forked from docs/doc-exports
Jawei, Li
1a4c1a720a
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Jawei, Li <lijiawei5@huawei.com> Co-committed-by: Jawei, Li <lijiawei5@huawei.com>
15 lines
986 B
HTML
15 lines
986 B
HTML
<a name="EN-US_TOPIC_0125560247"></a><a name="EN-US_TOPIC_0125560247"></a>
|
|
|
|
<h1 class="topictitle1">Using ACL and Bucket Policy Simultaneously</h1>
|
|
<div id="body56486210"><p id="EN-US_TOPIC_0125560247__p480656194610">If an ACL, roles, and a bucket policy are used at the same time and their authorization conflicts, the authorization priorities come as the bucket policy, roles, and the ACL.</p>
|
|
<p id="EN-US_TOPIC_0125560247__p1180614614614">If a bucket policy and an IAM policy are applied to an account together, an explicit deny overrides allows, and an allow overrides default denies.</p>
|
|
<p id="EN-US_TOPIC_0125560247__p54570172173137">Cross-tenant authorized access cannot be implemented for SSE-KMS-encrypted objects using the bucket ACL or policy.</p>
|
|
<p id="EN-US_TOPIC_0125560247__p21369502173137"></p>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0125560354.html">Access Control</a></div>
|
|
</div>
|
|
</div>
|
|
|