香港CDN,新加坡CDN, 全球CDN,5a8d专业稳定安全的CDN加速服务商

More product documentation

No data

getting started guide
- start using
- create storage space
- upload files
- download file
- Delete Files
- delete storage
- Advanced Features
  - Play HLS on CDNCLOUD Object Storage
developer guide
- basic concept
- programming model
- safety certificate
- access control
- storage
- upload resource
- download resource
- storage resources
- data protection
  - encryption
  - version control
- event notification
  - event notification
- AWS S3 compatible
- Statistical Analysis
  - Statistical Analysis
- data processing
- appendix
  - appendix
- Glossary
  - Glossary
Common tool
Console Operation Guide
- Home Overview
- OSS Purchase
- certificate management
  - certificate management
- Statistical Analysis
  - Statistical Analysis
- account management
  - account management
- Access Management (IAM)
API reference
- API overview
- HTTP headers
- Error code specification
- Data Format
- Access control
- Service interface
- Bucket interface
- Object interface
- Statistics
- data processing
SDK
- Java SDK initialization
  - Java SDK initialization
  - Java SDK
- Python SDK initialization
  - Python initialization
  - Python SDK
- PHP SDK initialization
  - PHP SDK initialization
  - PHP SDK
- Go SDK initialization
  - Go SDK initialization
  - Go SDK
- Android SDK initialization
  - Android SDK initialization
  - Android SDK
- iOS SDK initialization
  - iOS SDK initialization
  - iOS SDK
- Node.js SDK initialization
  - Node.js SDK initialization
  - Node.js SDK
- JavaScript SDK initialization
  - JavaScript SDK initialization
  - JavaScript SDK
- C/C++ SDK initialization
  - C/C++ SDK initialization
  - C/C++ SDK
- C# SDK initialization
  - C# SDK initialization
  - C# SDK

使用Bucket Policy授权

Last updated 2023-07-12 15:01:02

{"value":"Bucket Policy\u662f\u57fa\u4e8e\u8d44\u6e90\u7684\u6388\u6743\u7b56\u7565,\u5e38\u89c1\u7684\u5e94\u7528\u573a\u666f\u5982\u4e0b\uff1a\n\n- \u5411\u5176\u4ed6\u8d26\u53f7\u6388\u6743\u8bbf\u95ee\u3002 \u60a8\u53ef\u4ee5\u6388\u4e88\u5176\u4ed6\u8d26\u53f7\u8bbf\u95ee\u60a8\u5bf9\u8c61\u5b58\u50a8\u8d44\u6e90\u7684\u6743\u9650\u3002\n- \u6388\u4e88\u5e26\u7279\u5b9aIP\u6761\u4ef6\u9650\u5236\u7684\u8bbf\u95ee\u6743\u9650\u3002 \u67d0\u4e9b\u573a\u666f\u4e0b\uff0c\u60a8\u9700\u8981\u6388\u4e88\u5e26IP\u9650\u5236\u7684\u8bbf\u95ee\u7b56\u7565\u3002\u4f8b\u5982\uff0c\u4f01\u4e1a\u5185\u90e8\u7684\u673a\u5bc6\u6587\u6863\uff0c\u53ea\u5141\u8bb8\u5728\u4f01\u4e1a\u5185\u90e8\u8bbf\u95ee\uff0c\u4e0d\u5141\u8bb8\u5728\u5176\u4ed6\u533a\u57df\u8bbf\u95ee\u3002\u7531\u4e8e\u4f01\u4e1a\u5185\u90e8\u4eba\u5458\u8f83\u591a\uff0c\u5982\u679c\u9488\u5bf9\u6bcf\u4e2a\u4eba\u914d\u7f6e\u5b50\u8d26\u53f7\uff0c\u5de5\u4f5c\u91cf\u975e\u5e38\u5927\u3002\u6b64\u65f6\uff0c\u60a8\u53ef\u4ee5\u57fa\u4e8eBucket Policy\u8bbe\u7f6e\u5e26IP\u9650\u5236\u7684\u8bbf\u95ee\u7b56\u7565\uff0c\u4ece\u800c\u9ad8\u6548\u65b9\u4fbf\u5730\u8fdb\u884c\u6388\u6743\u3002\n\nBucket Policy\u4f7f\u7528\u9650\u5236\n\n- \u53ea\u6709Bucket\u62e5\u6709\u8005\u53ef\u4ee5\u8bbe\u7f6eBucket Policy\n- \u6bcf\u4e2aBucket\u9ed8\u8ba4\u6700\u591a\u8bbe\u7f6e20\u6761Bucket Policy\uff0c\u8d85\u51fa\u9650\u5236\u670d\u52a1\u7aef\u8fd4\u56de400\uff1atoo many statement in policy\n- \u6bcf\u4e2aBucket\u7684Policy\u603b\u5185\u5bb9\u5927\u5c0f\u9650\u5236\u4e3a20KB\uff0c\u8d85\u51fa\u9650\u5236\u670d\u52a1\u7aef\u8fd4\u56de400\uff1aEntityTooLarge\n\n# **\u7b56\u7565\u6a21\u578b**\n\nBucket Policy\u662f\u4e00\u7ec4\u89c4\u5b9a\u8c01\u80fd\u4ee5\u4ec0\u4e48\u6837\u7684\u6743\u9650\u8bbf\u95eeBucket\/Object\u7684\u7b56\u7565\u3002Policy\u5b9a\u4e49\u7684\u5185\u5bb9\u5305\u62ec\uff1a\n\n- \u8d44\u6e90\uff08Resource\uff09\n - Bucket\n - \u8d44\u6e90\/Object\uff1a\u5355\u4e2aObject key\u6216Prefix\u6307\u5b9a\n- \u6743\u9650\uff08Action\uff09\uff1a\u6bcf\u4e2aAction\u5bf9\u5e94\u4e00\u7ec4API\n - \u5206\u522b\u5b9a\u4e49\u6709Bucket\u7ea7\u522b\u548cObject\u7ea7\u522b\u7684Action\n - \u8be6\u89c1 \u652f\u6301\u7684\u6743\u9650\u5217\u8868\n- \u59d4\u6258\u4eba\uff08Principle\uff09\uff1a\u88ab\u6388\u6743\u8005\n - \u6240\u6709\u4eba\uff08\u533f\u540d\uff09\uff1a\"Principal\":{\"*\"}\n - \u6240\u6709\u7528\u6237\uff08\u4e0d\u542b\u533f\u540d\u8d26\u6237\uff09\uff1a\"Principal\":{\"AWS\":\"*\"}\n - \u6307\u5b9a\u7528\u6237\n- \u6548\u679c\uff08Effect\uff09\n - Deny\uff0c\u7981\u6b62\u6743\u9650\uff0c\u4f18\u5148\u7ea7\u9ad8\u4e8eAllow\n - Allow\uff0c\u5141\u8bb8\u6743\u9650\n- \u6761\u4ef6\uff08Condition\uff09\n - IpAddress\uff1aIP\u5217\u8868\uff0c\u652f\u6301\u6307\u5b9a\u5730\u5740\u6216\u5730\u5740\u6bb5\n - NotIpAddress\uff1a\u6392\u9664\u7684IP\u5217\u8868\uff0c\u652f\u6301\u6307\u5b9a\u5730\u5740\u6216\u5730\u5740\u6bb5\n - StringLike\uff1a\u5b57\u7b26\u4e32\u5339\u914d\uff08\u533a\u5206\u5927\u5c0f\u5199\uff09\uff0c\u503c\u53ef\u4ee5\u5305\u542b `?` \u548c`*` \u901a\u914d\u7b26\uff1b\u652f\u6301 aws:Referer \u548c aws:Host \u5b57\u6bb5\uff0c\u7528\u4e8e\u8bf7\u6c42\u7684 Referer\/Host \u6821\u9a8c\n - StringNotLike\uff1a\u5b57\u7b26\u4e32\u5426\u5b9a\u5339\u914d\uff08\u533a\u5206\u5927\u5c0f\u5199\uff09\uff0c\u503c\u53ef\u4ee5\u5305\u542b `?` \u548c`*` \u901a\u914d\u7b26\uff1b\u652f\u6301 aws:Referer \u548c aws:Host \u5b57\u6bb5\uff0c\u7528\u4e8e\u8bf7\u6c42\u7684 Referer\/Host \u6821\u9a8c\n - StringEquals\uff1a\u5b57\u7b26\u4e32\u7cbe\u786e\u5339\u914d\uff08\u533a\u5206\u5927\u5c0f\u5199\uff09\uff0c\u503c\u4e0d\u652f\u6301\u901a\u914d\u7b26\uff1b\u652f\u6301 aws:Referer \u548c aws:Host \u5b57\u6bb5\uff0c\u7528\u4e8e\u8bf7\u6c42\u7684 Referer\/Host \u6821\u9a8c\n - StringNotEquals\uff1a\u5b57\u7b26\u4e32\u7cbe\u786e\u5426\u5b9a\u5339\u914d\uff08\u533a\u5206\u5927\u5c0f\u5199\uff09\uff0c\u503c\u4e0d\u652f\u6301\u901a\u914d\u7b26\uff1b\u652f\u6301 aws:Referer \u548c aws:Host \u5b57\u6bb5\uff0c\u7528\u4e8e\u8bf7\u6c42\u7684 Referer\/Host \u6821\u9a8c\n\n\n\n# **\u7b56\u7565\u58f0\u660e\u683c\u5f0f**\n\nBucket Policy\u58f0\u660e\u6837\u4f8b\u5982\u4e0b\uff1a\n\n```\n{\n\"Version\":\"s3.v1\", \n\"Id\": \"samplepolicy\",\n\"Statement\" : [\n {\n \"Sid\":\"AddPerm\", \n \"Effect\":\"Allow\", \n \"Principal\" : { \n \"AWS\":[\"111122223333\",\"444455556666\"]\n },\n \"Action\":[\"s3:*\"], \n \"Resource\":\"arn:aws:s3:::bucket\/*\", \n \"Condition\": { \n \"IpAddress\": {\"aws:SourceIp\": [\"54.240.143.0\/24\",\"2001:DB8:1234:5678::\/64\",\"1.1.1.1\"]},\n \"NotIpAddress\": {\"aws:SourceIp\": \"54.240.143.188\/32\"},\n \"StringLike\": {\n \"aws:Referer\": [\"*.uuci.net\",\"\"],\n \"aws:Host\": [\"fly.uuci.net\",\"\"] \n }\n }\n },\n {},...\n ]\n}\n```\n\n\u5b57\u6bb5\u8bf4\u660e\uff1a\n\n| \u5b57\u6bb5 | \u5fc5\u586b | \u8bf4\u660e | \u6837\u4f8b |\n| --------- | ---- | ------------------------------------------------------------ | ------------------------------------------------------------ |\n| Resource | \u662f | \u6388\u6743\u8d44\u6e90\uff0c\u53ef\u4ee5\u662fBucket\u6216Object\uff0c\u4ee5\u5b57\u7b26\u4e32\u6216\u5b57\u7b26\u4e32\u5217\u8868\u8868\u793a\uff0c\u5927\u5c0f\u5199\u654f\u611f\uff1a`\"arn:aws:s3:::<bucket>\"`\uff0c`\"arn:aws:s3:::<bucket>\/<key_regex>\"`\u3002 Object\u652f\u6301\u6b63\u5219\u8868\u8fbe\u5f0f\u3002 \u5982\u679c\u4e0d\u5e26\/ \u8ba4\u4e3a\u662fbucket\u5f62\u5f0f, \u5426\u5219\u8ba4\u4e3a\u662fobject\u5f62\u5f0f\u3002 \u6307\u5b9a\u4e3aBucket\u65f6, \u8981\u6c42\u5305\u542b\u81f3\u5c11\u4e00\u4e2aBucket\u7ea7\u522b\u7684Action\uff1b\u6307\u5b9a\u4e3aObject\u65f6\uff0c\u5219\u8981\u6c42\u5305\u542b\u81f3\u5c11\u4e00\u4e2aObject\u7ea7\u522b\u7684Action\u3002 | `\"Resource\":[\"arn:aws:s3:::examplebucket\"]` `\"Resource\":[\"arn:aws:s3:::examplebucket\/abc\/*\"]` `\"Resource\":\"arn:aws:s3:::examplebucket\/* \"` `\"Resource\":\"arn:aws:s3:::examplebucket\/ab?df* \"` |\n| Action | \u662f | \u6743\u9650\uff0c\u4ec5\u9650\u4f7f\u7528\u7cfb\u7edf\u5b9a\u4e49\u7684Action\u540d\u6765\u8bbe\u7f6e\uff0c\u652f\u6301\u6307\u5b9a\u591a\u4e2aAction\uff0c\u683c\u5f0f\u4e3a\u5b57\u7b26\u4e32 | `\"Action\":[\"s3:PutObject\",\"s3:GetObject\",\"s3:DeleteObject\"]` `\u201cAction\":\"s3:*\"` |\n| Principle | \u662f | \u88ab\u6388\u6743\u8005\uff0c\u4ee5\u7528\u6237id\u8868\u793a\uff0c\u652f\u6301\u6307\u5b9a\u591a\u4e2a\u7528\u6237\uff1a`\"AWS\":<id>`\uff0c`\"AWS\":<id list>`\u3002AWS\u5fc5\u987b\u5927\u5199\u3002 \u5f53Bucket\u62e5\u6709\u8005\u88abPrinciple\u6307\u5b9a\u65f6\uff0cBucket\u62e5\u6709\u8005\u4e5f\u4f1a\u88ab\u7b56\u7565\u9650\u5236\uff1b\u4f46\u662fBucket\u62e5\u6709\u8005\u53ef\u4ee5\u4fee\u6539Policy\u6765\u89e3\u9664\u9650\u5236\u3002 | `\"Principal\":{\"AWS\":[\"11\",\"22\"]}` `\u201cPrincipal\":{\"AWS\":\"*\"}` |\n| Effect | \u662f | \u6548\u679c\uff0c\u53ef\u4ee5\u8bbe\u7f6e\u4e3a\u5141\u8bb8\uff08Allow\uff09\u6216\u62d2\u7edd\uff08Deny\uff09\uff0c\u5927\u5c0f\u5199\u654f\u611f\u3002 \u62d2\u7edd\u4f18\u5148\u7ea7\u9ad8\u4e8e\u5141\u8bb8\uff1b\u5176\u4ed6\u5b57\u6bb5\u90fd\u5339\u914d\u6210\u529f\u540e\uff0cEffect\u5b57\u6bb5\u624d\u751f\u6548\u3002 | `\"Effect\":\"Allow\"` |\n| Condition | \u5426 | \u7b56\u7565\u751f\u6548\u6761\u4ef6\uff0c\u76ee\u524d\u652f\u6301\u300cIpAddress\u300d\u3001\u300cNotIpAddress\u300d\u3001\u300cStringLike\u300d\u3001\u300cStringNotLike\u300d\u3001\u300cStringEquals\u300d\u3001\u300cStringNotEquals\u300d6 \u79cd\u3002 1\u3001IpAddress \u548c NotIpAddress \u652f\u6301\u6307\u5b9a\u591a\u4e2aIP\u5730\u5740\u6216\u5730\u5740\u6bb5\uff1a`\"IpAddress\":{\"aws:SourceIp\":<IP>}`,`\"IpAddress\":{\"aws:SourceIp\":<IP segment>}`\u3002 IpAddress\u3001NotIpAddress\u3001aws:SourceIp \u5927\u5c0f\u5199\u654f\u611f\u3002 2\u3001StringLike\u3001StringNotLike\u3001StringEquals\u3001StringNotEquals \u652f\u6301\u8bbe\u5b9a`\"aws:Referer\"`\u548c`\"aws:Host\"`\uff0c\u6765\u5b9e\u73b0\u5bf9\u8bf7\u6c42 Referer \u548c Host \u7684\u6821\u9a8c\uff1b`\"aws:Referer\"`\u548c`\"aws:Host\"`\u7684\u8bbe\u7f6e\u652f\u6301\u7a7a Referer\/Host\uff0c\u6bcf\u4e2a\u503c\u6700\u591a\u5305\u542b1\u4e2a\u591a\u5b57\u7b26\u5339\u914d\u7684\u901a\u914d\u7b26`*`\u3002 3\u3001StringLike\u3001StringNotLike\u3001StringEquals\u3001StringNotEquals \u652f\u6301\u8bbe\u5b9a `\"s3:prefix\"`\uff0c\u4e14\u5fc5\u987b\u914d\u5408 Action `s3:ListBucket` \u6388\u6743\u3002 | `\"Condition\": {` `\"IpAddress\": {\"aws:SourceIp\":[\"54.240.143.0\/24\", \"1.1.1.1\"] },` `\"NotIpAddress\": {\"aws:SourceIp\": \"54.240.143.188\/32\"},` `\"StringLike\": {` `\"aws:Referer\": [\"*.uuci.net\",\"\"],` `\"aws:Host\": [\"fly.uuci.net\",\"\"]` `}` `}` |\n\n\n\n# **\u652f\u6301\u7684\u6743\u9650\u5217\u8868**\n\nBucket Policy\u7684\u6743\u9650\u5206\u4e3aBucket\u548cObject\u4e24\u7c7b\uff0c\u5bf9\u5e94\u7684API\u76f8\u4e92\u72ec\u7acb\uff0c\u76ee\u524d\u652f\u6301\u7684\u6743\u9650\u5217\u8868\u5982\u4e0b\uff1a\n\n| Action | API | Level |\n| ----------------------------- | ------------------------------------------------------------ | -------------- |\n| s3:DeleteBucket | DELETE Bucket | Bucket |\n| s3:ListBucket | GET Bucket(List Objects)\uff0cHEAD Bucket | Bucket |\n| s3:GetBucketLocation | Get bucket location | Bucket |\n| s3:ListBucketMultipartUploads | List Multipart Uploads | Bucket |\n| s3:DeleteObject | DELETE Object\uff0cDELETE Objects | Object |\n| s3:GetObject | GET Object, HEAD Object | Object |\n| s3:PutObject | PUT Object, POST Object, Initiate Multipart Upload, Upload Part, Complete Multipart Upload, PUT Object-Copy | Object |\n| s3:AbortMultipartUpload | Abort Multipart Upload | Object |\n| s3:ListMultipartUploadParts | List Parts | Object |\n| s3:* | All API above | Bucket\u3001Object |\n\n\u8bf4\u660e\uff1a\n\n- Action\u548cResource\u9700\u8981\u5339\u914d\uff0c\u5426\u5219\u65e0\u6cd5\u8bbe\u7f6e\uff0c\u670d\u52a1\u7aef\u8fd4\u56de\u9519\u8bef\uff1aAction does not apply to any resource(s) in statement\n - Level\u4e3aBucket\u65f6\uff0cResource\u5fc5\u987b\u6307\u5b9aBucket\n - Level\u4e3aObject\u65f6\uff0cResource\u5fc5\u987b\u6307\u5b9a\u5177\u4f53\u7684Object\u6216\u662fPrefix\n- \u60f3\u8981\u6388\u4e88\u7a7a\u95f4\u53ca\u5176\u5bf9\u8c61\u7684\u5b8c\u5168\u63a7\u5236\u6743\u9650\u65f6\uff0c\n - \u9488\u5bf9Bucket\u8bbe\u7f6eAction\u4e3a`s3:*`\n - \u540c\u65f6\u9488\u5bf9Bucket\u4e0b\u6240\u6709\u7684Object\u8bbe\u7f6eAction\u4e3a`s3:*`\n\n# **Bucket Policy API**\n\n## **\u8bbe\u7f6eBucket Policy**\n\n\u672c\u63a5\u53e3\u652f\u6301Bucket Policy\u7684\u65b0\u589e\u548c\u4fee\u6539\u64cd\u4f5c\u3002\n\n### **\u8bf7\u6c42**\n\n**\u8bed\u6cd5**\n\n```\nPOST \/?policy HTTP\/1.1\nHost: <s3\u7a7a\u95f4\u540d>.<s3Endpoint>\nDate: Tue, 04 Apr 2019 20:34:56 GMT \nAuthorization: authorization string\n\n{ Policy in JSON format }\n```\n\n**\u8bf7\u6c42\u5143\u7d20** Policy\u58f0\u660e\u3002\n\n### **\u54cd\u5e94**\n\n**\u54cd\u5e94\u7801** \u4e0eAWS\u4e00\u81f4\u3002\n\n**\u54cd\u5e94\u5143\u7d20** \u8be5\u8bf7\u6c42\u64cd\u4f5c\u7684\u54cd\u5e94\u4f53\u4e3a\u7a7a\u3002\n\n## **\u67e5\u8be2Bucket Policy**\n\n\u672c\u63a5\u53e3\u652f\u6301\u67e5\u8be2\u6307\u5b9a\u7a7a\u95f4\u5df2\u8bbe\u7f6e\u7684Policy\u4fe1\u606f\u3002\n\n### **\u8bf7\u6c42**\n\n**\u8bed\u6cd5**\n\n```\nGET \/?policy HTTP\/1.1\nHost: <s3\u7a7a\u95f4\u540d>.<s3Endpoint>\nDate: Tue, 04 Apr 2019 20:34:56 GMT \nAuthorization: authorization string\n```\n\n**\u8bf7\u6c42\u5143\u7d20** \u8be5\u8bf7\u6c42\u64cd\u4f5c\u7684\u8bf7\u6c42\u4f53\u4e3a\u7a7a\u3002\n\n### **\u54cd\u5e94**\n\n**\u54cd\u5e94\u7801** \u4e0eAWS\u4e00\u81f4\u3002\n\n**\u54cd\u5e94\u5143\u7d20** Policy in JSON format\u3002\u53ef\u53c2\u89c1 Bucket Policy\u58f0\u660e\u6837\u4f8b\n\n\u672c\u63a5\u53e3\u652f\u6301\u4e00\u952e\u5220\u9664\u6307\u5b9a\u7a7a\u95f4\u7684\u6240\u6709Policy\u4fe1\u606f\u3002\n\n### **\u8bf7\u6c42**\n\n**\u8bed\u6cd5**\n\n```\nDELETE \/?policy HTTP\/1.1\nHost: <s3\u7a7a\u95f4\u540d>.<s3Endpoint>\nDate: Tue, 04 Apr 2019 20:34:56 GMT \nAuthorization: authorization string\n```\n\n**\u8bf7\u6c42\u5143\u7d20** \u8be5\u8bf7\u6c42\u64cd\u4f5c\u7684\u8bf7\u6c42\u4f53\u4e3a\u7a7a\n\n### **\u54cd\u5e94**\n\n**\u54cd\u5e94\u7801** \u4e0eAWS\u4e00\u81f4\u3002\n\n**\u54cd\u5e94\u5143\u7d20** \u8be5\u8bf7\u6c42\u64cd\u4f5c\u7684\u54cd\u5e94\u4f53\u4e3a\u7a7a\u3002"}

Previous:Compatible API

Next:None

No data

Cloud Compute

ECS

Bare metal server

Custom Image

Image

Snapshot

CPU cloud server

OSS

ECS

Image

Snapshot

Bare metal server

High Defense IP

My Order

Admin console

Payment

Manual customer service

Register now

Sign in

Register now

Sign in