forked from docs/doc-exports
Jawei, Li
1a4c1a720a
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Jawei, Li <lijiawei5@huawei.com> Co-committed-by: Jawei, Li <lijiawei5@huawei.com>
13 lines
1.6 KiB
HTML
13 lines
1.6 KiB
HTML
<a name="EN-US_TOPIC_0125560328"></a><a name="EN-US_TOPIC_0125560328"></a>
|
|
|
|
<h1 class="topictitle1">Overview</h1>
|
|
<div id="body6143164"><p id="EN-US_TOPIC_0125560328__p166671442161713">Buckets or objects that are created by a user belong to the user's domain. By default, only users in the domain can access the buckets or objects. In this policy you can control permission access to requested resources (buckets or objects). OBS uses the access control list (ACL) and bucket policy to manage permission.</p>
|
|
<ul id="EN-US_TOPIC_0125560328__ul35726176"><li id="EN-US_TOPIC_0125560328__li55288480">ACL: specifies an account's permission to access resources. Each entry in an ACL grants specific permission to a specific account. ACLs apply to accounts but not accounts' users. You can use an ACL to grant but not to deny permission.</li><li id="EN-US_TOPIC_0125560328__li27834280">Bucket policy: controls one or multiple users' or accounts' permission to access buckets or bucket objects. You can use a bucket policy to grant or deny permission. A bucket policy applies to both accounts and users. If a user receives the returned code <strong id="EN-US_TOPIC_0125560328__b125641250896">200</strong> when configuring a bucket policy, it indicates that the user is authorized with the permission for bucket policy configuration. If the code <strong id="EN-US_TOPIC_0125560328__b356410501892">405</strong> is returned, it indicates that the user does not have the permission to configure the bucket policy.</li></ul>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0125560354.html">Access Control</a></div>
|
|
</div>
|
|
</div>
|
|
|