What Is It?
IONOS Cloud Object Storage provides S3-compatible object storage for unstructured data with high durability and scalability. Store files, backups, media assets, and application data using standard S3 APIs, tools, and SDKs. Features georedundant replication across multiple data centers, versioning, lifecycle rules, and Object Lock for compliance.
Quick Facts
| Aspect | Details |
|---|---|
| API | S3-compatible (works with existing S3 tools, SDKs, CLI) |
| Capacity | Petabyte-scale, up to 5 TB per object |
| Object Limits | 200M objects per unversioned bucket, 50M per versioned bucket |
| Encryption | TLS 1.2/1.3 in transit, AES-256 at rest (SSE-S3 or SSE-C) |
| Replication | Cross-region replication for user-owned buckets across Frankfurt, Berlin, and Logrono (the US region is contract-owned only) |
| Compliance | ISO 27001 (IT-Grundschutz), GDPR-compliant, WORM (Object Lock) |
| Billing Model | Pay-as-you-go (storage + outbound data), no request-based charges |
Data Management Features
| Feature | Description |
|---|---|
| Versioning | Multiple immutable object versions, protect against accidental deletion |
| Lifecycle Rules | Automatic expiration (deletion) based on age or version count; no tier transition (STANDARD class only) |
| Object Lock | WORM retention (retention policies or legal holds) for compliance |
| Replication | User-owned bucket replication across regions; support for contract-owned buckets is coming soon |
Access Management
| Feature | Description |
|---|---|
| Access Control Lists | Granular per-object and per-bucket permissions |
| Bucket Policies | Account-wide access rules (1MiB size for contract buckets, 20KiB for user buckets) |
| Logging | Audit trail of access requests (Supported only for user-owned buckets) |
| CORS | Cross-origin resource sharing for web applications |
| Block Public Access | Override any public permission (API only) |
| Static Website Hosting | Public-read buckets serve HTML, images, CSS, JavaScript |
What You Can Do
Store Unstructured Data
Upload files, media, backups, logs, and application data. Supports multi-part upload for parallel upload of large files. Objects stored in flat, non-hierarchical structure with folder simulation via prefixes.
Configure Versioning
Enable versioning to keep multiple immutable versions of each object. Protects against accidental overwrites and deletions. Each version has unique version ID and can be restored independently.
Apply Lifecycle Policies
Automate data management with lifecycle rules. Delete (expire) objects after a specified age. Object Storage has a single STANDARD storage class, so lifecycle rules are expiration-only: there is no cold or archive tier to transition objects to. Manage version retention automatically to control costs.
Enable Object Lock
Implement WORM (Write Once, Read Many) with retention policies or legal holds. Meet regulatory requirements for immutable records. Prevent deletion or modification for specified retention period.
Replicate Data
Configure replication between buckets for disaster recovery or geographic distribution. Supports user-owned buckets as the source. Replication across Frankfurt, Berlin, and Logrono regions (the US region is contract-owned only).
Control Access
Define fine-grained permissions with ACLs and bucket policies. Enable logging for audit trails (Supported only for user-owned buckets). Configure CORS for web application access. Use Block Public Access to prevent accidental exposure.
Host Static Websites
Serve static websites directly from public-read buckets. Configure index document and error pages. Use for marketing sites, documentation, or asset distribution.
Generate Pre-Signed URLs
Create temporary, secure sharing links without requiring account credentials. Set expiration times for time-limited access. Share objects securely with external parties.
Encrypt Data
Apply server-side encryption with SSE-S3 (IONOS-managed keys) or SSE-C (customer-managed keys). All data encrypted with AES-256 at rest. TLS 1.2/1.3 for encryption in transit.
Best For
| Scenario | Why It Fits |
|---|---|
| Backup and archival | Petabyte-scale capacity, lifecycle rules, georedundant replication, low cost (0.007 EUR/GB) |
| Static website hosting | Built-in web serving, CORS support, CDN integration, public access controls |
| Media and asset distribution | Large object support (5 TB), pre-signed URLs, multi-part upload, high availability |
| Compliance and regulatory storage | Object Lock (WORM), ISO 27001, GDPR-compliant, immutable versioning |
| Application data storage | S3-compatible API, works with existing tools (rclone, Terraform, AWS CLI) |
Key Considerations
Billing & Costs
- Main billing: Per GB per month (approximately 0.007 EUR/GB)
- Outbound data: Charged for data transfer out of IONOS network
- No request charges: Unlike some S3 providers, no per-request fees
- Additional costs: None for inbound data, versioning, or replication setup
Limitations
- Maximum 1000 contract-owned buckets and 500 user-owned buckets per user (bucket caps are documented per user, not per contract)
- Maximum 5 TB per object
- 200M objects per unversioned bucket, 50M per versioned bucket
- Flat storage structure (no true hierarchical folders, only prefix simulation)
- Block Public Access available via API only (not in web UI)
- Object Lock cannot be removed once enabled on bucket
- SSE-C (customer-managed keys) requires key management on client side
- Replication requires separate configuration per bucket pair
Management Options
- IONOS Cloud Object Storage Console (web UI; maximum single-object upload via the console is 4.65 GiB for user-owned buckets and 5 GiB for contract-owned buckets)
- S3-compatible CLI (AWS CLI, s3cmd, rclone)
- Cloud API and SDKs (Python, Java, Go, etc.)
- Terraform provider (AWS S3 resources)
- Third-party S3 tools (CloudBerry, Cyberduck, etc.)