Open in app

Sign in

Write

Sign in

Getting More for Less from OCI Object Storage

At the Oracle ACE Virtual Conference in December 2024, Lucas Jellema, CTO at Conclusion, shared insights on how to maximize the benefits of Oracle Cloud Infrastructure (OCI) Object Storage. This blog post summarizes the key points from his presentation, highlighting how to ease administration, save costs, enhance energy efficiency, and ensure regulatory compliance.

Lucas Jellema
5 min readFeb 7, 2025
  1. Cost and Energy Savings: By leveraging OCI Object Storage, businesses can save up to 500% in money and energy. This is achieved through the use of different storage tiers and object lifecycle management.
  2. Regulatory Compliance: OCI Object Storage provides tools to enforce regulatory obligations, ensuring that data is retained for the required period and access is controlled.
  3. Access and Management: The OCI File Explorer, a free GUI file navigator, simplifies the management of OCI Object Storage, making it the cheapest, greenest, and simplest database solution.

Storage Tiers

OCI Object Storage offers three storage tiers:

  • Standard: For frequently accessed data.
  • Infrequent Access: For data that is accessed less often.
  • Archive: For long-term storage of data that is rarely accessed.

By using these tiers effectively, businesses can optimize their storage costs and energy consumption.

Here are some details on the (differences between the) storage tiers:

Conditions and SLA for each of the three storage tiers

As important are the price differences — indicated for 100 GB per month:

Picking the right storage tier — especially for data not frequently used anymore — can make a huge difference. Cold storage (like OCI Archive Tier) can use 70–90% less energy than hot storage, depending on access patterns.

Object Lifecycle Management and Auto-Tiering

Object Lifecycle Management allows businesses to define rules for managing objects in OCI Object Storage. Actions these rules can dictate include moving objects to different storage tiers or deleting them based on specific conditions. Auto-Tiering automatically optimizes the storage tier for objects larger than 1 MiB, further enhancing cost and energy efficiency. Rules have a target to act on; this target can be Objects, Latest Version of Objects, Previous Versions of Objects. Afilter can be defined to specify the condition under which the action is performed: type or name pattern of object, the number of days since creation or modification or version transition

Data Retention and Access Control

To ensure compliance with regulatory requirements, OCI Object Storage offers data retention rules that prevent changes or deletions for a fixed period. Fine-grained access control allows businesses to define policies at the object level, ensuring that only authorized users can access or modify data.

Data Retention Rules are defined on a bucket and can prevent changing and deleting an object for a fixed period since its last modified time. Retention Rules can be locked: no one can remove or loosen a locked retention rule. Note that the Storage tier can be updated for objects under a retention rule, for example to move objects to (cheap, lower energy) archive tier.

As of August 2024, Private IP addresses can be mandated to access bucket(s) only from within an OCI VCN. Fine Grained Access Control with OCI IAM Policy at Object Level (in addition to Bucket Level) was introduced in March 2024. Objects can be referenced in these policies with name or OCID or with a pattern using wildcards. These policies can govern read, (over)write, delete, delete previous version(s), change storage tier.

Encryption

All data in OCI Object Storage is encrypted, and businesses can use their own keys for added security. Encryption of objects can be with your own keys (in OCI Vault or provided during upload). Buckets can be re-encrypted at any time

Pre Authenticated Request (URL)

Pre-Authenticated Requests (PAR) provide direct access to objects via HTTP requests, making it easy to share data securely.

A PAR provides direct access to a file, set of files or folder to the holder — no questions asked

With a PAR, anyone — even without access to Oracle Cloud or even knowledge of Oracle Cloud — can easily access specified files and folders or upload files to a designated location.

Some things to know about PARs

  • Direct access to any object or collection of objects via HTTP requests (GET, POST, PUT); neither signed OCI API call nor OCI authentication required
  • Access to OCI Object Storage from any HTTP client — including cURL and static web applications
  • PAR can have an expiry date and can be revoked at any time. Note: when the creator of the PAR loses permissions used in the PAR, the PAR loses them too!
  • PAR can allow any combination of read | list | write, for an object, an object pattern or a bucket
  • A static web application can be published using a PAR
Creation of a PAR in the OCI Console for a Bucket in Object Storage

OCI File Manager

The OCI File Manager is a static web application that allows users to browse, upload, and download objects in OCI Object Storage. It runs entirely in the browser and interacts with OCI through HTTP requests, providing a simple and efficient way to manage data. See this article for an extensive introduction of this free tool.

The OCI File Manager leverages a PAR to interact directly from the browser with the “file system” on OCI Object Storage

Cheapest Database ever — for read often, change infrequently (web) applications

For fairly simple requirements for the persistent data backend for a web application with read often, change infrequently characteristics

A persistent data backend for a (static) web application

If these are the requirements:

•Requirements for web application’s data store

•data is available

•interaction is simple

•data changes are persisted (durable)

•changes from different users do not interface (isolated)

•changes are recorded atomically

•data storage is cheap and uses little energy

Then OCI Object Storage can fit the bill perfectly — using the Pre Authenticated Request.

Web Application using OCI Object Storage as its persistent data backend (its database so to speak)

OCI Object Storage as Database Platform for read often, change infrequently (web) applications. The steps are:

  • Store data (JSON files) and images in a bucket
  • Create Pre-Authenticated Request for easy access over HTTP
  • from the Web Application use HTTP requests to the PAR to load data and save (changed) data. For handling multi-user scenarios, changes can be written to delta files

Conclusion

OCI Object Storage offers a powerful and cost-effective solution for businesses looking to optimize their data storage. By leveraging the different storage tiers, object lifecycle management, and advanced access controls, businesses can achieve significant cost and energy savings while ensuring regulatory compliance.

The OCI File Manager further simplifies file management, making OCI Object Storage the ideal choice for sharing data in applications and even between human users.

Object Storage
Oracle Cloud
Energy
Cost
Security

--

--

Lucas Jellema
Lucas Jellema

Written by Lucas Jellema

767 Followers
60 Following

Lucas Jellema is CTO and IT architect at Conclusion, The Netherlands. He is Oracle ACE Director, one time JavaOne Rockstar and programmer

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams