检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Restrictions To delete the policy of a bucket, you must be the bucket owner or the bucket owner's IAM user with the required permission (obs:bucket:DeleteBucketPolicy in IAM or DeleteBucketPolicy in a bucket policy).
You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
Default value: None agency str Yes when configuring bucket logging Explanation: Name of the IAM agency created by the owner of the target bucket for OBS. You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency.
Value range: You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency.
(Python SDK) How Do I Get My Account ID and IAM User ID? (SDK for Python)
When an IAM user initiates a request, this parameter value is the ID of the account where the IAM user belongs. When an anonymous user initiates a request, this parameter value is Anonymous.
For details, see Creating an IAM User. The administrator of department A needs to perform operations such as creating buckets and configuring bucket policies.
A bucket ACL applies permissions to another Huawei Cloud account and its IAM users, rather than the current account and its IAM users. It can grant access to both a bucket (including the objects in it) and the bucket ACL. The granted access includes view and edit permissions.
Permissions IAM Agency Delegates OBS to operate your resources, so that OBS can use this agency to implement cross-region replication. If there is no IAM agency available, click View IAM agencies to create one.
Mirroring-based back to source requires that you create an IAM agency to delegate OBS to pull data from its origin server.
ACLs are write and read permissions attached to accounts, and are not as fine-grained as bucket policies and IAM policies. It is recommended that you use IAM permissions and bucket policies for access control.
For details about how to obtain the tenant ID, see Obtaining Account, IAM User, Project, User Group, Region, and Agency Information.
IAM Agency Mirroring-based back to source requires an IAM agency to delegate OBS to pull data from its origin server. The agency must grant OBS the obs:object:PutObject, obs:object:GetObject, obs:bucket:ListBucket, and obs:object:AbortMultipartUpload permissions.
A bucket ACL applies permissions to a different account and its IAM users, rather than the current account and its IAM users. It can grant access to both a bucket (including the objects in it) and the bucket ACL. The granted access includes view and edit permissions.
Table 5 GetBucketLoggingOutput Parameter Type Description RequestId string Explanation: Request ID returned by the OBS server Agency string Explanation: Name of the IAM agency created by the owner of the target bucket for OBS. You can select an existing IAM agency or create one.
A bucket ACL applies permissions to another account and its IAM users, rather than the current account and its IAM users. It can grant access to both a bucket (including the objects in it) and the bucket ACL. The granted access includes view and edit permissions.
Grant each department with required IAM user permissions and use bucket policies to grant the IAM users independent permissions on resources. Add external buckets on OBS Browser+ to isolate bucket resources between departments.
Allocate IAM users with different roles to each department and use bucket policies to authorize the IAM users independent permissions on resources. Add external buckets on OBS Browser+ to isolate bucket resources between departments.
IAM is recommended for granting permissions. For details, see IAM Custom Policies. The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
