All Documents
Current Document

Recommend

Container Engine Virtual Private Cloud Standard Storage Service

Found 0 result in total

Content is empty

If you don't find the content you expect, please try another search term

Documentation

Standard Storage Service (KS3)

View more results
Document title with current keyword not found
Directory
Expand AllFold All Up
No products found with this keyword
Documentation Standard Storage Service (KS3) Access Control Management Examples of bucket policies Grant permissions to IAM users

Grant permissions to IAM users

Last updated:2021-04-28 11:04:15

You can use bucket policies to grant permissions to Kingsoft Cloud accounts and IAM users. A Kingsoft Cloud account can grant permissions to its IAM users and IAM users of other accounts, provided that the account has necessary permissions.

The following authorization statement is used to grant the ks3:GetObject operation permission on all objects in the example_bucket bucket to IAM user bob under the Kingsoft Cloud account whose ID is 12345.

{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ks3:GetObject"
      ],
      "Principal": {
        "KSC": [
          "krn:ksc:iam::12345:user/bob"
        ]
      },
      "Resource": [
        "krn:ksc:ks3:::example_bucket/*"
      ]
    }
  ]
}

Note: To simplify the input in the console, you can set Resource to only the bucket name and object name without the prefix krn:ksc:ks3:::, and Principal to the Kingsoft Cloud account ID or the Kingsoft Cloud account ID and the username of its IAM user in the format of account ID/username. The backend program automatically converts the simplified input into standard input.

On this page
Previous:Restrict access to a specific IP address
Next:Grant read-only permissions to anonymous users
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback