Help Center/
Object Storage Service/
User Guide (Kuala Lumpur Region)/
OBS Console Operation Guide/
Permission Control/
Application Cases/
Restricting Bucket Access to a Specified Address
Updated on 2022-08-16 GMT+08:00
Restricting Bucket Access to a Specified Address
You can configure a bucket policy to authorize a specified address the permission to access the bucket. This example shows how to deny a client access whose source IP address is within the range of 114.115.1.0/24.
Procedure
- In the bucket list, click the bucket you want to operate. The Overview page of the bucket is displayed.
- In the navigation pane on the left, click Permissions to go to the permission management page.
- Choose Bucket Policies > Custom Bucket Policies.
- Click Create Bucket Policy. The Create Bucket Policy dialog box is displayed.
- Configure the parameters according to the following table:
Table 1 Parameters for authorizing the permission to access a specified bucket Parameter
Value
Policy Mode
Customized
Effect
Deny
Principal
- Include > Other account
- If the account ID is set to *, the policy setting takes effect on all anonymous users.
- Leave the user ID blank.
Resources
- Include
- Select Entire bucket.
Actions
- Include
- Select the asterisk (*), indicating all actions are involved.
Conditions
- Conditional Operator: IpAddress
- Key: SourceIP
- Value: 114.115.1.0/24
- Click OK.
Verification
Initiate an access request from an IP address within the range of 114.115.1.0/24. The access is denied. Initiate an access request from an IP address outside the range of 114.115.1.0/24. The access is allowed.
Parent topic: Application Cases
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
