vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/obs/umn/obs_03_0130.html
zhangyue 4e67ec282b OBS UMN DOC 
Reviewed-by: Sabelnikov, Dmitriy <dmitriy.sabelnikov@t-systems.com>
Co-authored-by: zhangyue <zhangyue164@huawei.com>
Co-committed-by: zhangyue <zhangyue164@huawei.com>
2023-09-21 09:16:48 +00:00

6.0 KiB
Raw Blame History

Restricting Bucket Access to a Specified Address

You can configure a bucket policy to authorize a specified address the permission to access the bucket. This example shows how to deny a client access whose source IP address is within the range of 114.115.1.0/24.

Procedure

  1. In the bucket list, click the bucket you want to operate. The Overview page is displayed.
  2. In the navigation pane, choose Permissions.
  3. Choose Bucket Policies > Custom Bucket Policies.
  4. Click Create Bucket Policy. The Create Bucket Policy dialog box is displayed.
  5. Configure the parameters according to the following table:

    Table 1 Parameters for granting permission to access a bucket

    Parameter

    Value

    Policy Mode

    Customized

    Effect

    Deny

    Principal
    • Include > Other account
    • If the account ID is set to *, the policy setting takes effect on all anonymous users.
    • Leave the user ID blank.

    Resources
    • Include
    • Leave the field blank, indicating the policy takes effect on the entire bucket.

    Actions
    • Include
    • Select the asterisk (*), indicating all actions are involved.

    Conditions
    • Conditional Operator: IpAddress
    • Key: SourceIP
    • Value: 114.115.1.0/24

  6. Click OK.

Verification

Initiate an access request from an IP address within the range of 114.115.1.0/24. The access is denied. Initiate an access request from an IP address outside the range of 114.115.1.0/24. The access is allowed.

Parent topic: Application Cases