Creating a User Policy

This operation enables you to set the operation permission of the current user for bucket resources.

Prerequisites

Procedure

  1. Choose Services > Object Service > Account.
  2. Click the name of the desired account and select the User tab.
  3. Enter the access certificate and security certificate of the account and click Authenticate.

    You can perform authentication on either of the Bucket or User tab page.

  4. Click More on the right of the desired user and select User Policy.

    The User Policy page is displayed.

  5. Click Create.

    The Create User Policy page is displayed.

  6. Set Policy Name.

    • The name contains 1 to 128 characters.
    • The name contains ASCII characters, excluding special characters /*\? and space.

  7. Set Policy Mode. Possible options are as follows:

    • Recommended: provides three policies.
      • Read-only: Authorized users can read bucket resources. This policy mode does not define the write operation permission. You need to determine the permission based on other policies (such as the bucket permission). For example, if the bucket permission is read and write, the user permission is read and write.
      • Write-only: Authorized users can write bucket resources. This policy mode does not define the read operation permission. You need to determine the permission based on other policies (such as the bucket permission). For example, if the bucket permission is read and write, the user permission is read and write.
      • Read and Write: Authorized users can read and write bucket resources.
    • Custom: configures related parameters as required.

      For details, see the description of the PolicyDocument parameter in section PutUserPolicy in OceanStor 100D 8.0.2 Object Service Account Management API Description.

      The policy content must be in JSON format and the total length of all policies for a user can contain a maximum of 2048 characters. Example: {"Statement":[{"Effect":"Allow","Action":"*","Resource":"*"}]}

  8. Click OK.

    After a user policy has been created, it takes effect in 5 minutes.

Parent topic: Configuring and Managing Users