VPC Endpoint Policies
Images can be uploaded to and downloaded from SWR Enterprise Edition through VPC endpoints. You can configure policies to control image upload and download. For details about how to create a VPC endpoint, see Access Through VPC Endpoint. For details, see Managing the Policy of a VPC Endpoint.
Example 1: Configure a VPC endpoint policy to allow the upload or download of only specified images.
The following policy only allows servers in VPC1 to upload images to or download images from the SWR Enterprise Edition instance named test-swr in the test-namespace namespace.
{
"Version": "5.0",
"Statement": [
{
"Action": [
"swr:repository:uploadArtifact",
"swr:repository:downloadArtifact"
],
"Resource": [
"swr:*:*:repository:test-swr/test-namespace/*"
],
"Effect": "Allow",
"Principal": "*"
}
]
}
Example 2: Configure a VPC endpoint policy to allow the download of only specified private images and all public images.
The following policy only allows servers in VPC1 to download images from the SWR Enterprise Edition instance named test-swr in the test-namespace namespace, and public images are not restricted.
{
"Version": "5.0",
"Statement": [
{
"Action": [
"swr:repository:downloadArtifact"
],
"Resource": [
"swr:*:*:repository:test-swr/test-namespace/*"
],
"Effect": "Allow",
"Principal": "*"
},
{
"Action": [
"swr:repository:downloadArtifact"
],
"Resource": [
"*"
],
"Effect": "Allow",
"Principal": "*",
"Condition": {
"Bool": {
"swr:RepositoryIsPublic": [
"true"
]
}
}
}
]
}
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
