检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For details, see Obtaining Account, IAM User, Project, User Group, Region, and Agency Information.
Restrictions To obtain an object ACL, you must be the bucket owner or have the required permission (obs:object:GetObjectAcl in IAM or GetObjectAcl in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Configuring an Object Policy.
Grant permissions to an IAM user.
Background Information AKs and SKs support the authentication mechanism of Identity and Access Management (IAM). An Access Key ID (AK) defines a user that accesses the OBS system. An AK belongs to only one user, but one user can have multiple AKs.
Object Actions Table 1 Object actions Permission API Action IAM Project Enterprise Project Uploading objects with PUT or POST, copying objects, appending content to objects, initiating a multipart upload, as well as uploading, copying, and assembling parts Uploading an Object - PUT
An account (including all IAM users under the account) can create a maximum of 100 buckets. You can leverage the fine-grained permission control capability of OBS to properly plan and use buckets.
ECS APIs: Ensure that the ECS has been bound to an IAM agency that has OBS permissions configured. For details, see Obtaining a Security Key from an ECS. Process of Searching for Access Keys Search for access keys in the .obsutilconfig file (ak, sk, and token).
An account (including all IAM users under the account) can create a maximum of 100 buckets. You can leverage the fine-grained permission control capability of OBS to properly plan and use buckets.
Restrictions To upload an object, you must be the bucket owner or have the required permission (obs:object:PutObject in IAM or PutObject in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Configuring an Object Policy.
Restrictions To check whether a bucket exists, you must be the bucket owner or have the required permission (obs:bucket:HeadBucket in IAM or HeadBucket in a bucket policy).
Restrictions To obtain a bucket's storage class, you must be the bucket owner or have the required permission (obs:bucket:GetBucketStoragePolicy in IAM or GetBucketStoragePolicy in a bucket policy).
You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket.
To perform this operation, the user must be the bucket owner or the bucket owner's IAM user that has permissions required for obtaining bucket policies.
On the top navigation menu, click the username and select Identity and Access Management to log in to the IAM console and verify the permissions of the user. On the Users page, search for the username.
Your account has granted you (an IAM user) the permissions for an enterprise project. Then, what you see is the total storage of only some buckets (the buckets you have permissions for).
Introduction to OBS Permission Control What Are the Differences Between Using an IAM Permission and a Bucket Policy in Access Control? Why Is the Message "Access denied" Still Appearing After OBS System Permissions Were Assigned by IAM?
Related Services Data Express Service (DES) and ECS Figure 6 Backup and archiving High-Performance Computing Description OBS can work with cloud services such as ECS, AS, EVS, IMS, IAM, and Cloud Eye to provide high-performance computing (HPC) solutions.
Restrictions To determine whether a bucket exists, you must be the bucket owner or have the required permission (obs:bucket:HeadBucket in IAM or HeadBucket in a bucket policy).
For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy. The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy. The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
