IBM Cloud Docs
FAQ - General

FAQ - General

Frequently asked questions can produce helpful answers and insight into best practices for working with IBM Cloud® Object Storage.

Can I use AWS S3 SDKs with IBM Cloud Object Storage?

IBM Cloud Object Storage supports the most commonly used subset of Amazon S3 API operations. IBM makes a sustained best effort to ensure that the IBM Cloud Object Storage APIs stay compatible with the industry standard S3 API. IBM Cloud Object Storage also produces several native core COS SDKs that are derivatives of publicly available AWS SDKs. These core COS SDKs are explicitly tested on each new IBM Cloud Object Storage upgrade. When using AWS SDKs, use HMAC authorization and an explicit endpoint. For details, see About IBM COS SDKs.

Does data consistency in Object Storage come with a performance impact?

Consistency with any distributed system comes with a cost, because the efficiency of the IBM Cloud Object Storage dispersed storage system is not trivial, but is lower compared to systems with multiple synchronous copies.

Aren't there performance implications if my application needs to manipulate large objects?

For performance optimization, objects can be uploaded and downloaded in multiple parts, in parallel.

What is the difference between 'Class A' and 'Class B' requests?

'Class A' requests are operations that involve modification or listing. This includes creating buckets, uploading or copying objects, creating or changing configurations, listing buckets, and listing the contents of buckets.'Class B' requests are those related to retrieving objects or their associated metadata/configurations from the system. There is no charge for deleting buckets or objects from the system.

Can you confirm that Object Storage is ‘immediately consistent’, as opposed to ‘eventually consistent’?

Object Storage is ‘immediately consistent’ for data and ‘eventually consistent’ for usage accounting.

Can a web browser display the content of files stored in IBM Cloud Object Storage?

Web browsers can display web content in IBM Cloud Object Storage files, using the COS endpoint as the file location. To create a functioning website, however, you need to set up a web environment; for example, elements such as a CNAME record. IBM Cloud Object Storage does not support automatic static website hosting. For information, see Static websites and this tutorial.

Why do CredentialRetrievalError occur while uploading data to Object Storage or while retrieving credentials? 

CredentialRetrievalError can occur due to the following reasons:

  • The API key is not valid.
  • The IAM endpoint is incorrect.

However, if the issue persists, contact IBM customer support.

How do I ensure communication with Object Storage?

You can check the communication with Object Storage by using one of the following:

Why can I not create or delete a service instance?

A user is required to have have at a minimum the platform role of editor for all IAM enabled services, or at least for Cloud Object Service. For more information, see the IAM documentation on roles.

What is the maximum number of characters that can be used in a key, or Object name?

Keys have a 1024-character limit.

How can I track events in Object Storage?

The Object Storage Activity Tracker service records user-initiated activities that change the state of a service in Object Storage. For details, see IBM Cloud Activity Tracker.

What are some tools unable to render object names?

Object names that contain unicode characters that are not allowed by the XML standard will result in "Malformed XML" messages. For more information, see the XML reference documentation.

Is Object Storage HIPAA compliant to host PHI data?

Yes, Object Storage is HIPAA compliant.

Is there any option in Object Storage to enable accelerate data transfer?

Object Storage offers Aspera service for high speed data transfer.

How can I access a private COS endpoint in a data center from another date center?

Use Object Storage Direct Link Connection to create a global direct link.

How can I monitor Object Storage resources?

Use the Activity Tracker service to capture and record Object Storage activities and monitor the activity of your IBM Cloud account. Activity Tracker is used to track how users and applications interact with Object Storage.

How can I move data into the archive tier?

You can archive objects using the web console, REST API, and third-party tools that are integrated with IBM Cloud Object Storage. For details, see COS Archive.

Can I use the same Object Storage instance across multiple regions?

Yes, the Object Storage instance is a global service. Once an instance is created, you can choose the region while creating the bucket.

Is it possible to form a Hadoop cluster using Object Storage?

No, Object Storage is used for the object storage service. For a Hadoop cluster, you need the processing associated with each unit of storage. You may consider the Hadoop-as-a-Service setup.

Can I generate a "Pre-signed URL" to download a file and review?

A Pre-signed URL is not generated using the IBM Cloud UI; however, you can use CyberDuck to generate the “pre-signed URL”. It is free.

How can I generate a Auth Token using the IAM API Key using REST?

For more information on working with the API, see Creating IAM token for API Key and Configuration Authentication.

What are the libraries that the Object Storage SDK supports?

Object Storage provides SDKs for Java, Python, NodeJS, and Go featuring capabilities to make the most of IBM Cloud Object Storage. For information about the features supported by each SDK, see the feature list.

When a file is uploaded to a cross region bucket using the ‘us-geo’ endpoint, how long is the delay before the file is available at the other US sites?

The data are spread immediately without delay and the uploaded files are available once the write is successful.

Why am I unable to delete a Object Storage instance?

It isn't possible to delete an instance if the API key or Service ID being used is locked. You'll need to navigate in the console to Manage > Access (IAM) and unlock the API Key or Service ID. The error provided may seem ambiguous but is intended to increase security:

An error occurred during an attempt to complete the operation. Try fixing the issue or try the operation again later. Description: 400

This is intentionally vague to prevent any useful information from being conveyed to a possible attacker. For more information on locking API keys or Service IDs, see the IAM documentation.

How do I download the Root CA certificate for Object Storage?

Object Storage root CA certificates can be downloaded from Please download PEM or DER/CRT format from "DigiCert TLS RSA SHA256 2020 CA1" that is located under "Other intermediate certificates."

How to I find my current active Object Storage instance/resources?

Login to the IBM Cloud shell: and enter at the prompt ibmcloud resource search "service_name:cloud-object-storage AND type:resource-instance".

The response you receive includes information for the name of your instance, location, family, resource type, resource group ID, CRN, tags, service tags, and access tags.