检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Creating an IAM User and Granting OBS Permissions You can use IAM for fine-grained access control over your OBS resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Permissions IAM permissions control IAM users under an account to access: All cloud resources.
Configuring IAM Permissions Creating an IAM User and Granting OBS Permissions OBS Custom Policies OBS Resources OBS Request Conditions Parent Topic: Permissions Control
IAM users: Select an IAM user that you want to grant permissions to. Resources Select Current bucket. Actions Choose Customize.
Granting an IAM User the Permissions to Create and List Buckets Scenario This topic describes how to grant an IAM user the permissions to create and list buckets. An IAM user with this permission can create and list buckets.
Granting an IAM User the Read Permissions on Specific Objects Scenario This topic describes how to grant an IAM user the read permissions on an object or a set of objects in an OBS bucket.
Recommended Configuration To grant resource-level permissions to an IAM user, use a bucket policy. Precautions After configuration, the IAM user can download objects using APIs or SDKs.
Granting an IAM User the Read/Write Permission on a Bucket Scenario This topic describes how to grant an IAM user the read/write permission on an OBS bucket. Recommended Configuration To grant resource-level permissions to an IAM user, use a bucket policy.
Granting IAM User Groups Specific Permissions on a Folder Scenario This topic describes how to grant specified permissions for a folder in an OBS bucket to multiple IAM users or user groups. Recommended Configuration Use an IAM custom policy to configure the permissions.
Granting IAM User Groups Basic Permissions on All OBS Resources Scenario This topic describes how to use OBS system roles and policies preset in IAM to grant basic operation permissions for all OBS resources to multiple IAM users or user groups.
Granting IAM User Groups Specific Permissions for All OBS Resources Scenario This topic describes how to grant multiple IAM users or user groups specified permissions for all OBS resources. Recommended Configuration Use an IAM custom policy to configure the permissions.
Recommended Configuration Use an IAM custom policy to configure the permissions. Precautions After configuration, IAM user groups can perform allowed operations using APIs or SDKs.
Granting IAM User Groups All Permissions on All OBS Resources Scenario This topic describes how to grant multiple IAM users or user groups all permissions on all OBS resources. Users with this permission can perform any operations on OBS.
Accessing OBS Using Temporary Access Keys of an IAM Agency The IAM agency is a function of Identity and Access Management (IAM).
Precautions If an IAM user is authorized for an action through both IAM and EPS, the authorization result is subject to IAM configuration. Examples: 1.
An example is given as follows: obs:*:*:object:my-bucket/my-object/* (indicating any object in the my-object directory of bucket my-bucket) Parent Topic: Configuring IAM Permissions
On the API Credentials page, view the account name, account ID, IAM username, IAM user ID, project name, and project ID. Parent topic: FAQs
What Are the Differences Between Using an IAM Permission and a Bucket Policy in Access Control? IAM permissions apply to cloud resources.
Granting Permissions to an IAM User Under the Current Account Granting an IAM User the Permissions to Create and List Buckets Granting an IAM User the Read/Write Permission on a Bucket Granting an IAM User the Specified Permissions for a Bucket Granting an IAM User the Read Permissions
When configuring condition keys in IAM, start them with obs:. For details, see Policy Format. Parent Topic: Configuring IAM Permissions
