检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With this function, you can grant fine-grained OBS policies to IAM user groups, so that IAM users in the groups have the specified operation permissions. Such policies can take effect on OBS as a whole or on a specific bucket or object.
Access Requests Accessing OBS Using Permanent Access Keys Accessing OBS Using Temporary Access Keys Accessing OBS Using a Temporary URL Accessing OBS Using an IAM Agency
Appendixes Status Codes Obtaining Access Keys (AK/SK) Obtaining Account, IAM User, Project, User Group, Region, and Agency Information Consistency of Concurrent Operations
User A user is created using an account on Identity and Access Management (IAM) to use cloud services. Each IAM user has its own identity credentials (password and access keys).
IAM Huawei Cloud's identity and access management service that generates temporary security credentials. Procedure Obtain the OBS SDK and IAM SDK. To obtain the OBS SDK, visit SDK Developer Guide. To obtain the IAM SDK, visit IAM SDK.
You can use a bucket policy to grant permission for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you need to configure different bucket policies for those users.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API configures a policy for a bucket.
Grant permissions to an IAM user.
Granting Permissions to Other Accounts Granting Other Accounts the Read/Write Permission for a Bucket Granting Other Accounts the Specified Permissions for a Bucket Granting IAM Users Under an Account the Access to a Bucket and the Resources in It Granting Other Accounts the Read
With this function, you can grant fine-grained OBS policies to IAM user groups, so that IAM users in the groups have the specified operation permissions. Such policies can take effect on OBS as a whole or on a specific bucket or object.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API deletes the policy of a bucket.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API deletes the policy of a bucket.
To configure an ACL for a bucket, you must be the bucket owner or have the required permission (obs:bucket:PutBucketAcl in IAM or PutBucketAcl in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API returns the policy of a bucket.
You can use a bucket policy to grant permission for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you need to configure different bucket policies for those users.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API returns the policy of a bucket.
Programmatic access must be enabled for an IAM user before the IAM user can get access keys. To enable programmatic access, see Viewing or Modifying IAM User Information. Access keys are explained as follows: One AK maps to only one user but one user can have multiple AKs.
Programmatic access must be enabled for an IAM user before the IAM user can get access keys. To enable programmatic access, see Viewing or Modifying IAM User Information. Access keys are explained as follows: One AK maps to only one user but one user can have multiple AKs.
Granting IAM users with different roles the minimum level of access needed To better isolate and manage permissions, you are advised to configure independent IAM administrators and grant them permissions to manage IAM policies.
For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
