Created
July 28, 2018 13:04
-
-
Save CodingPapi/3e550b711d0d58b4ebd4f1551fb4fc6c to your computer and use it in GitHub Desktop.
配置阿里云 sts,分配 list object 以及list bucket权限
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
仅为角色分配bucket的action oss:* 仍然无法list bucket中的objects | |
参考https://www.alibabacloud.com/help/zh/doc-detail/31867.htm | |
RAM和STS授权策略(Policy)配置 | |
{ | |
"Version": "1", | |
"Statement": [ | |
{ | |
"Action": [ | |
"oss:GetBucketAcl", | |
"oss:ListObjects" | |
], | |
"Resource": [ | |
"acs:oss:*:1775305056529849:mybucket" | |
], | |
"Effect": "Allow", | |
"Condition": { | |
"StringEquals": { | |
"acs:UserAgent": "java-sdk", | |
"oss:Prefix": "foo" | |
}, | |
"IpAddress": { | |
"acs:SourceIp": "192.168.0.1" | |
} | |
} | |
}, | |
{ | |
"Action": [ | |
"oss:PutObject", | |
"oss:GetObject", | |
"oss:DeleteObject" | |
], | |
"Resource": [ | |
"acs:oss:*:1775305056529849:mybucket/file*" | |
], | |
"Effect": "Allow", | |
"Condition": { | |
"IpAddress": { | |
"acs:SourceIp": "192.168.0.1" | |
} | |
} | |
} | |
] | |
} | |
以及 https://segmentfault.com/a/1190000006962911 中最后的更新部分 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment