COS allows you to configure access permissions for objects, which have a higher priority than that for buckets.
-The object access permission is valid only when the user accesses via the default domain name. When the access is made via a CDN accelerated domain name or custom domain name, the bucket access permission takes priority.
-For more information, see Specifications and Limits.
- Log into the COS Console and click Bucket List in the left sidebar to enter the bucket list page.
- Find the bucket for which you need to configure object access permissions, click its bucket name to enter the details page.
- In [File List], find the object whose permission needs to be configured, and click [Details] on the right to enter the file details page (If it is a folder, click [Permissions] on the right).
- Click the [Object Permissions] configuration item above, and configure access permissions based on actual needs (such as granting sub-account object permissions, sub-account ID can be found in Cloud Access Management Console). COS supports two types of permissions for objects:
-Public Permissions: Inherited permission, private read/write, and public read/private write. For more information on public permissions, see Access Permission Types.
-User Permissions: The root account has all object permissions (full access) by default. In addition, COS allows you to grant sub-accounts data read/write, permission read/write, and even full access permissions.
- Click [Save] to configure the object access permissions.
- If you need to configure or modify access permissions for multiple objects in batches, you can check multiple objects and select [Modify Access Permissions] under [More Actions].