检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
ECS APIs: Ensure that the ECS has been bound to an IAM agency that has OBS permissions configured. For details, see Obtaining a Security Key from an ECS. Process of Searching for Access Keys Search for access keys in the .obsutilconfig file (ak, sk, and token).
An account (including all IAM users under the account) can create a maximum of 100 buckets. You can leverage the fine-grained permission control capability of OBS to properly plan and use buckets.
For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy. The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
Restrictions To upload an object, you must be the bucket owner or have the required permission (obs:object:PutObject in IAM or PutObject in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Configuring an Object Policy.
Restrictions To check whether a bucket exists, you must be the bucket owner or have the required permission (obs:bucket:HeadBucket in IAM or HeadBucket in a bucket policy).
Restrictions To obtain a bucket's storage class, you must be the bucket owner or have the required permission (obs:bucket:GetBucketStoragePolicy in IAM or GetBucketStoragePolicy in a bucket policy).
After an account is granted permissions, both the account and its IAM users can access the resources. For more information, see ACLs. This API returns the ACL of a bucket.
You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
Object Actions Table 1 Object actions Permission API Action IAM Project Enterprise Project Uploading objects with PUT or POST, appending content to objects, initiating a multipart upload, and uploading, copying, and assembling parts Uploading an Object - PUT Uploading an Object -
To perform this operation, the user must be the bucket owner or the bucket owner's IAM user that has permissions required for obtaining bucket policies.
On the top navigation menu, click the username and select Identity and Access Management to log in to the IAM console and verify the permissions of the user. On the Users page, search for the username.
Your account has granted you (an IAM user) the permissions for an enterprise project. Then, what you see is the total storage of only some buckets (the buckets you have permissions for).
Introduction to OBS Permission Control What Are the Differences Between Using an IAM Permission and a Bucket Policy in Access Control? Why Is the Message "Access denied" Still Appearing After OBS System Permissions Were Assigned by IAM?
Restrictions To obtain the versioning status of a bucket, you must be the bucket owner or have the required permission (obs:bucket:GetBucketVersioning in IAM or GetBucketVersioning in a bucket policy).
Restrictions To delete bucket tags, you must be the bucket owner or have the required permission (obs:bucket:DeleteBucketTagging in IAM or DeleteBucketTagging in a bucket policy).
For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy. The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
Restrictions To delete the CORS configuration of a bucket, you must be the bucket owner or have the required permission (obs:bucket:PutBucketCORS in IAM or PutBucketCORS in a bucket policy).
For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy. The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
Restrictions To obtain the public access status of a bucket, you must be the bucket owner or have the required permission (obs:bucket:GetBucketPublicStatus in IAM or GetBucketPublicStatus in a bucket policy).
Restrictions To determine whether a bucket exists, you must be the bucket owner or have the required permission (obs:bucket:HeadBucket in IAM or HeadBucket in a bucket policy).