DEV Community

Ernesto Lopez
Ernesto Lopez

Posted on

AWS vs OCI Object Storage options and comparison

We are starting putting some context:

  1. AWS - Amazon Web Service
  2. OCI - Oracle Cloud Infrastructure
  3. Object Storage - data managed as object, where each of this object has a unique identifier and you access it using HTTP protocol.

What does Object Storage Refers to?

Object Storage has been one of the pillars of cloud infrastructure, and has help to decouple software from servers and file systems. It represents something similar a flat File System, so you will have virtually little limitations, this is ideal to store massive amount of data, we are talking about TBs and TBs of data, and you will be able to access each object using unique identifiers.

Other benefit of object storage is that you can store the data along with metadata for that object, you can apply certain actions based on that metadata. On the transport layer, there is no need for extra equipment, access is through HTTP protocol and using REST APIs, so basically you can GET an object or PUT an object inside a storage container (most of the cloud providers call this buckets).

AWS S3 vs OCI Object and archive Storage

Now, each cloud provider provides a flavor of this object storage services, here we are going to see a comparison between AWS S3 and OCI object and archive storage, and the end of this entry we see how we can make a simple operation on both using the CLI.

Dimension AWS OCI
Container S3 are deployed inside a region OCI storage buckets are deployed inside compartments
Metadata tags yes, you can assign metadata tags to objects yes, you can assign metadata tags to objects
Object Size From 0B to 5Terabytes As small as 0B or as large as 10 TiB
Multipart upload Recommended for objects bigger than 100MB Recommended for objects bigger than 100MB
API Endpoint AWS S3 buckets are accessed using s3 API endpoints similar to this It can be accessed through a dedicated regional API endpoint, The Native API endpoints are similar to this https://objectstorage.<region-identifier>
Storage Tiers S3 Standard, S3 Standard-InfrequentAccess, S3 One Zone-Infrequent Access for long-lived Amazon S3 Glacier and Amazon S3 Glacier Deep Archive Standard Tier, Infrequent Access, Archive
Auto Tiering Yes, called intelligent-tiering Yes, called Auto-Tiering
Reliability The S3 Standard storage class is designed for 99.99% availability, the S3 Standard-IA storage class and the S3 Intelligent-Tiering storage class are designed for 99.9% availability, the S3 One Zone-IA storage class is designed for 99.5% availability, and the S3 Glacier and S3 Glacier Deep Archive class are designed for 99.99% availability and an SLA of 99.9%. The service is designed for 99.9% availability. Multiple safeguards have been built into the platform to monitor the health of the service to guard against unplanned downtime. It makes no distinction between tiers apparently
Durability Amazon S3 Standard, S3 Standard–IA, S3 Intelligent-Tiering, S3 One Zone-IA, S3 Glacier, and S3 Glacier Deep Archive are all designed to provide 99.999999999% (11 9's) of data durability of objects over a given year Oracle Object Storage is designed to be highly durable, providing 99.999999999% (Eleven 9's) of annual durability. It achieves this by storing each object redundantly across three servers in different availability domains for regions with multiple availability domains, and in different fault domains in regions with a single availability domain.
Versioning yes, enabled at the bucket level, S3 preserves existing objects anytime you perform a PUT, POST, COPY, or DELETE operation on them Yes, enabled on a bucket, data is not lost when an object is overwritten or when a versioning-unaware delete operation is performed. In both cases, the previous contents of the object are saved as a previous version of the object.
Data access control Using IAM policies, bucket policies , Access control Lists, and Query String Authentication can be defined at the object level IAM policies and set of permissions assigned to a group, only at the compartment or bucket level not the object level
Encryption Server side using S3 key, using customer key or using KMS service, also support Client side encryption at the object, bucket level server side encryption with customer provider key or master key stored on VAULT, also client side encryption is supported at the object and metadata level
Auditing Yes you can audit access to s3 bucket using cloud trail bucket and object related yes, Oracle Cloud Infrastructure Object Storage supports logging for bucket-related events, but not for object-related events.
Cost For example, S3 standard, $0.023 per GB per month first 50TB* For example, for object storage standard $0.0255 per GB per Month *


  1. OCI Compartment is a collection of related resources, as for example compute instances, buckets, etc. typically deployed in a region. It can only be accessed by a group that has access to this compartment. Each account has a root compartment, and you can create child compartments.
  2. Multipart Upload allows you to upload a single object as a set of parts. It must be applied using the SDK.
  3. Reliability is the ability of a workload to perform its intended function correctly and consistently.
  4. Durability is the probability that the object will remain intact and accessible after a period of one year.

'*' Price obtained at the date of publishing this entry

Examples for getting an object


In order to retrieve an object from an AWS S3 object your user must be enabled to s3:GetObject and s3:GetBucket on IAM policy for the bucket and objects inside of it.

And you can execute a command similar to:

aws s3 cp --region ${REGION} s3://${S3BUCKET}/${OBJECT_NAME} .
Enter fullscreen mode Exit fullscreen mode


For OCI there is a slightly different approach
You will need to generate either a Pre-Authenticated request for read and write from this bucket

Generate a .pem file on your local machine
copy your key into the API-keys for that bucket

and execute the following command:

oci os object get -bn test-interchange-bucket-20211125 --file 16286.jpeg --name 1628612.jpeg
Enter fullscreen mode Exit fullscreen mode


  • --file is the filename that will obtain on your local computer
  • --name is the name of the object inside the bucket
  • -bn is the bucket name

*You must execute the command from the folder where your .pem file is stored

NOTE this commands will be expanded on further entries


OCI Object Storage FAQs
Oracle Cloud Storage Pricing
Amazon S3 pricing
Copy Files To Oracle OCI Cloud Object Storage From Command Line

Top comments (0)