Help Center>
Object Storage Migration Service>
FAQs>
Product Consulting>
How Do I Obtain Required Permissions for the Source and Destination Platform Accounts?
Updated on 2024-02-04 GMT+08:00
How Do I Obtain Required Permissions for the Source and Destination Platform Accounts?
Source Permissions
The following uses an OBS bucket on Huawei Cloud as the source bucket. If your source bucket is on another cloud platform, contact engineers of the cloud platform.
The source platform account needs the permissions for:
- Listing all buckets
- Obtaining bucket locations
- Listing objects
- Obtaining object metadata
- Obtaining object content
You can use either of the following methods to obtain required permissions for the source platform account:
- Use system-defined policy OBS Administrator. For details, see Creating a User Group and Assigning Permissions.
- Create a custom policy that defines the permissions to list all buckets, obtain bucket location, list objects, obtain object metadata, and obtain object content.
- Log in to Huawei Cloud and click Console in the upper right corner.
- On the management console, hover the mouse pointer over the username in the upper right corner, and choose Identity and Access Management from the drop-down list.
- In the navigation pane on the left, choose Permissions > Policies/Roles.
- Click Create Custom Policy in the upper right corner.
- Specify a policy name, and set Scope to Global services and Policy View to JSON.
- Copy the following content to the box next to Policy Content and click OK.
{ "Version": "1.1", "Statement": [ { "Action": [ "obs:bucket:ListAllMyBuckets", "obs:bucket:GetBucketLocation", "obs:bucket:ListBucket", "obs:object:GetObject" ], "Resource": [ "obs:*:*:bucket:*", "obs:*:*:object:*" ], "Effect": "Allow" } ] }
After the custom policy is created, perform the following operations to obtain the permissions defined by the custom policy:
- If you have joined a user group, assign the custom policy to the user group, and you will obtain the permissions defined by the custom policy. For details, see Assigning Permissions to a User Group.
- If you have not joined a user group, perform the following steps:
- Create a user group and assign the custom policy to it. For details, see Creating a User Group and Assigning Permissions.
- Add yourself to the user group. You will have the permissions of the user group. For details, see Adding Users to a User Group.
- You must be able to access Huawei Cloud through both the programmatic and management console access methods.
- It takes 15 to 30 minutes for the authorization to take effect.
Destination Permissions
The destination platform account needs the permissions for:
- Listing objects in a bucket
- Obtaining bucket locations
- Listing buckets
- Obtaining object metadata
- Modifying object metadata
- Obtaining object content
- Uploading an object
- Listing multipart uploads
- Restoring archive objects
You can use either of the following methods to obtain required permissions for the destination platform account:
- Use system-defined policy OBS Administrator. For details, see Creating a User Group and Assigning Permissions.
- Create a custom policy.
- Log in to Huawei Cloud and click Console in the upper right corner.
- On the management console, hover the mouse pointer over the username in the upper right corner, and choose Identity and Access Management from the drop-down list.
- In the navigation pane on the left, choose Permissions > Policies/Roles.
- Click Create Custom Policy in the upper right corner.
- Specify a policy name, and set Scope to Global services and Policy View to JSON.
- Copy the following content to the box next to Policy Content and click OK.
{ "Version": "1.1", "Statement": [ { "Effect": "Allow", "Action": [ "obs:bucket:GetBucketLocation", "obs:bucket:ListBucketMultipartUploads", "obs:object:RestoreObject", "obs:object:GetObject", "obs:object:ModifyObjectMetaData", "obs:bucket:ListBucket", "obs:object:PutObject" ], "Resource": [ "OBS:*:*:bucket:*", "OBS:*:*:object:*" ] }, { "Effect": "Allow", "Action": [ "obs:bucket:ListAllMyBuckets" ] } ] }
After the custom policy is created, perform the following operations to obtain the permissions defined by the custom policy:
- If you have joined a user group, assign the custom policy to the user group, and you will obtain the permissions defined by the custom policy. For details, see Assigning Permissions to a User Group.
- If you have not joined a user group, perform the following steps:
- Create a user group and assign the custom policy to it. For details, see Creating a User Group and Assigning Permissions.
- Add yourself to the user group. You will have the permissions of the user group. For details, see Adding Users to a User Group.
- You must be able to access Huawei Cloud through both the programmatic and management console access methods.
- It takes 15 to 30 minutes for the authorization to take effect.
Parent topic: Product Consulting
Product Consulting FAQs
- When Do I Need to Perform Pre-migration Evaluation Before Creating Migration Tasks?
- How Do I Migrate OBS Bucket Data from One Region to Another?
- How Do I Migrate the OBS Bucket Data from One Account to Another?
- How Do I Migrate Data from Multiple Source Buckets to a Single OBS Bucket on Huawei Cloud?
- How Do I Migrate Data in the Root Directory?
- How Does Migration Affect My Source Data? What Are the Impacts on Migration If the Source Data Changes?
- How Do I Change the Storage Path of a Migrated Object?
- How Does OMS Ensure Data Consistency If Data Is Continuously Written to OBS?
- How Do I Obtain Required Permissions for the Source and Destination Platform Accounts?
- How Do I Review the Objects Migrated in a Migration Task?
- How Do I Review the Objects Migrated in a Migration Task Group?
- How Do I Review the Objects Migrated in a Synchronization Task?
- Can I Migrate Data in a Specified Period Using a Synchronization Task?
- Can OMS Only Migrate the Data Generated After a Specified Time?
- Can OMS Filter the Data to Be Migrated by Suffix?
- Does OMS Support Batch Bucket Migration?
- What Is the Storage Class of Archive Data Migrated to the Archive Destination Bucket?
- What Are the Application Scenarios of Migration Tasks and Migration Task Groups?
- If I Delete an Object from the Source Bucket, Will the Corresponding Object in the Destination Bucket Be Deleted?
- How Does OMS Ensure Data Consistency Between the Source and Destination Buckets?
- Why Is the Total Number or Size of Objects in the Destination Bucket Inconsistent with Those in the Source Bucket After the Migration?
- How Does Migration Affect Data in the Destination Bucket?
- Why Are the Migration Progress and the Transmitted Data Volume 0 After the Migration Is Complete?
- How Do I Choose Storage Classes?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
