Managing Bucket Policies

Prerequisites

• The object service has been enabled.
• The object protocol has been enabled.
• The access key of an account is in Activated status.

Procedure

1. Choose Resources > Resources > Namespace.
2. Select the desired account from the Account drop-down list in the upper left corner.
3. Click the name of the desired namespace, click the Protocol tab, and select Object.

4. Manage bucket policies, including creating, modifying, and deleting bucket policies.
   • Creating a bucket policy
     1. Click Create Bucket Policy.

        The Create Bucket Policy dialog box is displayed.

     2. Configure bucket parameters. Table 1 describes related parameters.

        Table 1 Bucket policy parameters

        Parameter	Description
        Policy Mode	Indicates the mode of the bucket policy. Possible options are: Read-only Authorized users can read bucket resources. Read/Write Authorized users can read and write bucket resources. NOTE: Only one policy mode can be configured at a time.
        Authorized User	Indicates the user on which the bucket policy takes effect. Possible options are: Inclusive The bucket policy takes effect for specified users. Exclusive The bucket policy takes effect for other users except specified users. Current Account The bucket policy takes effect for users of the current account. Another Account The bucket policy takes effect for users of another account.
        Account ID	Indicates the ID of the account to which specified users belong. NOTE: This parameter is valid only when Authorized User is set to Another Account.
        Username	Indicates the user name of a specified user. NOTE: When Authorized User is set to Current Account, click Select and select a user of the current account. When Authorized User is set to Another Account, enter the user name of another account.
        Bucket Resource	Indicates the resources that the bucket policy applies to. Possible options are as follows: Inclusive The bucket policy takes effect on specified resources. Exclusive The bucket policy takes effect on other resources except specified resources. [Value range] The value is an object or object set. You can click Add to add more bucket resources. The value format is: Object: object name Object set: Object name prefix + wildcard (*), wildcard (*) + object name suffix, or wildcard (*)

     3. Click OK.
   • Modifying a bucket policy
     1. Click More on the right of the desired bucket policy and select Modify.

        The Modify Bucket Policy page is displayed.

     2. Modify bucket parameters. Table 1 describes related parameters.
     3. Click OK.
   • Deleting a bucket policy
     1. Click More on the right of the desired bucket policy and select Delete.
     2. Confirm your operation as prompted.

5. Click Close.
   

   If the bucket permission conflicts with the bucket policy, the bucket policy prevails.