tencent cloud

Cloud Object Storage

Data Security

Baixar
Modo Foco
Tamanho da Fonte
Última atualização: 2026-06-25 16:53:06

Versioning

Can I restore accidentally deleted data?

No. However, you can enable versioning for your bucket so that you can store multiple versions of an object in a bucket, and extract, delete, or restore a specific object version. Versioning allows you to restore data lost due to accidental deletion or application failures. For more information, see Setting Versioning.

What is COS's solution to disaster recovery?

You can achieve disaster recovery in COS by:
1. Enabling versioning, which allows you to store multiple versions of an object in the bucket. For detailed directions, see Versioning Configuration.
2. Using cross-bucket replication to achieve remote disaster recovery. For more information, see Cross-Bucket Replication Configuration.
3. Using the MAZ configuration, which provides IDC-level disaster recovery capabilities for your data.

How can I delete noncurrent object versions after I enable versioning for a bucket?

You can achieve this by:
1. You can delete noncurrent object versions via the console, tools (such as COSCMD), or APIs/SDKs (such as Java SDK).
You can set a lifecycle rule and enable Managing historical versions to transition or delete noncurrent object versions.

Can a newly uploaded object not overwrite the old one that has the same name?

No. By default, the old object with the same name will be overwritten by the new one. However, you can enable versioning for your bucket so that multiple object versions can be preserved. For more information, see Versioning Overview.

How can I download a specific version of object?

If you download with APIs or SDKs, add the versionId request parameter. For the API calling directions, see GET Object.
If you download via the console, set the historical versions to Display in the top navigation bar so that you can download the desired object version.

Cross-Region Replication Issues

Does cross-bucket replication use the public network or the private network?

Cross-bucket replication in COS uses the private network by default.
Note:
Using cross-bucket replication incurs cross-region traffic fees. Currently, no resource pack is available for this. The incurred fees will be settled and deducted from your account balance at 00:00 the next day.

Can I sync resources between two regions?

Yes. Resources under the same account can be synced between two regions. You can set cross-bucket replication to replicate objects incrementally.

How to quickly migrate resources from one account to another account?

You can use COS Migration to migrate data between buckets. Alternatively, you can set cross-bucket replication.

Does cross-bucket replication support replicating existing data?

No. You can use Batch Operation instead.

If I enable cross-bucket replication and delete a file from the source bucket, will the file be deleted as well in the destination bucket?

In a source bucket with cross-bucket replication enabled, COS will replicate the following:
Any new objects uploaded to the source bucket after the cross-bucket replication rule is added.
Object attributes such as object metadata and version ID.
Object operations, such as adding an object of the same name (equivalent to adding a new object) and deleting an object.
Note:
If you specify an object version to delete in the source bucket by specifying a version ID, COS will not replicate this delete operation.
If you add a bucket-level configuration such as a lifecycle rule to the source bucket, COS will not replicate any resulting object operations.
For more information, see Cross-Bucket Replication Actions.

Data Encryption

Does COS support data encryption?

Yes. COS supports encryption such as bucket encryption and object encryption. For more information, see Setting Bucket Encryption and Setting Object Encryption.

Does COS encryption affect performance?

A client-side/COS-managed/KMS key is used to encrypt the file content into ciphertext, which affects performance to some extent (mainly by increasing access delay). The delay does not significantly affect large object reads/writes, but has a certain impact on small object reads/writes.

How can I get an encrypted object?

If your file is encrypted (especially with SSE-C), you must include an encryption header when reading it to obtain the file. The encryption header differs according to the encryption algorithm. Tencent Cloud COS supports three server-side encryption methods:
SSE-COS: The key is managed by COS, and no special header is usually required for reading (automatic decryption).
SSE-KMS: The key is managed by KMS, and a valid signature is required for reading, but no special encryption header is usually needed.
SSE-C: The customer provides the key, and an encryption header must be included when reading is performed.
To get an encrypted object, include an encryption header when reading it. The encryption header differs according to the encryption algorithm. For more information, see Common Request Headers.

Content Security

Why are non-compliant files found in my COS bucket?

Your data is stored in COS, and the data access permission is public read. When you access and disseminate such data on the public network, you need to comply with applicable laws and regulations. If the content of such data violates regulations, the compliance team of Tencent Cloud will handle it accordingly, and handled files will be displayed in the Violation List in the COS console.

I have already enabled the content moderation feature, but why do I still receive violation notifications?

Possible reasons:
1. The content moderation feature is not configured correctly; for example:
Automatic freezing is not configured, or the identified non-compliant data is not processed in time (such as deleting files).
The configured data freezing score is too high, so some non-compliant files have low scores and are not frozen.
Some non-compliant images are historical data and have not been moderated. We recommend you conduct a full moderation of historical data to check the entire bucket.
2. If the moderation configuration is correct, but non-compliant data is determined to be normal, this is generally because the data is relatively obscure, and the existing moderation model doesn't correctly moderate it. We will regularly collect similar moderation error samples for continuous optimization. You can also submit a ticket for customized moderation services.

Other

Are there backups for the STANDARD, STANDARD_IA, and ARCHIVE storage classes?

COS data is stored at the underlying layer using multiple replicas or erasure coding (both are imperceptible to users). The storage engines are distributed across multiple availability zones in a region, making the data reliability 99.999999999%.


Ajuda e Suporte

Esta página foi útil?

comentários