Object storage
Settings
Configure object storage settings and access controls.
The object storage settings show the details required to access your files via an S3-compatible API. You can also enable public access and delete the object storage.
Complete the policy as follows:
If a network request is still blocked by your browser, look at the AllowedOrigins, AllowedMethods, and AllowedHeaders of the network request and ensure the CORS policy includes the correct information.
Details
The object storage details contains the information you need to connect to your storage bucket via an S3-compatible API.Details of your object storage bucket.
CORS Policy
Cross-Origin Resource Sharing (CORS) is a browser security feature that controls how web resources can be requested from a different origin (domain, protocol, or port) than the one the web page was loaded from. A CORS policy is a set of rules defined by a server to specify which external origins (domains, ports, or protocols) are allowed to access its resources via cross-origin HTTP requests. To set up a CORS Policy on your object storage bucket, click Create rule.Create a CORS Policy for your object storage bucket.
- Allowed methods: This defines the value of the
Access-Control-Allow-Methodsheader that R2 sets when a browser requests objects from your bucket. You can select any of the following HTTP methods:GET,PUT,POST,DELETE, andHEAD. - Allowed origin: Specifies the value of the
Access-Control-Allow-Originheader that R2 sets when a browser requests objects from your bucket. This is the origin from which the request is being made; for example, if the sitewww.example.comneeds access to your bucket, enterwww.example.comas the allowed origin. - Allowed header: Defines the value for the
Access-Control-Allow-Headersheader that R2 sets when a browser sends cross-origin requests to your bucket. If your requests include custom headers, such asx-user-idorx-auth-token, you need to add them here so the browser permits them.
Define your CORS policy.
Public access
By default, the object storage files are private. If you enable public access, you can access the files using the public URL.Enable public access to your object storage instance.
Delete object storage
If you no longer require object storage, you must remove all of the objects within it, click Delete object storage, and confirm the deletion. Once the object storage is deleted, it cannot be recovered.Delete object storage.