Help Center> Object Storage Service> Permissions Configuration Guide> Configuration Cases in Typical Permission Control Scenarios> Granting Permissions to Anonymous Users> Granting Anonymous Users the Public Read Permission for a Bucket
Updated on 2024-05-31 GMT+08:00
View PDF

Granting Anonymous Users the Public Read Permission for a Bucket

Scenario

If a bucket needs to be accessed by anonymous users, you can configure a bucket policy and bucket ACL to grant the access permission to anonymous users. The following uses a bucket policy as an example.

Configuration Precautions

In this case, the preset template Public Read allows all accounts to perform the following actions on a bucket and the objects in it:

  • HeadBucket (to check whether the bucket exists and obtain the bucket metadata)
  • GetBucketLocation (to get the bucket location)
  • GetObject (to obtain object content and metadata)
  • ListBucketVersions (to list object versions in the bucket)
  • RestoreObject (to restore objects from Archive storage)
  • GetObjectVersion (to obtain the content and metadata of a specified object version)

Procedure

  1. In the navigation pane of OBS Console, choose Object Storage.
  2. In the bucket list, click the bucket name you want to go to the Objects page.
  3. In the navigation pane, choose Permissions > Bucket Policy.
  4. On the Bucket Policies page, click Create.
  5. On the displayed page, locate the row containing Public Read and click Use Policy Template.
  6. Configure parameters for a bucket policy.

    Figure 1 Configuring bucket policy parameters
    Table 1 Parameter description

    Parameter

    Description

    Policy View

    Set this parameter based on your own habits. Visual editor is used here.

    Policy Name

    Enter a policy name.

    Policy Content

    Retain the default settings.

  7. After configuring the required parameters, click Next.
  8. Ensure all the configurations are correct and click Create.

Verification

  1. After the permission is set, in the Basic Information area of the bucket overview page, locate Access Domain Name. Share the URL of the access domain name over the Internet so that all Internet users can access the bucket.
  2. On the Objects tab page of the bucket, click the target object name and find the object link. Share the object link over the Internet so that all Internet users can access the object.