Help Center/
Object Storage Service/
User Guide (Paris Region) /
OBS Console Operation Guide/
Permissions Control/
Application Cases/
Restricting Access to a Bucket for Specific Addresses
Updated on 2024-03-04 GMT+08:00
Restricting Access to a Bucket for Specific Addresses
You can configure a bucket policy to restrict access to a bucket for specific addresses. This example describes how to deny access from clients whose IP address is in the range of 114.115.1.0/24 to a bucket.
Procedure
- In the bucket list, click the bucket you want to operate. The Overview page is displayed.
- In the navigation pane, choose Permissions.
- Choose Bucket Policies > Custom Bucket Policies.
- Click Create Bucket Policy. The Create Bucket Policy dialog box is displayed.
- Configure parameters listed in the table below.
Table 1 Restricting access to a bucket for specific addresses Parameter
Value
Policy Mode
Customized
Effect
Deny
Principal
- Include > Other account
- If the account ID is set to *, the policy setting takes effect on all anonymous users.
- Leave the user ID blank.
Resources
- Include
- Leave the field blank, indicating the policy takes effect on the entire bucket.
Actions
- Include
- Select the asterisk (*), indicating all actions are involved.
Conditions
- Conditional Operator: IpAddress
- Key: SourceIP
- Value: 114.115.1.0/24
- Click OK.
Verification
Initiate an access request from an IP address in the range of 114.115.1.0/24. The access is denied. Initiate an access request from an IP address beyond the range of 114.115.1.0/24. The access is allowed.
Parent topic: Application Cases
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
