Manage EOS buckets, objects, lifecycle rules, CORS settings, and access control from the ENS console.
Activate EOS
In the navigation pane on the left, choose .
Click Activate Now and follow the on-screen instructions to complete the activation.
Bucket management
Create a bucket
By default, each Alibaba Cloud account can create up to 20 buckets in ENS. To increase this quota, contact your Alibaba Cloud sales manager.
Bucket creation is free. You are charged only for object storage and outbound traffic.
The bucket name and node cannot be changed after creation.
Bucket capacity scales elastically. No advance purchase is required.
DNS propagation may take a few minutes after bucket creation. Wait at least 5 minutes before using the bucket to avoid failures.
In the navigation pane on the left, choose .
Click Create Bucket.
On the Create Bucket Ticket page, configure the following parameters, and then click OK.
Parameter
Description
Bucket name
Cannot be changed after creation.
Naming conventions:
Must be globally unique.
Can contain only lowercase letters, digits, and hyphens (-).
Cannot start or end with a hyphen (-).
Must be 3 to 50 characters in length.
Scheduling policy
Specific Nodes
Global Scheduling
NoteGlobal scheduling uses a scheduling policy to distribute data across suitable edge nodes. You do not need to manage specific storage locations. To control the storage location, select Specific Nodes instead.
Node (if you select Specific Nodes)
Select the node for the bucket from the drop-down list.
Cannot be changed after creation.
Scheduling scope (if you select Global Scheduling)
Chinese Mainland
Outside Chinese Mainland
NoteSelect an appropriate scheduling scope based on your business scenario. Cannot be changed after creation.
Endpoint
EOS uses a single global endpoint:
eos.aliyuncs.com.Access control list
Set the bucket ACL. A bucket can have only one ACL, which you can modify at any time. Options:
Private: Only the bucket owner can read from and write to the bucket.
Public Read: Only the bucket owner can write to the bucket. Anyone, including anonymous users, can read the objects in the bucket.
WarningAnyone can access objects in this bucket, which may cause data breaches and unexpected charges. Use with caution.
Public Read/Write: Anyone, including anonymous users, can read from and write to the bucket.
WarningAnyone can read and write data to this bucket, which may cause data breaches, unexpected charges, and legal risks from malicious or illegal uploads. Avoid this setting unless required.
Remarks
1 to 128 characters.
Delete a bucket
Delete unused buckets to avoid ongoing charges.
In the navigation pane on the left, choose .
On the Actions page, find the target bucket and click Delete in the Actions column.
In the confirmation dialog box that appears, click OK.
NoteA bucket must be empty before it can be deleted. A deleted bucket cannot be restored.
Object management
Upload an object
In the navigation pane on the left, choose .
On the Actions page, find the target bucket, and in the Actions column, click Manage to go to the Objects page.
On the Objects page, click Upload File.
In the Upload File panel, configure the following parameters.
Parameter
Description
Upload to
Destination path for the uploaded object.
Current Directory: Uploads the object to the current directory.
NoteOnly the current directory is supported.
Access control list
Select the ACL for the object.
Inherit from Bucket: The object inherits the ACL of the bucket.
NoteOnly inheriting from the bucket is supported.
Upload object
Select files to upload.
Click Scan Files to browse local files, or drag and drop files into the upload area.
Object naming conventions:
Must be UTF-8 encoded.
Case-sensitive.
Cannot start with a forward slash (
/) or a backslash (\).Must be 1 to 1,023 bytes in length.
Click Upload. You can view the upload progress of each object on the Upload Tasks page.
Download an object
Download an object to your browser's default download location or a specified local path.
In the navigation pane on the left, choose .
On the Actions page, find the target bucket, and in the Actions column, click Manage to go to the Objects page.
On the File Management page, find the target file and click Download in the Actions column.
Delete an object
In the navigation pane on the left, choose .
On the Actions page, find the target bucket, and in the Actions column, click Manage to go to the Objects page.
On the File Management page, find the target file and click Delete in the Actions column.
NoteA deleted object cannot be restored. Proceed with caution.
Search objects
Search for objects by name prefix.
In the navigation pane on the left, choose .
On the Actions page, find the target bucket, and in the Actions column, click Manage to go to the Objects page.
On the Objects page, enter an object name prefix in the search box to filter the results.
Lifecycle
Configure lifecycle rules to periodically delete objects based on their last modified time, reducing storage costs. This is useful for compliance, archival, or batch deletion scenarios. Deleted objects cannot be restored.
Create a lifecycle rule
In the navigation pane on the left, choose .
On the Actions page, find the target bucket, click Manage in the Actions column, and then click the Lifecycle tab.
On the Lifecycle tab, click Create Rule.
Configure the following parameters and then click OK.
Parameter
Description
Status
Enable or disable the lifecycle rule.
Enabled: objects are deleted according to the rule.
Disabled: the lifecycle task is suspended.
Applied to
Select Objects with Specified Prefix or Whole Bucket.
Allow overlapping prefixes
Controls whether lifecycle rules with overlapping prefixes are allowed. For example:
Rule 1: delete objects with prefix
dir1/after 180 days.Rule 2: delete objects with prefix
dir1/dir2/after 30 days.
Disabled: the system rejects overlapping rules because objects in
dir1/dir2/match both rules.Enabled: objects in
dir1/dir2/are deleted after 30 days; other objects indir1/are deleted after 180 days.Prefix
The prefix of object names the rule applies to.
If you set the prefix to
test, the rule applies to all objects whose names start withtest, such astestObj.pngandtest/testObj.jpg.If you set the prefix to
test/, the rule applies to all objects whose names start withtest/, such astest/example.jpgandtest/test.jpg.
Object expiration policy
Select Days After Last Modification or Expiration Date.
Lifecycle management rule
Configure when expired objects are deleted.
Example: if the Expiration Date is June 30, 2023, all objects last modified before that date are automatically deleted. Deleted objects cannot be restored.
CORS settings
Browsers enforce a same-origin policy that blocks cross-origin requests between different protocols, domains (or IP addresses), or ports. The following table shows same-origin checks relative to http://www.aliyun.com/org/test.html:
URL | Access result | Reason |
http://www.aliyun.com/org/other.html | Allowed | Same protocol, domain, and port. |
http://www.aliyun.com/org/internal/page.html | Allowed | Same protocol, domain, and port. |
https://www.aliyun.com/page.html | Blocked | Different protocol (HTTPS). |
http://www.aliyun.com:22/dir/page.html | Blocked | Different port (22). |
http://help.aliyun.com/dir/other.html | Blocked | Different domain. |
To allow cross-origin access, configure a CORS rule.
You can create a maximum of 10 CORS rules per bucket.
EOS evaluates CORS rules in order and applies the first match. If no rules match, no CORS headers are returned. This applies to both cross-origin requests and preflight OPTIONS requests.
Log on to the ENS console.
In the left-side navigation pane, select Storage and Snapshots > Edge Object Storage (EOS).
On the Buckets page, find the target bucket and click Manage in the Actions column, and then click the CORS Settings tab.
On the CORS Settings tab, click Create CORS Rules.
On the Add Cross-Origin Rule page, configure the following parameters.
Parameter
Required
Description
Allowed origins
Yes
Origins allowed to make cross-origin requests. Rules:
Enter each rule on a new line.
Include the protocol (
httporhttps).Use an asterisk (
*) as a wildcard. Each rule allows at most one wildcard.For non-default ports, include the port number, such as
https://www.example.com:8080.
Examples:
Specific origin:
https://www.example.com.All subdomains:
https://*.example.com.All origins:
*.
Allowed methods
Yes
Allowed HTTP methods for cross-origin requests.
Allowed headers
No
Allowed headers in cross-origin requests. Rules:
Names are case-insensitive, such as
Content-Type: text/plain.Enter each rule on a new line.
Use an asterisk (
*) as a wildcard. Each rule allows at most one wildcard. We recommend setting this to*unless you have specific requirements.
Exposed headers
No
Response headers accessible to client applications (such as JavaScript
XMLHttpRequest). Wildcards (*) are not allowed.Cache max age (s)
No
Duration in seconds the browser caches a preflight
OPTIONSresponse.Return
Vary: OriginNo
Controls whether to return the
Vary: Originheader.Enable this if your application sends both CORS and non-CORS requests, or if the
Originheader has multiple possible values, to prevent client-side caching issues.ImportantEnabling this option may increase browser requests or CDN back-to-origin requests.
Click OK.
Access control
Modify bucket ACL
Only the bucket owner can modify the bucket ACL.
Changing a bucket ACL affects all objects that inherit the bucket ACL.
In the navigation pane on the left, choose .
On the Access Control List page, find the target bucket and click Access Control List in the Access Control List column.
On the Set Read/Write Permissions page, modify the Bucket ACL based on your requirements.
Click OK.