oss有时候要给某个账号只授权一个bucket的权限,方式如下:
1、创建一个 阿里云账号,开启编程访问
2、创建一个权限管理策略,内容为:
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:ListBuckets",
"oss:GetBucketStat",
"oss:GetBucketInfo"
],
"Resource": "acs:oss:*:*:*"
},
{
"Effect": "Allow",
"Action": [
"oss:ListObjects",
"oss:GetBucketAcl",
"oss:PutBucketAcl"
],
"Resource": "acs:oss:*:*:bucket名"
},
{
"Effect": "Allow",
"Action": [
"oss:ListObjects",
"oss:GetObject",
"oss:GetObjectAcl",
"oss:DeleteObject",
"oss:DeleteObjectAcl",
"oss:PutObject",
"oss:PutObjectAcl"
],
"Resource": "acs:oss:*:*:bucket名/*"
}
]
}
3、给步骤一里创建账号赋给步骤二自定义的权限,就ok啦。
登入oss,发现进入其他的bucket并没有权限