检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
You can use a bucket policy to grant permission for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you need to configure different bucket policies for those users.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API returns the policy of a bucket.
Programmatic access must be enabled for an IAM user before the IAM user can get access keys. To enable programmatic access, see Viewing or Modifying IAM User Information. Access keys are explained as follows: One AK maps to only one user but one user can have multiple AKs.
Programmatic access must be enabled for an IAM user before the IAM user can get access keys. To enable programmatic access, see Viewing or Modifying IAM User Information. Access keys are explained as follows: One AK maps to only one user but one user can have multiple AKs.
Granting IAM users with different roles the minimum level of access needed To better isolate and manage permissions, you are advised to configure independent IAM administrators and grant them permissions to manage IAM policies.
You can choose an existing IAM agency from the drop-down list or click Create Agency to create one. To create an agency, see Creating an Agency for Uploading Logs. Click OK.
For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
You can use a bucket policy to grant permissions for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you can configure required bucket policies. This API configures a policy for a bucket.
You can use a bucket policy to grant permission for the bucket and the objects in it to IAM users or other accounts. If you want IAM users to have different permissions for different buckets, you need to configure different bucket policies for those users.
Programmatic access must be enabled for an IAM user before the IAM user can get access keys. To enable programmatic access, see Viewing or Modifying IAM User Information. Access keys are explained as follows: One AK maps to only one user but one user can have multiple AKs.
To obtain the policy of a bucket, you must be the bucket owner or the bucket owner's IAM user with the required permission (obs:bucket:GetBucketPolicy in IAM or GetBucketPolicy in a bucket policy).
Restrictions To delete the policy of a bucket, you must be the bucket owner or the bucket owner's IAM user with the required permission (obs:bucket:DeleteBucketPolicy in IAM or DeleteBucketPolicy in a bucket policy).
You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
Default value: None agency str Yes when configuring bucket logging Explanation: Name of the IAM agency created by the owner of the target bucket for OBS. You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency.
Value range: You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency.
Current account: Specify one or more IAM users under the current account. Other accounts: Specify one or more accounts. NOTE: The account ID and IAM user ID can be obtained from the My Credentials page. The format is Account ID/IAM User ID.
After an account is granted permissions, both the account and its IAM users can access the resources. For more information, see ACLs. This API returns the ACL of a bucket.
(Python SDK) How Do I Get My Account ID and IAM User ID? (SDK for Python)
