You can add a policy to a bucket in the COS Console to allow or forbid an account, IP, or IP range to access the COS resources. For more information about bucket policy and samples, see Access Policy Overview and Bucket Policy Samples. The following section will guide you through how to add a bucket policy.
Each root account can have up to 1,000 bucket ACL rules.
- Log in to the COS Console.
- In the left sidebar, click Bucket List.
- Select the bucket to which to add a bucket policy and enter it.
- Click Permission Management and find Bucket Policy. COS supports adding the bucket policy through Generator and Strategy grammer, which you can choose as you like.
- Graphic settings
Below is an example:
- Strategy grammar
Click Edit and enter the policy syntax you define. COS provides policy syntax for a rich variety of scenarios. For more information, see Bucket Policy Samples.
- After confirming that the configuration information is correct, click OK or Save. At this point, sub-account can only access the resource range set by the policy after logging in to the COS Console.