How Can I Control Access to OBS?
You can use the following mechanisms to control access to OBS. For details, see Introduction to OBS Permission Control.
- IAM permissions
IAM permissions define the actions that can be performed on your cloud resources, specifying what actions are allowed or denied.
IAM permissions can be used to grant access to various IAM users under the same parent account.
The process is as follows:
- Create a user group and select an IAM permission set for it.
- Create an IAM user and add it to the user group, and it will inherit the permissions of the user group you added it to.
- Bucket policies
A bucket policy applies to the configured OBS bucket and all the objects in the bucket. An OBS bucket owner can use a bucket policy to grant permissions on buckets and objects in the buckets to IAM users or other accounts.
- Access Control List (ACL)
ACLs control read and write permissions for accounts. ACL control is not as fine-grained as bucket policies and IAM permissions, so IAM permissions and bucket policies are recommended instead.
Access Control FAQs
- How Can I Control Access to OBS?
- What Are the Differences Between Using an IAM Permission and a Bucket Policy in Access Control?
- What Is the Relationship Between a Bucket Policy and an Object Policy?
- Why Is the Message "Access denied" Still Appearing After OBS System Permissions Were Assigned by IAM?
- Why Does Message "Access denied" Appear After I Was Granted the Read and Write Permissions for a Bucket?
- Why Can't I Access OBS (403 AccessDenied) After Being Granted with the OBS Access Permission?
- How Do I Control Access to Folders in an OBS Bucket?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
