Granting Anonymous Users the Read Permission for Certain Objects
Scenario
Enterprise A stores a large volume of map data in OBS, and offers the data for public query. This enterprise sets a read permission for anonymous users, and provides the data URLs on the Internet. Then all users can read or download the data through the URLs.
Configuration Precautions
- ListBucket (to list objects in the bucket and obtain the bucket metadata)
- HeadBucket (to check whether the bucket exists)
- GetBucketLocation (to get the bucket location)
- ListBucketVersions (to list object versions in the bucket)
- GetObject (to obtain object content and metadata)
- RestoreObject (to restore objects from Archive storage)
- GetObjectAcl (to obtain the object ACL)
- GetObjectVersion (to obtain the content and metadata of a specified object version)
- GetObjectVersionAcl (to obtain the ACL of a specified object version)
Procedure
- In the navigation pane of OBS Console, choose Object Storage.
- In the bucket list, click the bucket name you want to go to the Objects page.
- In the navigation pane, choose Permissions > Bucket Policy.
- On the Bucket Policies page, click Create.
- Locate the row containing Directory read-only and click Use Policy Template.
- Configure parameters for a bucket policy.
Figure 1 Configuring bucket policy parameters
Table 1 Parameter description Parameter
Description
Policy View
Set this parameter based on your own habits. Visual editor is used here.
Policy Name
Enter a policy name.
Policy Content
- Select Allow.
- Parameters under Principal:
- Principal: Select Anonymous user.
- User Policy: Select Include specified users.
- Parameters under Resources:
- Resource: Select both Current bucket and Object in bucket.
- Object in bucket: Select Specified objects.
For one object, enter object name.
For a set of objects, enter object name prefix + *, * + object name suffix, or *.
- Resource Policy: Select Include specified resources.
- After configuring the required parameters, click Next.
- Ensure all the configurations are correct and click Create.
Verification
After the permission is set, click the object. Its URL is displayed under Link. Share the URL over the Internet, so that all users can access or download the object through the Internet.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.