Help Center/ Object Storage Service/ FAQs/ Access Control/ How Can I Control Access to OBS?
Updated on 2024-02-21 GMT+08:00

How Can I Control Access to OBS?

You can use the following mechanisms to control access to OBS. For details, see Introduction to OBS Permission Control.

  • IAM permissions

    IAM permissions define the actions that can be performed on your cloud resources, specifying what actions are allowed or denied.

    IAM permissions can be used to grant access to various IAM users under the same parent account.

    The process is as follows:

    1. Create a user group and select an IAM permission set for it.
    2. Create an IAM user and add it to the user group, and it will inherit the permissions of the user group you added it to.
  • Bucket policies

    A bucket policy applies to the configured OBS bucket and all the objects in the bucket. An OBS bucket owner can use a bucket policy to grant permissions on buckets and objects in the buckets to IAM users or other accounts.

  • Access Control List (ACL)

    ACLs control read and write permissions for accounts. ACL control is not as fine-grained as bucket policies and IAM permissions, so IAM permissions and bucket policies are recommended instead.