4 Managing Your Object Storage Classic Account

This section provides documentation on how to set and view metadata for your Oracle Cloud Infrastructure Object Storage Classic account.

Setting Account Metadata

Custom metadata are arbitrary key-value pairs associated with an account. You may create any custom or arbitrary metadata you need.

Any user with the Service Administrator role can perform this task.

You can set the account metadata by using the following interfaces:
Interface Resources

Web Console

(Not available on Oracle Cloud at Customer)

See Setting Account Metadata Using the Web Console.

RESTful API

See Create, Update or Delete Account Metadata in REST API for Standard Storage in Oracle Cloud Infrastructure Object Storage Classic.

File Transfer Manager API

See class: AccountMetadata in Java API Reference for Oracle Cloud Infrastructure Object Storage Classic File Transfer Manager.

File Transfer Manager CLI

See Setting Account Metadata in Command-Line Reference for Oracle Cloud Infrastructure Object Storage Classic.

Setting Account Metadata Using the Web Console

(Not available on Oracle Cloud at Customer)
  1. Sign in to the Oracle Cloud Infrastructure Object Storage Classic console.
  2. Expand Account Information.
  3. Click Edit.

    In the Account Information pane, look for Custom Metadata.

  4. Click Add Metadata.
  5. Enter the metadata name and value.

    Note:

    Ensure that the metadata name and value comply with the input restrictions mentioned in Character Restrictions.
  6. Click Save.

Setting Account Metadata Using the REST API

cURL Command Syntax

curl -v -X POST \
     -H "X-Auth-Token: token" \
     -H "X-Account-Meta-Name: value" \
     accountURL

HTTP Response Codes

cURL Command Examples

Sample Cloud account with the following details:
  • Account name: acme
  • REST Endpoint URL: https://acme.storage.oraclecloud.com/v1/Storage-acme
  • REST Endpoint (Permanent) URL: https://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365

    Note:

    The REST Endpoint (Permanent) URL is displayed for the accounts created after November 2017.
  • Using the REST Endpoint URL obtained from the REST Endpoint field:
    curl -v -X POST \
         -H "X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b" \
         -H "X-Account-Meta-Owner: IT" \
         https://acme.storage.oraclecloud.com/v1/Storage-acme
    

    The following is an example of the output of this command:

    > POST /v1/Storage-acme HTTP/1.1
    > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    > Host: acme.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b
    > X-Account-Meta-Owner: IT
    >
    < HTTP/1.1 204 No Content
    < Date: Fri, 06 Mar 2015 11:44:29 GMT
    < Content-Length: 0
    < Content-Type: text/html; charset=UTF-8
    < X-Trans-Id: tx0742dd38e3a445529860a-0054f9931d
    < Cache-Control: no-cache
    < Pragma: no-cache
    < Content-Language: en
    <
    
  • Using the Service Permanent REST Endpoint URL obtained from the REST Endpoint (Permanent) field:

    Note:

    This cURL command example applies to the accounts created after November 2017.
    curl -v -X POST \
         -H "X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b" \
         -H "X-Account-Meta-Owner: IT" \
         https://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365
    

    The following is an example of the output of this command:

    > POST /v1/Storage-7b16fede61e1417ab83eb52e06f0e365 HTTP/1.1
    > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    > Host: storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b
    > X-Account-Meta-Owner: IT
    >
    < HTTP/1.1 204 No Content
    < Date: Fri, 06 Mar 2015 11:44:29 GMT
    < Content-Length: 0
    < Content-Type: text/html; charset=UTF-8
    < X-Trans-Id: tx0742dd38e3a445529860a-0054f9931d
    < Cache-Control: no-cache
    < Pragma: no-cache
    < Content-Language: en
    <
    

For information about deleting account metadata, see Deleting Account Metadata.

For information about viewing account metadata, see Getting Account Metadata.

Getting Account Metadata

Any user within the identity domain can perform this task.

You can retrieve the following information about your account:

  • Replication Policy (X-Account-Meta-Policy-Georeplication)
  • Support for archive containers (X-Account-Meta-Policy-Archive)
  • Account quota, in bytes (X-Account-Meta-Quota-Bytes)
  • Total number of objects created in all the containers in the account (X-Account-Object-Count)
  • Number of containers in the account (X-Account-Container-Count)
  • Storage space used, in bytes (X-Account-Bytes-Used)
  • Custom account metadata (X-Account-Meta-Name)
You can view the account metadata by using the following interfaces:
Interface Resources

Web Console

(Not available on Oracle Cloud at Customer)

See Getting Account Metadata Using the Web Console.

RESTful API

See

File Transfer Manager API

See AccountMetadata in Java API Reference for Oracle Cloud Infrastructure Object Storage Classic File Transfer Manager.

File Transfer Manager CLI

See Getting Account Metadata in Command-Line Reference for Oracle Cloud Infrastructure Object Storage Classic.

Getting Account Metadata Using the Web Console

(Not available on Oracle Cloud at Customer)
  1. Sign in to the Oracle Cloud Infrastructure Object Storage Classic console.
  2. Expand Account Information.

    The details of the account are displayed in the Account Information pane.

Getting Account Metadata Using the REST API

You can retrieve information about your Oracle Cloud Infrastructure Object Storage Classic account by sending a HEAD request to the account.

cURL Command Syntax

curl -v -X HEAD \
     -H "X-Auth-Token: token" \
     accountURL

HTTP Response Codes

cURL Command Examples

Sample Cloud account with the following details:
  • Account name: acme
  • REST Endpoint URL: https://acme.storage.oraclecloud.com/v1/Storage-acme
  • REST Endpoint (Permanent) URL: https://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365

    Note:

    The REST Endpoint (Permanent) URL is displayed for the accounts created after November 2017.
  • Using the REST Endpoint URL obtained from the REST Endpoint field:
    curl -v -X HEAD \
         -H "X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b" \
         https://acme.storage.oraclecloud.com/v1/Storage-acme
    

    The following is an example of the output of this command:

    > HEAD /v1/Storage-acme HTTP/1.1
    > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    > Host: acme.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b
    >
    < HTTP/1.1 204 No Content
    < Accept-Ranges: bytes
    < X-Account-Object-Count: 4510
    < X-Account-Bytes-Used: 72691758435
    < X-Account-Meta-Policy-Georeplication: us2
    < X-Account-Meta-Policy-Archive: arch-us2
    < X-Timestamp: 1412823447.62495
    < X-Account-Meta-Test5: test1
    < X-Account-Container-Count: 40
    < X-Account-Meta-Owner: IT
    < X-Account-Meta-Test1: test1
    < X-Account-Meta-Test: test
    < X-Trans-Id: tx8c2e61b26e684f77975a8-0057578589ga
    < Date: Wed, 08 Jun 2016 02:40:09 GMT
    < Connection: keep-alive
    < X-Last-Modified-Timestamp: 1412823447.62495
    < Content-Type: text/plain;charset=UTF-8
    
  • Using the Service Permanent REST Endpoint URL obtained from the REST Endpoint (Permanent) field:

    Note:

    This cURL command example applies to the accounts created after November 2017.
    curl -v -X HEAD \
         -H "X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b" \
         https://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365
    

    The following is an example of the output of this command:

    > HEAD /v1/Storage-7b16fede61e1417ab83eb52e06f0e365 HTTP/1.1
    > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    > Host: storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b
    >
    < HTTP/1.1 204 No Content
    < Accept-Ranges: bytes
    < X-Account-Object-Count: 4510
    < X-Account-Bytes-Used: 72691758435
    < X-Account-Meta-Policy-Georeplication: us2
    < X-Account-Meta-Policy-Archive: arch-us2
    < X-Timestamp: 1412823447.62495
    < X-Account-Meta-Test5: test1
    < X-Account-Container-Count: 40
    < X-Account-Meta-Owner: IT
    < X-Account-Meta-Test1: test1
    < X-Account-Meta-Test: test
    < X-Trans-Id: tx8c2e61b26e684f77975a8-0057578589ga
    < Date: Wed, 08 Jun 2016 02:40:09 GMT
    < Connection: keep-alive
    < X-Last-Modified-Timestamp: 1412823447.62495
    < Content-Type: text/plain;charset=UTF-8
    

Deleting Account Metadata

You can delete account metadata by using the following interfaces:
Interface Resources

Oracle Cloud Infrastructure Object Storage Classic Console

(Not available on Oracle Cloud at Customer)
See Deleting Account Metadata Using the Web Console.

RESTful API

See:

Deleting Account Metadata Using the Web Console

(Not available on Oracle Cloud at Customer)
  1. Sign in to the Oracle Cloud Infrastructure Object Storage Classic console.
  2. Expand Account Information.
  3. Click Edit.

    In the Account Information pane, look for Custom Metadata.

  4. Identify the metadata name and value that you want to delete.
  5. Click the delete button on the right side of the metadata value.
  6. Click Save.

    The metadata name and value are deleted.

Deleting Account Metadata Using the REST API

cURL Command Syntax

curl -v -X POST \
     -H "X-Auth-Token: token" \
     -H "X-Remove-Account-Meta-Name: any_arbitrary_string" \
     accountURL

Note:

When you send a REST API request to Oracle Cloud Infrastructure Object Storage Classic, all non-ASCII characters in container names, object names and metadata values must be URL-encoded. For example, my container should be encoded as my%20container, where %20 is the HTML encoding for the space character. Similarly, my Über Container should be encoded as my%20%C3%9Cber%20Container, where %20 represents the space character and %C3%9C is the Ü character.

HTTP Response Codes

cURL Command Examples

Sample Cloud account with the following details:
  • Account name: acme
  • REST Endpoint URL: https://acme.storage.oraclecloud.com/v1/Storage-acme
  • REST Endpoint (Permanent) URL: https://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365

    Note:

    The REST Endpoint (Permanent) URL is displayed for the accounts created after November 2017.
  • Using the REST Endpoint URL obtained from the REST Endpoint field:
    curl -v -X POST \
         -H "X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b" \
         -H "X-Remove-Account-Meta-Category: IT" \
         https://acme.storage.oraclecloud.com/v1/Storage-acme
    

    The following is an example of the output of this command:

    > POST /v1/Storage-acme HTTP/1.1
    > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    > Host: acme.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b
    > X-Remove-Account-Meta-Category: IT
    >
    < HTTP/1.1 204 No Content
    < Accept-Encoding: identity
    < X-Account-Meta-Category:
    < Is_ssl: ssl
    < User-Agent: proxy-server 39062
    < Host: 160.34.16.120
    < Referer: POST http://acme.storage.oraclecloud.com/v1/Storage-acme
    < X-Trans-Id: txdad3557bf8694b95a71d3-00585b78f3ga
    < X-Timestamp: 1482389747.77487
    < Date: Thu, 22 Dec 2016 06:55:47 GMT
    < Connection: keep-alive
    < X-Last-Modified-Timestamp: 1482389747.77487
    < Content-Type: text/html;charset=UTF-8
    
  • Using the Service Permanent REST Endpoint URL obtained from the REST Endpoint (Permanent) field:

    Note:

    This cURL command example applies to the accounts created after November 2017.
    curl -v -X POST \
         -H "X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b" \
         -H "X-Remove-Account-Meta-Category: IT" \
         https://Sstorage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365
    

    The following is an example of the output of this command:

    > POST /v1/Storage-7b16fede61e1417ab83eb52e06f0e365 HTTP/1.1
    > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    > Host: storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b
    > X-Remove-Account-Meta-Category: IT
    >
    < HTTP/1.1 204 No Content
    < Accept-Encoding: identity
    < X-Account-Meta-Category:
    < Is_ssl: ssl
    < User-Agent: proxy-server 39062
    < Host: 160.34.16.120
    < Referer: POST http://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365
    < X-Trans-Id: txdad3557bf8694b95a71d3-00585b78f3ga
    < X-Timestamp: 1482389747.77487
    < Date: Thu, 22 Dec 2016 06:55:47 GMT
    < Connection: keep-alive
    < X-Last-Modified-Timestamp: 1482389747.77487
    < Content-Type: text/html;charset=UTF-8
    

Enabling Audit Logging

Audit logging provides usage accountability of the account and the resources created in the account. To record all the activities performed in an account for compliance reasons, you can use audit logs. For example: You can find out when an object was deleted and by whom.
Any user with the Service Administrator role can perform this task.
  1. Create a container to store all the audit log events.
  2. Configure the account to enable audit logging by specifying the container you’ve created to store the audit log events.

    Send a POST request to update the account metadata using the following header key: X-Account-Meta-Audit-Log-Container.

    The header value is name of the container you want to use for storing the audit log events.

  3. List the events stored in the container to view the events.

To disable audit logging, send a POST request with the header X-Remove-Account-Meta-Audit-Log-Container.

Example:

Sample Cloud account with the following details:
  • Account name: acme
  • REST Endpoint URL: https://acme.storage.oraclecloud.com/v1/Storage-acme
  • REST Endpoint (Permanent) URL: https://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365

    Note:

    The REST Endpoint (Permanent) URL is displayed for the accounts created after November 2017.

The REST Endpoint URL for the sample Cloud account is used in the steps below. To use the REST Endpoint (Permanent) URL, replace https://acme.storage.oraclecloud.com/v1/Storage-acme with https://storage-7b16fede61e1417ab83eb52e06f0e365.storage.oraclecloud.com/v1/Storage-7b16fede61e1417ab83eb52e06f0e365.

  1. Create a container auditlog to store all of the audit log events.
    curl -v -X PUT \
         -H "X-Auth-Token: AUTH_tk6f5584fffdadc60870c876590efd9e18" \
         https://acme.storage.oraclecloud.com/v1/Storage-acme/auditlog
    

    The following is an example of the output of this command:

    > PUT /v1/Storage-acme/auditlog HTTP/1.1
    > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    > Host: acme.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tkb4fdf39c92e9f62cca9b7c196f8b6e6b
    >
    < HTTP/1.1 201 Created
    < Date: Mon, 11 Jun 2018 03:59:35 GMT
    < Content-Length: 0
    < Content-Type: text/html; charset=UTF-8
    < X-Trans-Id: tx23a1084b8c674fdeae8d4-0054f982ac
    < Cache-Control: no-cache
    < Pragma: no-cache
    < Content-Language: en
    
  2. Associate the container auditlog to the account to enable audit logging.
    curl -v -X POST \
         -H 'X-Account-Meta-Audit-Log-Container: auditlog' 
         -H 'X-Auth-Token: AUTH_tk6f5584fffdadc60870c876590efd9e18' 
         https://acme.storage.oraclecloud.com/v1/Storage-acme

    The following is an example of the output of this command:

    > User-Agent: curl/7.29.0
    > Host: acme.storage.oraclecloud.com
    > Accept: */*
    > X-Account-Meta-Audit-Log-Container: auditlog
    > X-Auth-Token: AUTH_tk6f5584fffdadc60870c876590efd9e18
    >
    < HTTP/1.1 204 No Content
    < Accept-Encoding: identity
    < Is_ssl: ssl
    < User-Agent: proxy-server 4924
    < Host: 10.193.9.53
    < X-Timestamp: 1528689575.91230
    < X-Trans-Id: txe2f83090f27a4af0b33b9-005b1df3a7ga
    < X-Trans-Id: txe2f83090f27a4af0b33b9-005b1df3a7ga
    < Referer: POST http://acme.storage.oraclecloud.com/v1/Storage-acme
    < Server: Oracle-Storage-Cloud-Service
    < X-Account-Meta-Audit-Log-Container: auditlog
    < Date: Mon, 11 Jun 2018 03:59:35 GMT
    < Connection: keep-alive
    < X-Last-Modified-Timestamp: 1528689575.91230
    < Content-Type: text/html;charset=UTF-8
  3. List all the events stored in the container auditlog to view the audit log.
    curl -v -X GET 
         -H 'X-Auth-Token: AUTH_tk6f5584fffdadc60870c876590efd9e18' 
         https://acme.storage.oraclecloud.com/v1/Storage-acme/auditlog

    The following is an example of the output of this command:

    > User-Agent: curl/7.29.0
    > Host: acme.storage.oraclecloud.com
    > Accept: */*
    > X-Auth-Token: AUTH_tk6f5584fffdadc60870c876590efd9e18
    >
    < HTTP/1.1 200 OK
    < X-Container-Object-Count: 1
    < X-Container-Write: acme.Storage.Storage_ReadWriteGroup
    < Accept-Ranges: bytes
    < X-Timestamp: 1528689463.04771
    < X-Container-Read: acme.Storage.Storage_ReadOnlyGroup,acme.Storage.Storage_ReadWriteGroup
    < X-Container-Bytes-Used: 1171
    < X-Trans-Id: txda33e2beffc14a46a8e0f-005b1df3f1ga
    < Date: Mon, 11 Jun 2018 04:00:49 GMT
    < Connection: keep-alive
    < X-Storage-Class: Standard
    < X-Container-Meta-Policy-Georeplication: container
    < X-Container-Policies-Enabled: replication
    < X-Last-Modified-Timestamp: 1528689462.70216
    < Content-Type: text/plain;charset=utf-8
    < Content-Length: 24
  4. (Optional) Disable audit logging in the account.
    curl -v -X POST \
         -H 'X-Remove-Account-Meta-Audit-Log-Container: d' 
         -H 'X-Auth-Token: AUTH_tk6f5584fffdadc60870c876590efd9e18' 
         https://acme.storage.oraclecloud.com/v1/Storage-acme

    The following is an example of the output of this command:

    > User-Agent: curl/7.29.0
    > Host: acme.storage.oraclecloud.com
    > Accept: */*
    > X-Remove-Account-Meta-Audit-Log-Container: d
    > X-Auth-Token: AUTH_tk6f5584fffdadc60870c876590efd9e18
    >
    < HTTP/1.1 204 No Content
    < Accept-Encoding: identity
    < Is_ssl: ssl
    < User-Agent: proxy-server 27794
    < Host: 10.193.9.53
    < X-Timestamp: 1528689790.13098
    < X-Trans-Id: tx47b76bc5475a452ba0d7b-005b1df47ega
    < X-Trans-Id: tx47b76bc5475a452ba0d7b-005b1df47ega
    < Referer: POST http://acme.storage.oraclecloud.com/v1/Storage-acme
    < Server: Oracle-Storage-Cloud-Service
    < X-Account-Meta-Audit-Log-Container:
    < Date: Mon, 11 Jun 2018 04:03:10 GMT
    < Connection: keep-alive
    < X-Last-Modified-Timestamp: 1528689790.13098
    < Content-Type: text/html;charset=UTF-8
    <
    * Connection #0 to host acme.storage.oraclecloud.com left intact