Standard Storage Service (KS3)

      Documentation Standard Storage Service (KS3) Access Control Management Example of user permissions Allow IAM users to access resources only by using specific IP addresses

      Allow IAM users to access resources only by using specific IP addresses

      Last updated:2021-04-28 11:04:15

      The following policy grants KS3 permissions. However, all requests must originate from the specified IP address range.

      {
  "Version":"2015-11-01",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ks3:GetObject",
        "ks3:ListBucket"
      ],
      "Resource": [
        "krn:ksc:ks3:::example_bucket",
        "krn:ksc:ks3:::example_bucket/*"
      ],
      "Condition": {
        "IpAddress": {
          "ksc:SourceIp": [
            "54.240.144.0/24"
          ]
        },
        "NotIpAddress": {
          "ksc:SourceIp": [
            "54.240.144.188/32"
          ]
        }
      }
    }
  ]
}
      Previous:Allow IAM users to access a specific bucket
      Next:Comparison of access policies

      Did you find the above information helpful?

      Unhelpful
      Mostly Unhelpful
      A little helpful
      Helpful
      Very helpful

      What might be the problems?

      Insufficient
      Outdated
      Unclear or awkward
      Redundant or clumsy
      Lack of context for the complex system or functionality

      More suggestions

      0/200

      Please give us your feedback.

      Submitted

      Thank you for your feedback.

      问题反馈