Warning
This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.
14.1.2.1 IAM Policy Settings for Object Storage
Policy setting for Object Storage
IAM Policy is an access policy for OCI resources. A policy can generally be thought of as defining what grants a group of users permission to a specific type of resource belonging to a specific compartment.
Object Storage, Archive Storage, and Data Transfer Reference
example
Object list search
Allow group <group_name> to inspect objects in compartment <compartment_name>Reading Object
Allow group <group_name> to read objects in compartment <compartment_name>Using Object (Read & Update)
Allow group <group_name> to use objects in compartment <compartment_name>Object management (use, creation, deletion, recovery)
Allow group <group_name> to manage objects in compartment <compartment_name>
Step 1. Create Bucket
- Create an Object Storage Bucket to be used by the user in the corresponding compartment in advance.
- Name: Example) ExampleBucketForCLI
Step 2. Set permissions for API access users
Log in to the OCI console as administrator.
Policy setting
The following policy is required for the user connected to the oci cli, that is, the group to which the user set in the oci setup config belongs.
Allow group <group_name> to inspect buckets in compartment <compartment_name> Allow group <group_name> to manage objects in compartment <compartment_name>example
Name: ObjectStorageToolPolicy
rule
Allow group ObjectStorageToolGroup to inspect buckets in compartment Sandbox Allow group ObjectStorageToolGroup to manage objects in compartment Sandbox
As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.