Help Center/ Content Moderation/ API Reference/ Appendix/ Configuring the Access Permission of OBS
Updated on 2024-03-27 GMT+08:00

Configuring the Access Permission of OBS

Multimedia files such as images and voice files in the Enterprise Intelligence (EI) services can be directly processed by HUAWEI CLOUD OBS. This reduces service usage costs, shortens service response time, and improves service experience.

To ensure data security, a service can used authorized URLs (https://<bucket-name>.<endpoint>/<object-name>) to access files stored on OBS after it is granted with the permission. If not permitted, services cannot directly obtain user data. To obtain the user data, public read authorization must be enabled or a temporarily authorized URL must be provided.

Service Authorization

To use data in OBS, you need to enable OBS authorization. Log in to the Content Moderation management console and click Service Management. Enable OBS Authorization. After the authorization is enabled, you can use the authorized URL to access the service.

Figure 1 OBS Authorization

Content Moderation does not support OBS in other regions. The region of OBS must be consistent with that of Content Moderation.

Enabling Public Read Authorization

For details about how to enable public read authorization, see Permission Control in the Object Storage Service Console Operation Guide. Then, you can access the data on OBS using the URL after the corresponding files are uploaded to OBS. The URL can also serve as EI services' API request parameter for using related service APIs.

Using Temporary Request Authentication

Public read authorization is easy to use. However, when it is enabled, sensitive information, such as private data, may be disclosed. In this scenario, the temporary authorization function provided by OBS can be used.

OBS allows users to construct a specific URL for objects in the OBS service. The URL contains authentication information. Any user can use the URL to access the specified object in OBS, but the URL is valid only before the expiry time specified by Expires. After a user issues temporary authorization, other users can perform desired operations without knowing the user's secret access key.

For details about how to use the OBS temporary authorization function, see section "Authorized Access" of the corresponding programming language in the Object Storage Service SDK Reference. Download the related SDK and sample code, and compile code to obtain the related URL.