检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
To configure a bucket policy, you must be the bucket owner or the bucket owner's IAM user with the required permission (obs:bucket:PutBucketPolicy in IAM or PutBucketPolicy in a bucket policy).
An AK can also identify an IAM user. OBS identifies an IAM user by their AK and SK, and then checks whether they have the permissions to access the resources they are requesting. For details about how to obtain the permanent access keys, see Obtaining Access Keys (AK/SK).
For details, see OBS Permissions Control Overview, IAM Custom Policies, and Creating a Custom Bucket Policy. To use SSE-OBS to encrypt the object you are uploading, you must have the upload permission (obs:object:PutObject in IAM or PutObject in a bucket policy).
With this function, you can grant fine-grained OBS policies to IAM user groups, so that IAM users in the groups have the specified operation permissions. Such policies can take effect on OBS as a whole or on a specific bucket or object.
Permissions Control Configuring IAM Permissions Configuring a Bucket Policy Configuring an Object Policy Configuring a Bucket ACL Configuring an Object ACL
Access Requests Accessing OBS Using Permanent Access Keys Accessing OBS Using Temporary Access Keys Accessing OBS Using a Temporary URL Accessing OBS Using Temporary Access Keys of an IAM Agency
User A user is created using an account on Identity and Access Management (IAM) to use cloud services. Each IAM user has its own identity credentials (password and access keys).
IAM Huawei Cloud's identity and access management service that generates temporary security credentials. Procedure Obtain the OBS SDK and IAM SDK. To obtain the OBS SDK, visit SDK Developer Guide. To obtain the IAM SDK, visit IAM SDK.
Grant permissions to an IAM user.
For a bucket, the value of this field is -. 12456/file.txt IAMUserID IAM user ID. The value can be: IAM user ID: Indicates that the request was made by a non-anonymous user.
Appendixes Status Codes Obtaining Access Keys (AK/SK) Obtaining Account, IAM User, Project, User Group, Region, and Agency Information Consistency of Concurrent Operations
IAM Agency Delegates OBS to operate your resources, so that OBS can use this agency to implement cross-region replication. Click Modify IAM Agency on the right to modify the IAM agency. If there is no IAM agency available, click View IAM Agencies to create one.
You can use a bucket policy to grant permission for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you need to configure different bucket policies for those users.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API configures a policy for a bucket.
With this function, you can grant fine-grained OBS policies to IAM user groups, so that IAM users in the groups have the specified operation permissions. Such policies can take effect on OBS as a whole or on a specific bucket or object.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API deletes the policy of a bucket.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API deletes the policy of a bucket.
Granting Permissions to Other Accounts Granting Other Accounts the Read/Write Permission for a Bucket Granting Other Accounts the Specified Permissions for a Bucket Granting IAM Users Under an Account the Access to a Bucket and the Resources in It Granting Other Accounts the Read
To configure an ACL for a bucket, you must be the bucket owner or have the required permission (obs:bucket:PutBucketAcl in IAM or PutBucketAcl in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API returns the policy of a bucket.
