Estos contenidos se han traducido de forma automática para su comodidad, pero Huawei Cloud no garantiza la exactitud de estos. Para consultar los contenidos originales, acceda a la versión en inglés.
Centro de ayuda/ Object Storage Service/ Guía del usuario/ Control de permisos/ Mecanismos de control de permisos/ Relationship Between a Bucket ACL and a Bucket Policy
Actualización más reciente 2024-09-18 GMT+08:00
Ver PDF
Compartir

Relationship Between a Bucket ACL and a Bucket Policy

Mapping Between Bucket ACLs and Bucket Policies

Bucket ACLs are used to control basic read and write access to buckets. Custom settings of bucket policies support more actions that can be performed on buckets. Bucket policies supplement bucket ACLs. In most cases (granting permissions to log delivery user groups excluded), you can use bucket policies to manage access to buckets. Tabla 1 shows the mapping between bucket ACL access permissions and bucket policy actions.

Tabla 1 Mapping relationship between bucket ACLs and bucket policies

ACL Permission

Option

Mapped Action in a Custom Bucket Policy

Access to bucket

Read
  • HeadBucket
  • ListBucket
  • ListBucketVersions
  • ListBucketMultipartUploads

Object read
  • GetObject

Write
  • PutObject
  • DeleteObject
  • DeleteObjectVersion

Access to ACL

Read

GetBucketAcl

Write

PutBucketAcl

Mapping Relationship Between Object ACLs and Bucket Policies

Object ACLs are used to control basic read and write access permissions for objects. The custom settings of bucket policies support more actions that can be performed on objects. Tabla 2 describes the mapping relationship between object ACL access permissions and bucket policy actions.

Tabla 2 Mapping relationship between object ACLs and bucket policies

Object ACL

Option

Mapped Action in a Custom Bucket Policy

Access to Object

Read
  • GetObject
  • GetObjectVersion

Access to ACL

Read
  • GetObjectAcl
  • GetObjectVersionAcl

Write
  • PutObjectAcl
  • PutObjectVersionAcl