Download and Installation Configuration

Last updated:2026-02-12 17:52:22

Download and Installation Configuration

Last updated: 2026-02-12 17:52:22

COSCLI provides binary packages for Windows, macOS, and Linux, which can be used after simple installation and configuration.
Step 1: Download the COSCLI tool
You can choose the download address for the COSCLI tool based on your business scenario. If your server is in China, it's recommended to use the China Site Download Address (The tool versions of the links here are all the latest versions. If you need to use an earlier version, you can visit release to retrieve historical versions).
China Site Download Address
GitHub Download Address (Recommended for overseas users)
SHA256 Checksum
﻿Windows-386﻿
﻿Windows-386﻿
96e3c2aa2706f2c580f30093d1bf9f468046fd2cf498596f373f8e2707f0dea1
﻿Windows-amd64﻿
﻿Windows-amd64﻿
74f3b5ebbe89be2c013f9d3b2d8968691372801f2671bb31548eab4476fe9179
﻿macOS-amd64﻿
﻿macOS-amd64﻿
432ee022dcfdaec5a77e113386e7bcaa340680ea4c959147a3afb840c664aef9
﻿macOS-arm64﻿
﻿macOS-arm64﻿
df0018fbf78b552cbe875ebe26e8bdf7938c7f4394959f913dfc2ea4d1252568
﻿Linux-386﻿
﻿Linux-386﻿
a58e220bdc14781522b0c9eab76b02e5124b19f57554771a9e7ab204583c89ab
﻿Linux-amd64﻿
﻿Linux-amd64﻿
7165f2ae16c5f7ac495864c963ca574a76e04ec72680d7bc8a8eee3234d8cf91
﻿Linux-arm﻿
﻿Linux-arm﻿
5c5f6b70be061c7c30777dbc67271b2664036fbb56aaf6774c55ccc7f03194ed
﻿Linux-arm64﻿
﻿Linux-arm64﻿
0404b4da5b1d0c230c7d7522cb3bbec2909e314ab998889a0aeb8dc6094a2d21
You can also use the command line to get the COSCLI tool files for macOS and Linux environments from a China site:
macOS-amd64:wget https://cosbrowser.cloud.tencent.com/software/coscli/coscli-darwin-amd64
macOS-arm64:wget https://cosbrowser.cloud.tencent.com/software/coscli/coscli-darwin-arm64
Linux-386:wget https://cosbrowser.cloud.tencent.com/software/coscli/coscli-linux-386
Linux-amd64:wget https://cosbrowser.cloud.tencent.com/software/coscli/coscli-linux-amd64
Linux-arm:wget https://cosbrowser.cloud.tencent.com/software/coscli/coscli-linux-arm
Linux-arm64:wget https://cosbrowser.cloud.tencent.com/software/coscli/coscli-linux-arm64
Note:
The current version on GitHub is v1.0.8. To get the latest version, historical versions, and change logs of the tool, please go to release to view.
Step 2: Install the COSCLI Tool
Windows
1. Take windows-amd64 version as an example,move the downloaded Windows version of the COSCLI tool to the C:\\Users\\< username > directory.
2. Rename coscli-windows.exe to coscli.exe.
3. Press win+r to open the Run program.
4. In the dialog box, enter cmd and press Enter to open the command line window.
5. In the command prompt, enter the following command.
coscli --version
If the output is coscli version v1.0.8, the installation is successful.
Note:
Under the Windows system, the method of using COSCLI in different command line clients may vary slightly. If entering coscli [command] does not work properly with COSCLI, please try the format ./coscli [command].
macOS
1. Take macOS-amd64 version as an example,run the following command to rename the macOS version COSCLI file.
mv coscli-darwin-amd64 coscli
2. Run the following command to modify the file execution permission.
chmod 755 coscli
3. In the command prompt, enter the following command.
./coscli --version
If the output is coscli version v1.0.8, the installation is successful.
Note:
When using COSCLI on a macOS, if the prompt Unable to open "coscli" because the developer cannot be verified appears, you can go to Settings > Security and Privacy > General and select Still want to open coscli, afterwards COSCLI can be used normally.
Linux
1. Take Linux-amd64 version as an example,run the following command to rename the Linux version COSCLI file.
mv coscli-linux-amd64 coscli
2. Run the following command to modify the file execution permission.
chmod 755 coscli
3. In the command prompt, enter the following command.
./coscli --version
If the output is coscli version v1.0.8, the installation is successful.
Step 3: Configure COSCLI Tool
Note:
It is recommended that users use the tool with a Temporary Key to further enhance its security through temporary authorization. When applying for a Temporary Key, please follow the Principle of Least Privilege to prevent leaking resources outside the targeted buckets or objects.
If you must use a permanent key, it is recommended to follow the Principle of Least Privilege to limit the permission scope of the permanent key.
When using COSCLI for the first time, you need to initialize the configuration file, which contains the following two parts:
To authorize COSCLI to access your Tencent Cloud account, you need to configure the secret ID, secret key, and temporary key token.
To add an alias for a common bucket, you need to configure its name, geographical information, and alias. After configuring this information, users can use the alias for bucket operations without having to fill in the bucket name and geographical information again. Adding configurations for multiple common buckets also facilitates cross-bucket or cross-domain operations more easily. If you don't need to configure common bucket information, you can press Enter to skip.
When using COSCLI for the first time, it will automatically call ./coscli config init to create a configuration file at ~/.cos.yaml. You can complete the setup interactively through the command line. Later, you can also use ./coscli config init to interactively generate a configuration file in another location for COSCLI. You can use ./coscli config show to view the location and configuration parameters of the file.
The configuration items in the configuration file are as described below:
Configuration Item
Required
Description
Secret ID
Yes
Key ID, it is recommended to use a sub-account key and follow the principle of least privilege to reduce risks. Information on obtaining a sub-account key can be found in Sub-account Access Key Management.
Note:
Secret IDs configured via initialization or command configuration are stored in encrypted mode. To manually modify the configuration file, set the Disable Encryption parameter to turn off key encryption.
Secret Key
Yes
Key, it is recommended to use a sub-account key and follow the principle of least privilege to reduce risks. Information on obtaining a sub-account key can be found in Sub-account Access Key Management.
Note:
Secret Keys configured via initialization or command settings are stored in encrypted mode. To manually edit the configuration file, set the Disable Encryption parameter to turn off key encryption.
Session Token
No
Temporary key token, needs to be configured when using a temporary key; otherwise you can skip by pressing Enter. For more information on temporary keys, see Accessing COS Using a Temporary Key.
Note:
Session Tokens configured via initialization or command settings are stored in encrypted mode. To manually edit the configuration file, set the Disable Encryption parameter to turn off key encryption.
Mode
No
Set the identity mode, supporting enumerated values SecretKey and CvmRole. It can be null, with the default null value being SecretKey, indicating the use of a key request COS. When Mode is CvmRole, it means using Managing Instances Roles to request COS.
Cvm Role Name
No
Set the CVM role instance name, see Managing Instance Roles for details.
protocol
No
Network transfer protocol, which is HTTPS by default. If you want to change it to HTTP, directly modify it in the configuration file.
APPID
Yes
APPID is the account you receive after successfully applying for a Tencent Cloud account, automatically assigned by the system, and can be obtained from Account Information. A bucket's full name is composed of two elements: Bucket Name and APPID, formatted as <BucketName-APPID>, for details please refer to Bucket Naming Conventions.
Bucket Name
Yes
Bucket name, together with APPID, constitutes the bucket's full name, formatted as <BucketName-APPID>, for details please refer to Bucket Naming Conventions.
Bucket Endpoint
Yes
Domain name of the region where the bucket is located, default domain format is cos.<region>.myqcloud.com, where <region> represents the bucket's region, such as ap-guangzhou, ap-beijing, etc. For a list of supported regions by COS, see Regions and Access Endpoints.
If the bucket has global acceleration enabled, you can configure a global acceleration domain name. For example, the global acceleration domain name is set to cos.accelerate.myqcloud.com; the internal network global acceleration domain name is set to cos-internal.accelerate.tencentcos.cn.
Bucket Alias
No
Bucket alias, once configured, you can use BucketAlias to replace BucketName-APPID, reducing the command length required for input. If this option is not configured, the value of BucketAlias is the same as BucketName-APPID.
OFS Bucket
No
Metadata acceleration bucket tag, used to identify whether the bucket has the  metadata acceleration  feature enabled. 
CloseAutoSwitchHost
No
Set whether to disable automatic switch of a backup domain. Optional values are true and false, which can be null.
If the value is not set or set to false, the backup domain switch will be executed;
If the value is set to true, the backup domain switch will not be executed.
DisableEncryption
No
Set whether to disable key encryption. Optional value: true | false, which can be left blank.
If not set or the value is false, the key-related information in the configuration file will be encrypted.
Set to true, and the key-related information in the configuration file will not be encrypted.
DisableAutoFetchBucketType
No
Set whether to automatically retrieve the COS bucket type. Available values: true | false. Can be left blank.
If not set or set to false, the tool automatically selects the COS bucket type, and authorization cos:HeadBucket is required.
If set to true, the tool will not automatically identify the bucket type but preferentially determine it based on the --bucket-type parameter. If this parameter is not set, the bucket type is determined by the ofs parameter in the configuration file (true means an OFS bucket, false means a COS bucket). If the configuration file does not include bucket information, the COS bucket type is used by default.
During the initial configuration, COSCLI will ask you to configure information for just one bucket. If you want to configure multiple buckets, you can later use the ./coscli config add command to add bucket configurations. If you need to modify the configuration file or learn more about operations related to the configuration file, refer to the config command or use the ./coscli config --help command for quick access to related instructions.
Before starting to use commands, you can quickly check how to use COSCLI by running the command ./coscli --help.
Other configuration methods
In addition to generating the configuration file interactively with the ./coscli config init command, you can also manually write the COSCLI configuration file. The format of the COSCLI configuration file is in YAML format, with an example configuration as follows:
cos:
  base:
    secretid: XXXXXXXXXXXXXXX
    secretkey: XXXXXXXXXXXXXXXXX
    sessiontoken: ""
    protocol: https
  buckets:
  - name: examplebucket1-1250000000
    alias: bucket1
    region: ap-shanghai
    endpoint: cos.ap-shanghai.myqcloud.com
    ofs: false
  - name: examplebucket2-1250000000
    alias: bucket2
    region: ap-guangzhou
    endpoint: cos.ap-guangzhou.myqcloud.com
    ofs: false
  - name: examplebucket3-1250000000
    alias: bucket3
    region: ap-chengdu
    endpoint: cos.ap-chengdu.myqcloud.com
    ofs: false
Note:
COSCLI by default reads configuration items from ~/.cos.yaml. If users want to use their own defined configuration file, please use the -c (--config-path) option in the command. The configuration for CFS's secretid/secretkey/sessiontoken are all encrypted strings.

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

China Site Download Address	GitHub Download Address (Recommended for overseas users)	SHA256 Checksum
Windows-386	Windows-386	96e3c2aa2706f2c580f30093d1bf9f468046fd2cf498596f373f8e2707f0dea1
Windows-amd64	Windows-amd64	74f3b5ebbe89be2c013f9d3b2d8968691372801f2671bb31548eab4476fe9179
macOS-amd64	macOS-amd64	432ee022dcfdaec5a77e113386e7bcaa340680ea4c959147a3afb840c664aef9
macOS-arm64	macOS-arm64	df0018fbf78b552cbe875ebe26e8bdf7938c7f4394959f913dfc2ea4d1252568
Linux-386	Linux-386	a58e220bdc14781522b0c9eab76b02e5124b19f57554771a9e7ab204583c89ab
Linux-amd64	Linux-amd64	7165f2ae16c5f7ac495864c963ca574a76e04ec72680d7bc8a8eee3234d8cf91
Linux-arm	Linux-arm	5c5f6b70be061c7c30777dbc67271b2664036fbb56aaf6774c55ccc7f03194ed
Linux-arm64	Linux-arm64	0404b4da5b1d0c230c7d7522cb3bbec2909e314ab998889a0aeb8dc6094a2d21

Configuration Item	Required	Description
Secret ID	Yes	Key ID, it is recommended to use a sub-account key and follow the principle of least privilege to reduce risks. Information on obtaining a sub-account key can be found in Sub-account Access Key Management. Note: Secret IDs configured via initialization or command configuration are stored in encrypted mode. To manually modify the configuration file, set the Disable Encryption parameter to turn off key encryption.
Secret Key	Yes	Key, it is recommended to use a sub-account key and follow the principle of least privilege to reduce risks. Information on obtaining a sub-account key can be found in Sub-account Access Key Management. Note: Secret Keys configured via initialization or command settings are stored in encrypted mode. To manually edit the configuration file, set the Disable Encryption parameter to turn off key encryption.
Session Token	No	Temporary key token, needs to be configured when using a temporary key; otherwise you can skip by pressing `Enter`. For more information on temporary keys, see Accessing COS Using a Temporary Key. Note: Session Tokens configured via initialization or command settings are stored in encrypted mode. To manually edit the configuration file, set the Disable Encryption parameter to turn off key encryption.
Mode	No	Set the identity mode, supporting enumerated values `SecretKey` and `CvmRole`. It can be null, with the default null value being `SecretKey`, indicating the use of a key request COS. When Mode is `CvmRole`, it means using Managing Instances Roles to request COS.
Cvm Role Name	No	Set the CVM role instance name, see Managing Instance Roles for details.
protocol	No	Network transfer protocol, which is HTTPS by default. If you want to change it to HTTP, directly modify it in the configuration file.
APPID	Yes	APPID is the account you receive after successfully applying for a Tencent Cloud account, automatically assigned by the system, and can be obtained from Account Information. A bucket's full name is composed of two elements: `Bucket Name` and `APPID`, formatted as `<BucketName-APPID>`, for details please refer to Bucket Naming Conventions.
Bucket Name	Yes	Bucket name, together with APPID, constitutes the bucket's full name, formatted as `<BucketName-APPID>`, for details please refer to Bucket Naming Conventions.
Bucket Endpoint	Yes	Domain name of the region where the bucket is located, default domain format is `cos.<region>.myqcloud.com`, where `<region>` represents the bucket's region, such as ap-guangzhou, ap-beijing, etc. For a list of supported regions by COS, see Regions and Access Endpoints. If the bucket has global acceleration enabled, you can configure a global acceleration domain name. For example, the global acceleration domain name is set to `cos.accelerate.myqcloud.com`; the internal network global acceleration domain name is set to `cos-internal.accelerate.tencentcos.cn`.
Bucket Alias	No	Bucket alias, once configured, you can use `BucketAlias` to replace `BucketName-APPID`, reducing the command length required for input. If this option is not configured, the value of `BucketAlias` is the same as `BucketName-APPID`.
OFS Bucket	No	Metadata acceleration bucket tag, used to identify whether the bucket has the metadata acceleration feature enabled.
CloseAutoSwitchHost	No	Set whether to disable automatic switch of a backup domain. Optional values are true and false, which can be null. If the value is not set or set to false, the backup domain switch will be executed; If the value is set to true, the backup domain switch will not be executed.
DisableEncryption	No	Set whether to disable key encryption. Optional value: true \| false, which can be left blank. If not set or the value is false, the key-related information in the configuration file will be encrypted. Set to true, and the key-related information in the configuration file will not be encrypted.
DisableAutoFetchBucketType	No	Set whether to automatically retrieve the COS bucket type. Available values: true \| false. Can be left blank. If not set or set to false, the tool automatically selects the COS bucket type, and authorization `cos:HeadBucket` is required. If set to true, the tool will not automatically identify the bucket type but preferentially determine it based on the `--bucket-type` parameter. If this parameter is not set, the bucket type is determined by the ofs parameter in the configuration file (true means an OFS bucket, false means a COS bucket). If the configuration file does not include bucket information, the COS bucket type is used by default.

tencent cloud

Step 1: Download the COSCLI tool

Step 2: Install the COSCLI Tool

Windows

macOS

Linux

Step 3: Configure COSCLI Tool

Other configuration methods