Help Center> Object Storage Service> Console Operation Guide> Permission Control> Application Cases> Configuring the Start Time and End Time of Access to Objects in a Bucket
View PDF

Configuring the Start Time and End Time of Access to Objects in a Bucket

You can configure the bucket policy to limit the time when objects in a bucket are accessible. In the following example, the access time window is from 2019-03-26T12:00:00Z to 2019-03-26T15:00:00Z.

Procedure

  1. In the navigation pane on the left of OBS Console, choose Object Storage.
  2. In the bucket list, click a bucket name, and then the Overview page of the bucket is displayed.
  3. In the navigation pane on the left, choose Permissions > Bucket Policy.
  4. Click Create.
  5. In the first row of the template list, click Create Custom Policy on the right.
  6. Configure the following parameters.

    Table 1 Configuring the Start Time and End Time of Access to Objects

    Parameter

    Description

    Policy View

    Visual editor

    Policy Name

    Enter a custom name.

    Policy Content

    Effect

    Allow

    Principal
    • Anonymous user
    • User Policy: Include specified users.

    Resources
    • Resource scope: Object in bucket. Select All objects.
    • Resource Policy: Include specified resources.
    NOTE:

    In this example, the policy configures permissions only for resources in the bucket. If you need to configure permissions for the entire bucket (for example, the permission to list objects in the bucket), you need to create another custom bucket policy for the current bucket.

    Actions
    • Select * (indicating all actions).
    • Operation Strategy: Include selected actions.
    NOTE:

    Selecting all action permissions may cause resources to be deleted. To avoid this risk, you are advised to set the action name to Get*, indicating all read permissions.

    Conditions
    • Condition 1
      • Condition Operator: DateGreaterThan
      • Key: CurrentTime
      • Value: 2019-03-26T12:00:00Z (UTC format)
    • Conditions 2
      • Condition Operator: DateLessThan
      • Key: CurrentTime
      • Value: 2019-03-26T15:00:00Z (UTC format)

  7. Click Next in the lower right corner to confirm the policy configuration.
  8. Click Create in the lower right corner of the page to create the bucket policy.

Verification

During the specified time period, any user can access the specified resources in the bucket. Outside the specified time period, only the bucket owner can access the bucket.

Parent topic: Application Cases