首先进入对于 OBS桶—-访问权限控制—-桶策略—-创建自定义策略
当前用户:随意
资源范围:当前桶
权限动作:按需选择
创建完成后回到—-桶策略—–编辑刚创建桶策略—–JSON视图
{ "Statement": [ { "Sid": "桶只读-f92c", "Effect": "Allow", "Principal": { "ID": [ "domain/xxxxxxxxxxxxxxxx1ac8620:user/0xxxxxxxxxxxxxxx" ] }, "Action": [ "*", "Get*", "Put*", "List*", "HeadBucket" ], "Resource": [ "sooelehcie", "sooelehcie/*" ] } ] }
把
“domain/xxxxxxxxxx00fed0f2ec00xxxxxx:user/xxxxxxxxxxxxx”
改
“domain/xxxxxxxxxx00fed0f2ec00xxxxxx:agency/委托名”
“domain/domainid;agency/委托名”
跨账号需要,桶策略配置访问者的权限放通+访问者本账号有iam侧obs的权限