The object storage settings show the details required to access your files via an S3-compatible API. You can also enable public access and delete the object storage.

​
Details

The object storage details contains the information you need to connect to your storage bucket via an S3-compatible API.

Details of your object storage bucket.

​
CORS Policy

Cross-Origin Resource Sharing (CORS) is a browser security feature that controls how web resources can be requested from a different origin (domain, protocol, or port) than the one the web page was loaded from. A CORS policy is a set of rules defined by a server to specify which external origins (domains, ports, or protocols) are allowed to access its resources via cross-origin HTTP requests. To set up a CORS Policy on your object storage bucket, click Create rule.

Create a CORS Policy for your object storage bucket.

Complete the policy as follows:

  • Allowed methods: This defines the value of the Access-Control-Allow-Methods header that R2 sets when a browser requests objects from your bucket. You can select any of the following HTTP methods: GET, PUT, POST, DELETE, and HEAD.
  • Allowed origin: Specifies the value of the Access-Control-Allow-Origin header that R2 sets when a browser requests objects from your bucket. This is the origin from which the request is being made; for example, if the site www.example.com needs access to your bucket, enter www.example.com as the allowed origin.
  • Allowed header: Defines the value for the Access-Control-Allow-Headers header that R2 sets when a browser sends cross-origin requests to your bucket. If your requests include custom headers, such as x-user-id or x-auth-token, you need to add them here so the browser permits them.

Define your CORS policy.

If a network request is still blocked by your browser, look at the AllowedOrigins, AllowedMethods, and AllowedHeaders of the network request and ensure the CORS policy includes the correct information.

​
Public access

By default, the object storage files are private. If you enable public access, you can access the files using the public URL.

Enable public access to your object storage instance.

​
Delete object storage

If you no longer require object storage, you must remove all of the objects within it, click Delete object storage, and confirm the deletion. Once the object storage is deleted, it cannot be recovered.

Delete object storage.