Bucket Policies
Control user actions on buckets and objects
Bucket policies control what actions a specific user can perform on a bucket. They apply to every object within a bucket, define which actors may take any action on a bucket, and stipulate the conditions under which those actions occur. Only the bucket owner can associate a policy with a bucket. Bucket policies are written in JSON.
S3 Bucket lifecycle configuration
Creating a Bucket Lifecycle configuration is an effective way of managing your objects so that they're stored effectively for as long as you need them. A Lifecycle configuration is a set of rules that define actions that CoreWeave AI Object Storage applies to a group of objects. There are two types of actions within Bucket Lifecycle configuration:
- Transition actions define when objects transition to another storage class. We do not support these at this time.
- Expiration actions define when objects expire. CoreWeave AI Object Storage optimizes efficiency by deleting expired objects on your behalf. Because users may have up to 1,000 rules set for a bucket at any time, some rules may become obsolete. With this in mind, in CoreWeave AI Object Storage rules are evaluated with a predictable outcome. When rules are in conflict, the rule that will delete an object sooner will take precedence.
Below is an example of a lifecycle configuration file. This example shows all of the options available in CoreWeave AI Object Storage. You can find an explanation of the fields below.
Bucket lifecycle configuration
{"Rules": [{"Expiration": {"Date": timestamp,"Days": integer,"ExpiredObjectDeleteMarker": true|false},"ID": "string","Prefix": "string","Filter": {"Prefix": "string","Tag": {"Key": "string","Value": "string"},"ObjectSizeGreaterThan": long,"ObjectSizeLessThan": long,"And": {"Prefix": "string","Tags": [{"Key": "string","Value": "string"}...],"ObjectSizeGreaterThan": long,"ObjectSizeLessThan": long}},"Status": "Enabled"|"Disabled","NoncurrentVersionExpiration": {"NoncurrentDays": integer,"NewerNoncurrentVersions": integer},"AbortIncompleteMultipartUpload": {"DaysAfterInitiation": integer}}...]}
| Rule | Definition |
|---|---|
Expiration | This type of rule specifies that an object will be deleted when it reaches either a listed Date,a number of days old, or an expired Delete marker is present. The date must be in ISO 8601 format and the time in UTC 0000. |
ExpiredObjectDeleteMarker | Indicates whether CoreWeave will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired; if set to false the policy takes no action. This cannot be specified with Days or Date. |
ID | Identifier for the rule itself. Can be up to 255 characters |
Filter | Specifies objects for which a rule should apply. Must contain only one of a Prefix, Tag, or And value. An empty Filter indiscriminately applies to all objects in a bucket |
Prefix | A prefix for an object to match on. For instance foo/ will match both foo/bar and foo/baz. Only one prefix per rule can match |
Tag | A dict specifying a specific tag (key) and its value. Multiple tags can be used at once with And |
And | Allows you to match on multiple tags and up to one prefix. |
ObjectSize | You can specify a range of sizes in bytes using ObjectSizeGreaterThan and ObjectSizeLessThan |
Status | Status shows whether this rule should be enabled or not. If the rule is disabled it will not be applied. |
NoncurrentVersionExpiration | Specifies how long and how many non-current versions of a versioned (or versioning suspended) object to keep. |
NoncurrentDays | How many days after an object becomes noncurrent before deletion |
NewerNoncurrentVersions | Deletion will only occur after the specified number of non-current versions is reached. The process starts with the oldest version |
AbortIncompleteMultipartUpload | Specify a number of days after starting a multi-part upload using DaysAfterInitiation to delete all parts if uploading is aborted. |
For a full list of Bucket Policy structures, see the Bucket Policy reference guide.