IBM Cloud Object Storage (S3) FAQ

Differences between Class A & B requests for COS (S3)

Cloud Object Storage S3 Standard

Class Requests Examples
Class A PUT, COPY, and POST requests, as well as GET requests used to list buckets and objects Creating buckets, uploading or copying objects, listing buckets, listing contents of buckets, setting ACLs, and setting CORS configurations
Class B GET (excluding listing), HEAD, and OPTIONS requests Retrieving objects and metadata


How do I interact with COS (S3)?

There are several ways to interact with COS (S3).

  • S3 API, Swift API, Simple API and IRODS
  • The Webbased GUI

More information can be found on the specific tooling pages in 'How do I?' below

What is the file upload limit for COS (S3)?

COS (S3) storage is continuously growing. There is no hard set storage limit for an account. Customers can upload as much and as many files as they'd like. This only limitations are the file size limitation mentioned in the relevant FAQ.

IBM COS (S3) Object size Limitations

When using the portal to add an object, the file size is limited to 20 megabytes. When using the API, objects as large as 5 gigabytes can be uploaded in a single PUT, and as large as 5 terabytes when using a multi-part upload.

How is IBM COS (S3) billed?

There is a combination of three components:

  • Storage Utilization (GB/month, Tiered)
  • Bandwidth Consumption (GB/Month, Tiered)
  • Operational Requests (Class A and Class B)

For the most up to date information on how this product is billed, visit: Object Storage.

Is my data secure on IBM COS (S3)?

IBM Cloud Object Storage uses an innovative approach for cost-effectively storing large volumes of unstructured data while ensuring security, availability and reliability. This is accomplished by using Information Dispersal Algorithms (IDAs) to separate data into unrecognizable “slices” that are distributed across a network of data centers, making transmission and storage of data inherently private and secure. No complete copy of the data resides in any single storage node, and only a subset of nodes needs to be available in order to fully retrieve the data on the network.

Objects in IBM COS are encrypted at rest. This technology individually encrypts each object using per-object generated keys. These keys are secured and reliably stored using the same Information Dispersal Algorithms that protect object data using an All-or-Nothing Transform (AONT), which prevents key data from being disclosed if individual nodes or hard drives are compromised.

Storage can be accessed over HTTPS, and internally storage devices are certified and communicate with each other using TLS.

Data deletion

After data is deleted various mechanisms exist which prevent recovery or reconstruction of the deleted objects. The deletion of an object undergoes various stages, from marking the meta-data indicating the object as deleted, to removing the content regions, to the finalization of the erasure on the drives themselves until the eventual overwriting the blocks representing that slice data. Depending on whether one compromised the data center or has possession of the physical disks, the time an object becomes unrecoverable depends on the phase of the delete operation. When the metadata object is updated, clients external from the data center network can no longer read the object. When a majority of slices representing the content regions have been finalized by the storage devices, it is not possible to access the object.

Tenant isolation

IBM COS Cross-Region is a shared infrastructure, multi-tenant object storage solution. If your workload requires dedicated or isolated storage, contact your sales representative.

IBM COS (S3) Endpoints

Current IBM COS (S3) Endpoints

US Region public
Dallas public
San Jose public
Washington, DC public

*Custom Private Addressing