tencent cloud

Feedback

Authorizing Cross-Account ’s Sub-account Read/Write Access to Specified File

Last updated: 2020-06-10 15:25:58

The enterprise account, CompanyGranter (ownerUin: 12345678; appID: 1250000000), has an object, Object1, that is located in the dir1 directory of the Bucket1 bucket in the Guangzhou region. The sub-account of another enterprise account, CompanyGrantee (ownerUin: 87654321), requires read/write permission for Object1.

This involves permission propagation.

Step 1: CompanyGrantee creates the following policy according to policy syntax.

 {
    "version": "2.0",
    "statement":[
     {
         "effect": "allow",
         "action": "cos:*",
         "resource": "qcs::cos:ap-shanghai:uid/1250000000:Bucket1-1250000000/dir1/Object1"
     }
    ]
}

Step 2: associate the sub-account with the policy. To learn how to associate a policy with a user account, see Authorization Management.

Step 3: the CompanyGranter enterprise account grants CompanyGrantee enterprise account access to Object1 by configuring the policy and ACL in the COS Console. For more information, see COS documentation.

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support