All Products
Search

This Product

    Object Storage Service:Can I recover an OSS object after it is deleted or overwritten?

    Document Center

    Object Storage Service:Can I recover an OSS object after it is deleted or overwritten?

    Last Updated:Nov 13, 2025

    The backend redundancy mechanism of Object Storage Service (OSS) is designed for data restoration in the event of server or hardware failures. Alibaba Cloud cannot recover OSS data that you manually delete, overwrite, or configure rules to automatically delete.

    Data deletion and overwriting

    The OSS Service Terms and Service Level Agreement (SLA) describe data deletion and overwriting as follows:

    • The Service Terms describe user business data as follows:

      • You can delete or change your user business data. When you release a service or delete data, Alibaba Cloud deletes your data according to your instructions and does not retain it.

      • After user business data is deleted, it cannot be recovered. You are responsible for all consequences that arise from data deletion. You understand and agree that Alibaba Cloud is not obligated to retain, export, or return user business data.

    • The Service Level Agreement (SLA) describes data destruction as follows:

      When you delete data, or when data needs to be destroyed after your service period expires, Alibaba Cloud automatically purges the data from the disks and memory of the corresponding physical servers. The data cannot be recovered.

    Operations that may cause data deletion or overwriting

    The following operations may delete or overwrite your data. Proceed with caution.

    • Delete objects using the OSS console, the ossutil command-line tool, the ossbrowser graphical tool, or an SDK. For more information, see Delete objects.

    • Upload an object with the same name to an OSS bucket using the OSS console, the ossutil command-line tool, the ossbrowser graphical tool, or an SDK. This overwrites the existing object.

    • If you configure lifecycle rules to periodically delete objects that meet specific criteria, OSS deletes the objects according to the configured rules. For more information, see Set up lifecycle rules.

    • If you configure a cross-region replication rule and set the data replication policy to Sync Additions, Deletions, And Modifications, object modifications or deletions in the source bucket are synced to the destination bucket. For more information, see Set up cross-region replication.

    • If you configure incorrect access permissions for a bucket, other users may maliciously delete or overwrite your objects. For more information about access permissions, see Overview of access control.

    How to prevent accidental deletion or overwriting

    Use the following methods to prevent your objects from being accidentally deleted or overwritten:

    • Enable versioning

      After you enable versioning, any objects that are accidentally deleted or overwritten are stored as historical versions in the bucket. You can restore a historical version at any time. For more information, see Overview of versioning.

    • Use cross-region replication to prevent accidental deletion

      You can use the Sync Additions And Modifications data replication policy of cross-region replication to back up data to a bucket in a different region. For more information, see Set up cross-region replication.

    • Use the scheduled backup feature to back up objects regularly

      You can configure the scheduled backup feature to regularly back up your objects to Cloud Backup. If your objects are lost, you can promptly recover them. For more information, see Scheduled backup.

    • Set the overwrite parameter for objects with the same name

      When you upload an object by calling an API operation, you can set the x-oss-forbid-overwrite parameter to true to prevent an object with the same name from being overwritten.

    • Configure correct access permissions

      When you configure access permissions for bucket visitors, follow these principles:

      • Do not use an Alibaba Cloud account to access OSS.

      • Implement read/write splitting. For services that require only read access to data, use a Resource Access Management (RAM) user or Security Token Service (STS) temporary credentials with read-only permissions.

      • For temporary access, use STS temporary credentials to access OSS.

      • For different services, grant only the minimum required OSS permissions.

      • Securely store data access credentials, such as your Alibaba Cloud account password and RAM user credentials.

      For more information about how to configure permissions, see Overview of access control.