EdgeNext
Documentation home

EdgeNext Documentation

Product guides, setup instructions, and technical references.

Object Storage Service

Basic Concepts

Basic Concepts

Buckets

A bucket is the top-level container used to organize and manage objects within object storage. All data uploaded to object storage must reside within a specific bucket. The bucket itself does not store data content; rather, it serves as a logical isolation unit responsible for categorizing and managing objects based on different business purposes or applications. The bucket name must be unique within a given service region and typically appears as part of the URL used to access data in object storage.

Access Key / Secret Key

An Access Key Pair (AK/SK) is a set of credentials used for identity authentication and interface authorization in object storage services. It serves as the core mechanism for verifying identity and permissions when calling object storage APIs.

  • AK (Access Key): Functions as the "username." It identifies the initiator of the request. The AK is a public identifier that can be included in request headers and does not require confidentiality.

  • SK (Secret Key): Functions as the "password." It is used to sign the request content. The SK must be kept strictly confidential, must never be exposed or hard-coded in plaintext, and is never transmitted directly over the network.

Object storage services are typically accessed via HTTP APIs, which means anyone can construct an HTTP request. The Access Key Pair mechanism addresses the following critical requirements:

  • Identity Verification: The AK confirms which user or application is initiating the object storage request.

  • Tamper Prevention: The signature covers key parameters of the request; any alteration will invalidate the signature.

  • Replay Prevention: The signature includes a timestamp, ensuring that expired requests are automatically rejected.

Need help? Contact our support team at support@edgenext.com.

Back to documentation home