Resources

You can apply a bucket policy to the following resources: an entire bucket (including the objects in it), the current bucket, and specified objects in a bucket.

The Exclude setting can be used to determine whether the bucket policy applies to the specified resources.

Selecting Specified resources for Exclude will let the bucket policy apply to the resources except the specified ones.

If you do not select Specified resources for Exclude, the bucket policy applies to the specified resources.

Applying a Bucket Policy to the Entire Bucket (Including the Objects in It)

If you apply the bucket policy to the entire bucket (including the objects in it), actions related to the bucket and objects must be configured in the policy.

Applying a Bucket Policy to a Bucket

To specify the current bucket as the resource, select Current bucket. When configuring actions for the policy, select bucket related actions.

Applying a Bucket Policy to Specified Objects

To apply the bucket policy to specified objects in a bucket, object-related actions must be configured in the policy. Specifically, select Specified objects for Resources. The configuration format is as follows:

For an object, enter the object name (including its folder name if any). If you want to specify the example.jpg file in the imgs-folder folder in the bucket, enter the following content in the resource text box:
imgs-folder/example.jpg
For an object set, the wildcard asterisk (*) should be used. The asterisk * indicates an empty string or any combination of multiple characters. The format rules are as follows:
- Use only one asterisk (*) to indicate all objects in a bucket.
- Use Object name prefix* to indicate objects starting with this prefix in a bucket. For example,
  imgs*
- Use *Object name suffix to indicate objects ending with this suffix in a bucket. For example,
  *.jpg