Restricting Access to a Bucket for Specific Addresses
You can configure a bucket policy to restrict access to a bucket for specific addresses. This example describes how to deny access from clients whose IP address is in the range of 114.115.1.0/24 to a bucket.
Procedure
- In the bucket list, click the bucket you want to operate to go to the Objects page.
- In the navigation pane, choose Permissions > Bucket Policies.
- Click Create.
- Configure parameters listed in the table below.
Table 1 Restricting access to a bucket for specific addresses Parameter
Description
Configuration method
Choose Visual Editor.
Policy Name
Enter a custom policy name.
Policy content
Effect
Select Deny.
Principals
- Select All accounts.
Resources
- Method 1:
- Select Entire bucket (including the objects in it).
- Method 2:
- Select Current bucket and Specified objects.
- Set the resource path to * (indicating all objects in the bucket).
Actions
- Choose Customize.
- Select * (indicating all actions).
Conditions
- Key: Select SourceIp.
- Condition Operator: Select IpAddress.
- Value: Enter 114.115.1.0/24.
- Click Create in the lower right corner.
Verification
Initiate an access request from an IP address in the range of 114.115.1.0/24. The access is denied. Initiate an access request from an IP address beyond the range of 114.115.1.0/24. The access is allowed.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
