Standard Storage Service (KS3)

      Documentation Standard Storage Service (KS3) Access Control Management Examples of bucket policies Grant permissions to IAM users

      Grant permissions to IAM users

      Last updated:2021-04-28 11:04:15

      You can use bucket policies to grant permissions to Kingsoft Cloud accounts and IAM users. A Kingsoft Cloud account can grant permissions to its IAM users and IAM users of other accounts, provided that the account has necessary permissions.

      The following authorization statement is used to grant the ks3:GetObject operation permission on all objects in the example_bucket bucket to IAM user bob under the Kingsoft Cloud account whose ID is 12345.

      {
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ks3:GetObject"
      ],
      "Principal": {
        "KSC": [
          "krn:ksc:iam::12345:user/bob"
        ]
      },
      "Resource": [
        "krn:ksc:ks3:::example_bucket/*"
      ]
    }
  ]
}

      Note: To simplify the input in the console, you can set Resource to only the bucket name and object name without the prefix krn:ksc:ks3:::, and Principal to the Kingsoft Cloud account ID or the Kingsoft Cloud account ID and the username of its IAM user in the format of account ID/username. The backend program automatically converts the simplified input into standard input.

      Previous:Restrict access to a specific IP address
      Next:Grant read-only permissions to anonymous users

      Did you find the above information helpful?

      Unhelpful
      Mostly Unhelpful
      A little helpful
      Helpful
      Very helpful

      What might be the problems?

      Insufficient
      Outdated
      Unclear or awkward
      Redundant or clumsy
      Lack of context for the complex system or functionality

      More suggestions

      0/200

      Please give us your feedback.

      Submitted

      Thank you for your feedback.

      问题反馈