Skip to main content

About CoreWeave AI Object Storage

Highly reliable, performant Object Storage designed for AI workloads

CoreWeave AI Object Storage is a purpose-built, fully managed object storage service that is optimized for AI workloads and can be used as general-purpose cloud storage. AI Object Storage is built and operated by CoreWeave, and implements an S3-compatible API, which means it follows the S3 request/response model and works with standard S3 tools, while maintaining its own service behavior, limits, and feature set.

Benefits

AI Object Storage provides the following benefits:

  • Efficiently stores and serves training datasets and model artifacts.
  • Supports non-AI data and standard cloud storage workflows. AI Object Storage implements an S3-compatible API, so you can reuse familiar tools and SDKs (such as the AWS CLI, Boto3, and s3cmd) by pointing them at CoreWeave endpoints.
  • Delivers data efficiently to GPU Nodes and integrates with model serializers such as Tensorizer.
  • Includes LOTA (Local Object Transport Accelerator), a Node-local connection that accelerates object reads to GPUs and caches data on GPU Nodes to reduce load times.

Availability

AI Object Storage is available in multiple regions across the CoreWeave platform.

See Regions and Availability Zones for the most up-to-date information on where AI Object Storage is available.

Security

AI Object Storage is designed to safeguard information that requires secure, reliable containment for long periods of time. AI Object Storage offers superior reliability by providing high redundancy, versioning, and bucket security policies.

All data stored in AI Object Storage is encrypted at rest using industry-standard encryption algorithms (AES-XTS-512). See the Encryption section below for more details.

AI Object Storage supports versioning, allowing multiple versions of data to be stored. This is useful for data recovery, and is an effective method for tracking changes over time. If required, clients can also revert to previous versions of data. AI Object Storage is ideal for archiving, backups, and use cases where data requires long-term, low-risk resiliency.

AI Object Storage uses organization, bucket, and lifecycle policies to enforce access control and configure retention. There is an Object Storage Admin IAM role that can be used to manage control plane aspects of Object Storage, such as creating access keys and organization access policies, in the Cloud Console. For more information, see About organization access policies.

Encryption

AI Object Storage provides encryption at rest by default and supports encryption in transit via TLS. For additional control, you can supply your own encryption keys using SSE-C.

Default Encryption at Rest

All object data stored within AI Object Storage is encrypted at rest by default, using the AES-XTS-512 algorithm. This mode applies two independent 256-bit keys per instance and is FIPS 140-3 Level 1 capable. Note that only the object data itself is encrypted at rest; object metadata is not encrypted by default. Customers should ensure confidential information is stored only in object payloads, not metadata fields.

For workloads that use the Local Object Transport Accelerator (LOTA), cached object data on ephemeral storage is encrypted at the drive level using Linux Unified Key Setup (LUKS). Additionally, if you use S3 Server-Side Encryption with Customer Keys (SSE-C), LOTA encrypts and decrypts data directly on the client machine. This ensures that even host root users cannot access cached data without the customer key, providing a layer of protection beyond disk-level encryption.

AI Object Storage supports server-side encryption with customer-supplied keys (SSE-C). This feature allows you to use your own encryption keys to encrypt data while CoreWeave handles the encryption and decryption process.

Encryption in Transit

Connections to AI Object Storage endpoints support Transport Layer Security (TLS), with TLS version 1.2 or later required for HTTPS. However, use of TLS is optional: users can connect over port 80 without encryption if desired. Data transmitted via HTTPS is protected in transit from interception and tampering.

LOTA operates as an "untrusted daemon" running on each Node and is not deployed with any user or service secrets. Communication between client Pods and LOTA, as well as between LOTA instances (Pods), is not encrypted by default; the system relies on network segmentation to provide security in these internal communications. When LOTA forwards requests or data to external cwobject.com endpoints, encryption in transit depends on protocol selection: only connections using HTTPS ensure encrypted traffic.

High performance

Data stored in AI Object Storage is available immediately after upload: clients can read data as soon as it's written. This is implemented as a "read-after-write" function, meaning any read operation after a write operation will retrieve updated data. This allows for secure parallel access, higher performance, and improved scalability.

Cost management

AI Object Storage includes automated cost optimization features designed for AI workloads with varying access patterns. Objects are automatically classified based on when they were last accessed:

Pricing TierDescription
HotObjects that are newly uploaded or accessed within the last 7 days
WarmObjects that have been accessed within the last 7 to 30 days
ColdObjects that haven't been accessed for 30+ days

Usage-based billing is enabled by default and requires no configuration. Objects transition back to Hot tier pricing when accessed, making this ideal for ML datasets, model checkpoints, and training artifacts with irregular usage patterns. Data billed as Cold has the same performance as Hot or Warm data — there are no retrieval delays. For more information, see Usage-Based Billing and Storage pricing.

Metrics and logging

CoreWeave offers audit logging and other metrics for AI Object Storage. Audit logging for buckets is available in limited access, and you can use CoreWeave Grafana to view metrics for usage, LOTA, and more.

Next steps

Last updated on