Help Center> Object Storage Service> Console Operation Guide> Permission Control> Application Cases> Authorizing Folder Access Permissions to Anonymous Users
View PDF

Authorizing Folder Access Permissions to Anonymous Users

If all objects in a folder need to be accessible to anonymous users, you can configure a bucket policy or an object policy to grant anonymous users the permission to access the folder. In this example, a bucket policy is used. If you want to use an object policy to authorize the permission, select the target folder and configure the object policy directly. Parameters are the same as those in the bucket policy.

Procedure

  1. In the navigation pane on the left of OBS Console, choose Object Storage.
  2. In the bucket list, click a bucket name, and then the Overview page of the bucket is displayed.
  3. In the navigation pane on the left, choose Permissions > Bucket Policy.
  4. Click Create.
  5. In the first row of the template list, click Create Custom Policy on the right.
  6. Configure the following parameters.

    Table 1 Authorizing folder access permissions to anonymous users

    Parameter

    Description

    Policy View

    Visual editor

    Policy Name

    Enter a custom name.

    Policy Content

    Effect

    Allow

    Principal
    • Anonymous user
    • User Policy: Include specified users.

    Resources
    • Resource scope: Object in bucket. Specify objects.
    • Resource path: If the folder name is folder-001, enter folder-001/*, indicating all objects in the folder.
    • Resource Policy: Include specified resources.

    Actions
    • GetObject
    • Operation Strategy: Include selected actions.

  7. Click Next in the lower right corner to confirm the policy configuration.
  8. Click Create in the lower right corner of the page to create the bucket policy.

Verification

  1. After the permission is successfully configured, select an object in the folder and click the object name to view its details. The object link (URL) is displayed on the details page. Share the URL over the Internet, so that all users can access or download the object through the Internet.
  2. An anonymous user can view the object by copying the URL of the object to the web browser.
Parent topic: Application Cases