VPC Endpoint Policies
In SWR Basic Edition, you can upload and download images through VPC endpoints. The VPC endpoint policy can be configured to control the upload and download of the images. For details about how to create a VPC endpoint, see Access Through VPC Endpoint. For details about how to configure a VPC endpoint policy, see Managing the Policy of a VPC Endpoint.
Example 1: Configure a VPC endpoint policy to allow the upload or download of only specified images.
The following policy only allows the servers in VPC1 to upload images to or download images from the test-repo repository in the test-namespace organization of SWR.
{
"Version": "5.0",
"Statement": [
{
"Action": [
"swr:repo:upload",
"swr:repo:download"
],
"Resource": [
"swr:*:*:repo:test-namespace/test-repo"
],
"Effect": "Allow",
"Principal": "*"
}
]
}
Example 2: Configure a VPC endpoint policy to allow the download of only specified private images and all public images.
The following policy only allows the servers in VPC1 to download images from the test-repo repository in the test-namespace organization of SWR. Public images are not restricted.
{
"Version": "5.0",
"Statement": [
{
"Action": [
"swr:repo:download"
],
"Resource": [
"swr:*:*:repo:test-namespace/test-repo"
],
"Effect": "Allow",
"Principal": "*"
},
{
"Action": [
"swr:repo:download"
],
"Resource": [
"*"
],
"Effect": "Allow",
"Principal": "*",
"Condition": {
"Bool": {
"swr:RepositoryIsPublic": [
"true"
]
}
}
}
]
}
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
