for legacy Compliant buckets. |
PutBucketNotificationConfiguration (previously named PUT Bucket notification) |
Configures notifications for the bucket using the notification configuration XML included in the request body. You should be aware of the following implementation details:
|
PutBucketPolicy |
Sets the policy attached to the bucket. See Use bucket and group access policies. |
PutBucketReplication |
Configures StorageGRID CloudMirror replication for the bucket using the replication configuration XML provided in the request body. For CloudMirror replication, you should be aware of the following implementation details:
|
PutBucketTagging |
Uses the
Caution: If a non-default ILM policy tag is set for this bucket, there will be a Note: This operation will overwrite any current tags the bucket already has. If any existing tags are omitted from the set, those tags will be removed for the bucket. |
PutBucketVersioning |
Uses the
|
PutObjectLockConfiguration |
Configures or removes the bucket default retention mode and default retention period. If the default retention period is modified, the retain-until-date of existing object versions remains the same and is not recalculated using the new default retention period. See Use S3 REST API to configure S3 Object Lock for detailed information. |