Creating an Object User Permission Policy

This operation enables you to set the operation permission of the current object user for bucket resources.

Prerequisites

An object user has been created.

Procedure

  1. Choose Resources > Access > Authentication User > Object Users.
  2. Select the desired account from the Account drop-down list in the upper left corner.
  3. Click More on the right of the desired object user and select Manage User Permission Policy.

    The User Permission Policy page is displayed.

    You can also click the desired username to go to the details page and manage user permission policies.

  4. Click Create.

    The Create User Permission Policy page is displayed.

  5. Set Policy Name.

    • The name contains 1 to 128 characters.
    • The name contains basic Latin (ASCII) characters except / * \ ?, and spaces. It cannot contain single quotation marks (') and double quotation marks (") at the same time.
    • The name cannot be modified after the policy is created.

  6. Set Policy Mode. Possible options are as follows:

    • Recommended: provides three policies.
      • Read-only: Authorized users can read bucket resources. This policy mode does not define the write operation permission. You need to determine the permission based on other policies (such as the bucket permission). For example, if the bucket permission is read and write, the user permission is read and write.
      • Write-only: Authorized users can write bucket resources. This policy mode does not define the read operation permission. You need to determine the permission based on other policies (such as the bucket permission). For example, if the bucket permission is read and write, the user permission is read and write.
      • Read and Write: Authorized users can read and write bucket resources.
    • Custom: configures related parameters as required.

      The policy content must be in JSON format and the total length of all policies for an object user can contain a maximum of 2048 characters. Example: {"Statement":[{"Effect":"Allow","Action":"*","Resource":"*"}]}

  7. Click OK.

    After an object user permission policy has been created, it takes effect in 5 minutes.

Parent topic: Managing Object User Permission Policies