All Documents
Current Document

Recommend

Container Engine Virtual Private Cloud Standard Storage Service

Found 0 result in total

Content is empty

If you don't find the content you expect, please try another search term

Documentation

Standard Storage Service (KS3)

View more results
Document title with current keyword not found
Directory
Expand AllFold All Up
No products found with this keyword
Documentation Standard Storage Service (KS3) Access Control Management Examples of bucket policies Restrict access requests that have a specific request header

Restrict access requests that have a specific request header

Last updated:2021-08-20 12:02:02

  1. The following policy allows any users to perform any KS3 operations on objects in the specified bucket. However, the request must contain the x-kss-cdn header with its value set to kingsoftcdn.
{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ks3:*"
      ],
      "Principal": {
        "KSC": [
          "*"
        ]
      },
      "Resource": [
        "krn:ksc:ks3:::example_bucket",
        "krn:ksc:ks3:::example_bucket/*"
      ],
      "Condition": {
        "StringEquals": {
          "ksc:RequestHeader": [
            "x-kss-cdn:kingsoftcdn"
          ]
        }
      }
    }
  ]
}
  1. The following policy allows any users to perform any KS3 operations on objects in the specified bucket. However, the request must contain the x-kss-cdn header with its value not limited.
{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ks3:*"
      ],
      "Principal": {
        "KSC": [
          "*"
        ]
      },
      "Resource": [
        "krn:ksc:ks3:::example_bucket",
        "krn:ksc:ks3:::example_bucket/*"
      ],
      "Condition": {
        "StringLike": {
          "ksc:RequestHeader": [
            "x-kss-cdn:*"
          ]
        }
      }
    }
  ]
}
  1. The following policy allows any users to perform any KS3 operations on objects in the specified bucket. However, the request cannot contain the x-kss-cdn header.
{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ks3:*"
      ],
      "Principal": {
        "KSC": [
          "*"
        ]
      },
      "Resource": [
        "krn:ksc:ks3:::example_bucket",
        "krn:ksc:ks3:::example_bucket/*"
      ],
      "Condition": {
        "StringNotLike": {
          "ksc:RequestHeader": [
            "x-kss-cdn:*"
          ]
        }
      }
    }
  ]
}
On this page
Previous:Examples of bucket policies
Next:Restrict access to a specific IP address
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback