yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
0b3a43371a4bcc99577594de0a685249d676a567
doc-exports/docs/obs/umn/obs_03_0080.html
zhangyue 19668ae97b OBS UMN DOC 
Reviewed-by: Sabelnikov, Dmitriy <dmitriy.sabelnikov@t-systems.com>
Co-authored-by: zhangyue <zhangyue164@huawei.com>
Co-committed-by: zhangyue <zhangyue164@huawei.com>
2025-05-20 13:11:00 +00:00

58 lines
5.5 KiB
HTML
Raw Blame History

<a name="obs_03_0080"></a><a name="obs_03_0080"></a>
<h1 class="topictitle1">Granting an IAM User Permissions to Operate a Specific Bucket</h1>
<div id="body1557026128761"><p id="obs_03_0080__p1919519475574">Create an IAM user under in an account. The IAM user has no permission to any resource before it is added to any user group. The bucket owner (root account) or other accounts and IAM users, who have the permission to set bucket policies, can configure bucket policies to grant the bucket operation permissions to IAM users.</p>
<p id="obs_03_0080__p2058382155214">The following is an example about how to grant an IAM user the bucket access and object upload permissions.</p>
<div class="section" id="obs_03_0080__section590716177190"><h4 class="sectiontitle">Procedure</h4><ol id="obs_03_0080__ol18540418181913"><li id="obs_03_0080__li10541618101913"><span>In the bucket list, click the bucket you want to operate to go to the <strong id="obs_03_0080__obs_03_0307_b5948183711913">Objects</strong> page.</span></li><li id="obs_03_0080__li61722017207"><span>In the navigation pane, choose <strong id="obs_03_0080__b1092393719509">Permissions</strong> &gt; <strong id="obs_03_0080__b13923113795020">Bucket Policies</strong>.</span></li><li id="obs_03_0080__li516619375538"><span>Click <strong id="obs_03_0080__b330052434">Create</strong>.</span></li><li id="obs_03_0080__li175411318101914"><span>Configure parameters listed in the table below to grant an IAM user the permissions to access the bucket (to list objects in the bucket) and to upload objects.</span><p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="obs_03_0080__table6375112782815" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameters for granting the object listing and upload permissions</caption><thead align="left"><tr id="obs_03_0080__row6375927132818"><th align="left" class="cellrowborder" valign="top" width="21.84%" id="mcps1.3.3.2.4.2.1.2.3.1.1"><p id="obs_03_0080__p1191919501994">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="78.16%" id="mcps1.3.3.2.4.2.1.2.3.1.2"><p id="obs_03_0080__p63751027152820">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="obs_03_0080__row1391771711228"><td class="cellrowborder" valign="top" width="21.84%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="obs_03_0080__p95917391490">Configuration method</p>
</td>
<td class="cellrowborder" valign="top" width="78.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="obs_03_0080__p69178170221">Choose <strong id="obs_03_0080__b1362191719283">Visual Editor</strong>.</p>
</td>
</tr>
<tr id="obs_03_0080__row17375102752819"><td class="cellrowborder" valign="top" width="21.84%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="obs_03_0080__p19596391391">Policy Name</p>
</td>
<td class="cellrowborder" valign="top" width="78.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="obs_03_0080__p83758278280">Enter a custom name.</p>
</td>
</tr>
<tr id="obs_03_0080__row133751227142812"><td class="cellrowborder" valign="top" width="21.84%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="obs_03_0080__p1878546182513">Effect</p>
</td>
<td class="cellrowborder" valign="top" width="78.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="obs_03_0080__p1150132882414">Allow</p>
</td>
</tr>
<tr id="obs_03_0080__row33867294264"><td class="cellrowborder" valign="top" width="21.84%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="obs_03_0080__p43864290269">Principal</p>
</td>
<td class="cellrowborder" valign="top" width="78.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><ul id="obs_03_0080__ul8454113442920"><li id="obs_03_0080__li92545285252">Current account</li><li id="obs_03_0080__li591831416318">Sub-user: Specify IAM users under the current account.</li></ul>
</td>
</tr>
<tr id="obs_03_0080__row15368143312619"><td class="cellrowborder" valign="top" width="21.84%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="obs_03_0080__p13681533112618">Resources</p>
</td>
<td class="cellrowborder" valign="top" width="78.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="obs_03_0080__p1878911118016">Select <strong id="obs_03_0080__b108606374287">Entire bucket (including the objects in it)</strong>.</p>
</td>
</tr>
<tr id="obs_03_0080__row747010261281"><td class="cellrowborder" valign="top" width="21.84%" headers="mcps1.3.3.2.4.2.1.2.3.1.1 "><p id="obs_03_0080__p12471112612810">Actions</p>
</td>
<td class="cellrowborder" valign="top" width="78.16%" headers="mcps1.3.3.2.4.2.1.2.3.1.2 "><p id="obs_03_0080__p5767655150">Select <strong id="obs_03_0080__b1197331343020">Customize</strong> and then the <strong id="obs_03_0080__b199737136308">ListBucket</strong> and <strong id="obs_03_0080__b1697310137307">PutObject</strong> actions.</p>
<div class="note" id="obs_03_0080__note13625678297"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="obs_03_0080__p1462519732913">In this example, only the actions for listing and uploading objects are selected. You can also select other actions to grant corresponding permissions if needed. The asterisk (*) indicates all actions.</p>
<p id="obs_03_0080__p162510713294">For details about the supported actions, see <a href="obs_03_0051.html">Actions</a>.</p>
</div></div>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="obs_03_0080__li1258419325301"><span>Click <strong id="obs_03_0080__b1640035619543">Create</strong> in the lower right corner.</span></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="obs_03_0127.html">Application Cases</a></div>
</div>
</div>
View Git Blame Copy Permalink