Create Bucket Policy

Create a policy to restrict/grant access to a bucket.

Prerequisite

The project's wallet balance must be greater than 0 (see how to top up a project's wallet).
A bucket must already be created (see how to create a bucket).

Instructions

1. Enter the Project

Select a project from the Projects Management page to go to its Project Detail page.

2. Go to the Bucket List page

In the sidebar menu, select Object Storage > Buckets.

3. Go to the Bucket Detail page

Click on the name of the bucket for which you want to edit the policy.

4. Create a Bucket Policy

Go to the "Create Bucket Policy" page by clicking the Add Policy button in the "Policies" section at the bottom of the Bucket Detail page.

The values that must be set when creating a bucket policy include:

Policy Name: The name of the policy that will appear in the policy list.
Target Type: The level at which this policy will be applied.
- Object/Path: For policies that apply to objects, such as GetObject or DeleteObject. The target should be a specific object or a wildcard path, e.g., [bucket name]/home/index.html or [bucket name]/document/*.
- Bucket: For policies that apply to the bucket itself, such as ListBucket or GetBucketLogging. The target will automatically be set to [bucket name].
- Custom: For policies that apply to both the bucket and the objects within it.
Effect: Specifies how the policy is enforced.
- Allow: Grants the specified user(s) permission to perform the specified action(s) on the specified target.
- Deny: Prevents the specified user(s) from performing the specified action(s) on the specified target.
Sub-User(s): The list of users affected by this policy. You can select "Everyone applied for this policy" to apply it to all users, including unauthenticated access for public ACLs.
Actions: The list of actions for this policy. The available actions will change based on the selected Target Type.

Policies created before release 4.15.5 that had targets for both bucket and object/path levels will now have their Target Type displayed as Custom.

5. Creation Complete

Once you have configured all the options, click the CREATE button to confirm. The system will then display the new policy in the policy list.

PreviousRevoke Sub-User's Access Key NextBucket Versioning

Last updated 1 month ago

Was this helpful?