Updated on 2024-04-16 GMT+08:00

Configuring Fine-Grained Policies

Custom policies can be created to supplement the system-defined policies of OBS.

Procedure

  1. Log in to the IAM management console.
  2. In the navigation pane on the left, click Policies.
  3. On the page that is displayed, click Create Custom Policy.
  4. On the Create Custom Policy page, set the following parameters:

    Table 1 Custom policy parameters

    Parameter

    Description

    Policy Name

    Only letters, digits, and the following special characters are allowed: -_.,

    Scope

    Select the scope based on the service properties. OBS is a global-level service.

    Description

    (Optional) Brief description about the policy

    Policy Information

    After you select a template, you can customize the content.

    For details, see Policy Structure and Syntax.

    A custom policy can contain multiple authorization items. In addition to the authorization items related to OBS, it can also contain authorization items related other services. But the other services must be at the same project level as OBS.

  5. Click OK to complete the configuration.
  6. Grant fine-grained permissions to a user group and add a user to the user group, so that the user can have the granted permissions. For details, see Creating an IAM User and Granting OBS Permissions.