Permission List
By default, user-created buckets or uploaded files can only be accessed by the user. If you want to make them accessible to other users or everyone, you need to grant the bucket or object permissions to the corresponding visitor. The following are the meanings of various permissions:
| Scope | Permission | Description |
|---|---|---|
| Bucket | READ | List Objects under Bucket |
| Bucket | WRITE | Create, overwrite, and delete Objects in Buckets |
| Bucket | READ_OBJECTS | Read data and metadata of all Objects in Bucket |
| Bucket | FULL_CONTROL | Equivalent to combination of Bucket READ,WRITE,andvREAD_OBJECTS |
| Object | READ | Read data and metadata of Object |
| Object | FULL_CONTROL | Equivalent to Object READ permission |
NOTE
- Accounts that have a Bucket read line can only list Objects in the Bucket, but cannot download Object content.
- Two special authorization objects in FDS:
- ALL_USERS: All Visitors
- AUTHENTICATED_USERS: All authenticated access (key authentication/pre-signature authentication/OAuth authentication)
- Two types of authorized objects in FDS:
- USER: Single user
- GROUP: Refers to
ALL_USERorAUTHENTICATED_USERS