This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Overview

1: Amazon S3 Usage Guide
2: Monitoring Metrics
3: ServiceWatch Metrics

Service Overview

Object Storage is object storage that allows users to easily store and use the data they want and can be accessed via URL, making data management very convenient. It enables searching and retrieving large-scale data, and you can leverage features such as encryption and version control. Provides both public and private URLs, and public URLs are accessible over the internet.

Features

S3 API utilization: Through a Restful API, applications can access it easily and quickly, and since it is compatible with Amazon S3, it can be used effortlessly in applications that integrate with Amazon S3.
Safe Use: Encryption (SSE‑S3), access control, and Public/Private access features are provided, making it suitable for securely storing user data or backup data for service recovery.
Cost Efficiency: Users do not predefine the bucket’s capacity and are provided storage space with an efficient pricing model that charges only for the amount used.
Replication: You can perform replication to a bucket in a different location or the same location. * You can configure multiple replication policies, and if the source bucket becomes unavailable due to a failure or disaster, you can provide service through the replica bucket.

Configuration diagram

Provided Features

Object Storage provides the following features.

Storage Management: Provides Object Storage creation, folder creation, folder deletion, file upload, file download, and file deletion functions.
Version control: When you use version control, all versions of the uploaded files are managed. * You can easily download previous files by viewing the version list.
Encryption: If you enable encryption, encryption is provided via the SSE‑S3 method.
Access Control: Using access control, you can directly enter the Public IP allowed to access Object Storage or select resources (Virtual Server, Bare Metal Server, VPC Endpoint, etc.) within the same Account that are permitted to access.
Replication: You can perform replication to a bucket in a different location or the same location.
- Multiple replication policies can be configured
Permission Management: It is provided with Private permission by default, and offers Public permission and permission management features.
- Private permission: Allow file access and download only to users who know the authentication key.
- Public permission: Accessing the file via its URL makes the file publicly available and downloadable to anyone worldwide
Monitoring: You can view monitoring information such as total file count, data size (Bytes), and HTTP method request counts through the Cloud Monitoring service.
ServiceWatch Service Integration Offering: You can monitor data through the ServiceWatch service.

Component

Authentication key

The authentication key is a required element that must be created in advance to use Object Storage.
The purpose of using the authentication key is as follows.

In the Samsung Cloud Platform Console, you need an authentication key to create and access the Object Storage service.
The API provided by Object Storage is compatible with Amazon S3, and you can use the same tools that leverage Amazon S3. * At this point, entering an authentication key is required, and it is used as a tool to identify whether the user has the appropriate permissions. For detailed instructions on creating and verifying authentication keys, see How-to guides > 인증키 생성하기.

Bucket

A bucket is the top-level folder, and all folders and files exist under the bucket. When you create an Object Storage service in the Samsung Cloud Platform Console, a bucket is created, and you can subsequently upload folders or files.
The bucket name creation rules are as follows.

Bucket names must be at least 3 characters and at most 63 characters.
Bucket names can consist only of lowercase English letters, numbers, periods. and hyphens-.
Bucket names must start with a lowercase letter or a digit.
Bucket names must not contain two consecutive periods.
Bucket names cannot end with a period or hyphen.
Bucket names cannot have a period and hyphen adjacent to each other.
Bucket names do not use the IP address format (e.g., 192.168.x.x).
The bucket name cannot be admin.
Bucket names must be unique within an Account/Region.
The bucket name you used previously will be available in 1 hour.

Example of a valid bucket name	Example of an invalid bucket name
The following bucket names can be used cpexamplebucket1 scp-example-bucket-01 my-scp-object-storage	The following bucket names cannot be used scp_example_bucket (contains an underscore) DocExampleBucket (contains uppercase letters) -scp-example-bucket (starts with a hyphen)

Example of a valid bucket name

Example of an invalid bucket name

The following bucket names can be used

cpexamplebucket1

scp-example-bucket-01

my-scp-object-storage

The following bucket names cannot be used

scp_example_bucket (contains an underscore)

DocExampleBucket (contains uppercase letters)

-scp-example-bucket (starts with a hyphen)

Folder

A folder (Folder) is used to logically group files.
The folder name generation rules are as follows.

Folder names can consist of Korean characters, English letters, numbers, and special characters.
The special characters that cannot be entered are as follows.

Special characters that cannot be used in folder names

Special characters that cannot be used in folder names
percentage sign`%` ampersand`&` question mark`?` exclamation mark`!` less-than sign`<`, greater-than sign`>` slash`/` equals sign`=` plus sign`+` dollar`$` pound sign`#` apostrophe`’` caret`^` vertical bar/pipe`\`

percentage sign%

ampersand&

question mark?

exclamation mark!

less-than sign<, greater-than sign>

slash/

equals sign=

plus sign+

dollar$

pound sign#

apostrophe’

caret^

vertical bar/pipe\

File

A file (File) refers to data stored in Object Storage and is the same as a regular file.
The filename generation rules are as follows.

Filenames can consist of Korean characters, English letters, numbers, and special characters.
The special characters that cannot be entered are as follows.

Special characters that cannot be used in file names

Special characters that cannot be used in file names
percent sign`%` ampersand`&` question mark`?` exclamation mark`!` less-than sign`<`, greater-than sign`>` slash`/` equals sign`=` plus sign`+` dollar sign`$` pound sign`#` backslash`\` apostrophe`’` caret`^` vertical bar/pipe`\`

percent sign%

ampersand&

question mark?

exclamation mark!

less-than sign<, greater-than sign>

slash/

equals sign=

plus sign+

dollar sign$

pound sign#

backslash\

apostrophe’

caret^

vertical bar/pipe\

Folder names and file names are separated by a slash/. The following are examples of valid folder and file names.

Example of mixed use of folder and file names
3scp-example my.happy_photo-2024/20240101.jpg video/2024/video01.wmv

Example of mixed use of folder and file names

3scp-example

my.happy_photo-2024/20240101.jpg

video/2024/video01.wmv

Reference

The length of the path, including the folder name, file name, and separator (/), is limited to within 1,024 bytes (based on UTF-8 encoding).

URL

You can access the Object Storage bucket via URL. By providing public and private URLs, access is possible not only within the same Samsung Cloud Platform environment but also from external internet environments.
The URL structure is composed as follows.

URL without using Account ID	URL that uses the Account ID
https://[대표URL]/[bucket명]/[폴더명]/[파일명]	https://[대표URL]/[accountId]:[bucket명]/[폴더명]/[파일명]

Category	Explanation	example
Main URL	Representative URL is available at the Object Storage 상세 정보 확인하기 URL Representative URL includes the region name.	-
accountId	account ID When accessing a file that allows Public Access without an authentication key (Access Key, Secret Key), you need to enter the account ID; otherwise, you can connect without an account ID. Refer to Authentication Key and Permission Management	`c2ef8be0481d4094af3c6d046e536d25`
bucket name	User-created bucket name	`bucketname`
Folder name	Folder name where the file is located	`folder/folder01/folder02/`
Filename	File name	`Filename02`

Table. Object Storage URL components

The full URL information for the file can be viewed at View File Information.

Constraints

The limitations of Object Storage are as follows.

Category	Explanation
Number of creatable Object Storage services	No more than 1,000 per region
File name length (including path)	up to 1,024 Bytes
File upload size	Console: Up to 3GB per uploaded file Upload API: Single upload: 5GB, multipart: 5TB
Number of files in the bucket	200 million or fewer

Table. Object Storage constraints

Caution

It is recommended to store no more than 200 million files per bucket. * If the number of files exceeds 200 million, you may experience a sharp performance degradation, so manage the file count.
S3 Backend Filesystem solution (ex. * When using s3fs, objectivefs, etc., we recommend not employing version control. * Performance degradation may occur when using version control.

Reference

After changing IAM permissions, performing an Amazon S3 API call may take up to 30 seconds.
Object Storage cannot be used for file upload and download when the IAM policy uses a temporary authentication type.

Reference

South Korea (kr-south3) region constraints
- File upload and download functions via the Samsung Cloud Platform Console are restricted.
- Use of the S3 API/CLI via a public URL is restricted.
- However, private URL access is possible through resources (such as Virtual Server) created in the Samsung Cloud Platform Console.
Region constraints for South Korea South 1 (kr-south1) and South Korea South 2 (kr-south2)
- A separate firewall rule must be allowed to enable access to the public URL.
- The public URL can be viewed on the Object Storage detail page. * Object Storage Detailed Information Check please refer to it.

Preceding Service

Object Storage has no prerequisite services.

1 - Amazon S3 Usage Guide

Object Storage provides functions such as creating services, viewing lists, retrieving folder lists, creating folders, uploading files, and downloading files through the Samsung Cloud Platform Console. These functions are also available via an API compatible with Amazon S3. Therefore, tools that use Amazon S3 can be used in the same way.
To use Amazon S3’s utility tools, you need to generate and verify an authentication key. For detailed information, see Create Authentication Key.

Amazon S3 API

The list of Amazon S3 APIs supported by the Samsung Cloud Platform Object Storage service is as follows.

Reference

For detailed information about the Amazon S3 API, see the Amazon S3 API Guide.

Category	Detailed description
head-bucket	Retrieve bucket information
list-buckets	List buckets
get-bucket-versioning	Bucket version management query
put-bucket-versioning	Bucket version control modification
get-bucket-encryption	Retrieve bucket encryption settings
put-bucket-encryption	Apply bucket encryption settings
delete-bucket-encryption	Delete bucket encryption configuration
copy-object	Copy, move, rename objects
put-object	Object creation
get-object	Object download
list-objects	Retrieve object list
head-object	Object detail view
get-object-acl	Retrieve Object ACL
delete-object	Object deletion When versioning is enabled, deleting a file adds a Delete Marker to the file, and the Delete Marker becomes the latest version To permanently delete a file, specify the version ID for deletion
list-object-versions	View object version list
delete-object	Delete object version
presign	Issue a Presigned URL for PUT object
get-bucket-acl	Check bucket public permissions
create-bucket	Create bucket
delete-bucket	Delete bucket
get-bucket-cors	Check bucket CORS (Cross OriginResources) configuration
put-bucket-cors	Create bucket CORS (PUT)
delete-bucket-cors	Delete bucket CORS
put-bucket-tagging	Create bucket tagging
get-bucket-tagging	Bucket tagging query
delete-bucket-tagging	Delete bucket tagging
put-bucket-website	Create bucket website
get-bucket-website	View bucket website
delete-bucket-website	Delete bucket website
get-bucket-policy-status	Check bucket policy status
put-bucket-acl	Create bucket ACL
create-multipart-upload	Create multipart upload
upload-part	Perform multipart upload
complete-multipart-upload	Multipart upload completed
list-multipart-uploads	Multipart upload list
abort-multipart-upload	Delete incomplete Multipart upload
put-object-tagging	Object tagging creation
get-object-tagging	Object tagging query
delete-object-tagging	Delete object tagging
list-objects-V2	Object Lookup (v2)
put-object-acl	Create object ACL
list-parts	Parts lookup
put-public-access-block	Create public access block
get-public-access-block	public access block lookup
delete-public-access-block	Delete public access block
put-bucket-lifecycle	Create bucket Lifecycle (only Expiration rule can be used)
get-bucket-lifecycle	View Bucket Lifecycle
delete-bucket-lifecycle	Delete bucket lifecycle
put-bucket-policy	Create bucket policy(* reference)
get-bucket-policy	View bucket policy
delete-bucket-policy	Delete bucket policy
put-bucket-replication	Edit bucket replication policy When using replication-configuration, verify the following Role: IAM SRN required Rules > Destination Bucket: Bucket SRN required If the Rule ID is not provided, it is automatically generated with a random value Rule priority is not applied, so any value entered has no effect (you can set all to 1) Changing the Rule ID creates a new policy (the existing policy is deleted)
get-bucket-replication	Retrieve bucket replication policy
delete-bucket-replication	Delete bucket replication policy

Table. List of Amazon S3 supported APIs

Example of creating a bucket policy

put-bucket-policy when used, refer to the following example.

{
  "Statement": [
    {
      "Action": "s3:*",
      "Condition": {
        "IpAddress": {
          "scp:SourceIp": []
        },
    &#34;Resource&#34;: {
      &#34;scp:SourceDBaaSId&#34;: [],
      &#34;scp:SourceResourceId&#34;: [],
      &#34;scp:SourceVpcEndpointId&#34;: []
    },
&amp;#34;Service&amp;#34;: {
  &amp;#34;scp:ServiceScf&amp;#34;: &amp;#34;false&amp;#34;
}
},
&#34;Effect&#34;: &#34;Allow&#34;,
&#34;Principal&#34;: &#34;*&#34;,&#34;Resource&#34;: [
&#34;Object Storage SRN&#34;,
&#34;Object Storage SRN/*&#34;
]
}
],"Version": "2012-10-17"
}

Action, Effect, Principal, Resource cannot be modified.
- Enter the Object Storage SRN and Object Storage SRN/* in Resource.
Condition in IpAddress, Resource, Service can be modified as follows.
- IpAddress: Enter a single IP or CIDR format.
- Resource: Enter each resource ID.
- Service: false or true
- For detailed information about permissible targets, refer to Setting Access Control.

Amazon S3 CLI

To use Amazon S3 with the AWS CLI, refer to the Amazon S3 CLI Guide.

Amazon S3 SDK for Java

To use the Amazon S3 SDK for Java, please refer to Amazon S3 SDK Guide.

Reference

For SDK guides and Rest API guides for other languages, see the AWS official website.

Reference

Refer to the following for the region parameter required to use the Amazon S3 SDK.
- For Korea West (kr-west1): kr-west
- When South Korea 1,2,3 (kr-south1,2,3): kr-south
The region parameter is for reference only, and the actual region is determined based on the URL.

Reference

South Korea Region 3 (kr-south3) constraints
- File upload and download capabilities are limited through the Samsung Cloud Platform Console.
- Use of the S3 API/CLI via a public URL is restricted.
- However, private URL access is possible through resources (such as Virtual Server) created in the Samsung Cloud Platform Console.
South Korea South 1 (kr-south1), South Korea South 2 (kr-south2) region restrictions
- To access the public URL, you must allow a separate firewall configuration.
- You can view the public URL address on the Object Storage details page. Refer to Check Object Storage Details.

2 - Monitoring Metrics

Cloud Monitoring service termination notice

According to Samsung Cloud Platform’s policy, the Cloud Monitoring service is scheduled to be discontinued.
Accordingly, after the September 2026 release, resource monitoring of the Samsung Cloud Platform via Cloud Monitoring will no longer be possible.

With the new alternative service, you can continuously perform resource monitoring by using ServiceWatch, released in October 2025.
ServiceWatch provides more modern and powerful features, replacing Cloud Monitoring to deliver a smooth monitoring environment.

Detailed information about ServiceWatch is available in the ServiceWatch Overview.

Object Storage Monitoring Metrics

The table below shows the monitoring metrics for Object Storage that can be viewed through Cloud Monitoring. For detailed usage of Cloud Monitoring, refer to the Cloud Monitoring guide.

Performance Item Name	Explanation	unit
Objects	Number of objects stored in the bucket	cnt
Bucket Used	Amount of data stored in the bucket (bytes)	bytes
Requests [Upload Avg]	Upload usage per bucket	bytes
Requests [Download Avg]	Download usage per bucket	bytes
Requests [Total]	Total number of HTTP requests executed in the bucket	cnt
Requests [Get]	Number of HTTP GET requests executed on objects in the bucket	cnt
Requests [Head]	Number of HTTP HEAD requests executed for objects in the bucket	cnt
Requests [List]	Number of LIST requests executed for objects in the bucket	cnt
Requests [Post]	Number of HTTP POST requests executed on objects in the bucket	cnt
Requests [Put]	Number of HTTP PUT requests executed on objects in the bucket	cnt
Requests [Delete]	Number of HTTP DELETE requests executed on objects within the bucket	cnt

Table. Object Storage Monitoring Metrics

3 - ServiceWatch Metrics

Object Storage sends metrics to ServiceWatch. The metrics provided by default monitoring are data collected at 5‑minute intervals. In Object Storage, you can view replication metrics by policy in ServiceWatch by enabling ServiceWatch replication metrics per bucket.

Refer to How-to guides > Object Storage Activating Replication Metrics for how to enable ServiceWatch replication metrics.

Reference

For how to view metrics in ServiceWatch, refer to the ServiceWatch guide.

Basic Metrics

The following are the basic metrics for the Object Storage namespace.

The indicators whose names are displayed in bold below are the key indicators selected from the basic metrics provided by Object Storage. Key metrics are used to configure service dashboards that are automatically generated for each service in ServiceWatch.

Each metric indicates through the user guide which statistical value is meaningful when viewing that metric, and among the meaningful statistics, the statistical values shown in bold text are the primary statistics. In the service dashboard, primary metrics can be viewed using the primary statistical values.

Performance items	Detailed description	unit	Meaningful statistics
object_count	Number of objects stored in the bucket	Count	average
object_byte	Amount of data stored in the bucket	Bytes	average

Table. Object Storage Basic Metrics

Replication Metric

The following are replication metrics. Replication metrics are collected per replication policy. Replication metrics are collected only when ServiceWatch replication metrics are enabled for each bucket. The replication metrics are as follows.

Performance items	Detailed description	unit	Meaningful statistics
replication_total_count	Total number of objects to be transferred	Count	maximum
replication_transferred_count	Number of transmitted objects	Count	Total
replication_progress_count	Number of objects being transferred	Count	maximum
replication_queued_count	Number of objects pending transmission	Count	maximum
replication_pending_count	Number of objects with transmission delay	Count	maximum
replication_failure_count	Number of failed transmission objects	Count	Total
replication_total_bytes	Total transfer target size	Bytes	maximum
replication_transferred_bytes	Data transferred	Bytes	Total
replication_max_processing_time	Maximum processing time	Seconds	maximum
replication_avg_processing_time	Average processing time	Seconds	average

Table. Object Storage replication metrics