This topic uses an example policy to demonstrate how to obtain data from a specified object in Object Storage Service (OSS).
In this example, the bucket that stores photos is named myphotos
. The bucket contains directories that indicate the places where the photos were taken.
Each directory contains subdirectories that indicate the years when the photos were
taken.
myphotos[Bucket]
├── beijing
│ ├── 2014
│ └── 2015
├── hangzhou
│ ├── 2013
│ ├── 2014
│ └── 2015
└── qingdao
├── 2014
└── 2015
The following policy indicates that the RAM user to which the policy is attached can
obtain (download) data from the myphotos/hangzhou/2015/
directory.
Note If the RAM user knows the path of the object, the RAM user can obtain data from the
object. We recommend that you attach this type of policy to your applications.
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:GetObject"
],
"Resource": [
"acs:oss:*:*:myphotos/hangzhou/2015/*"
]
}
]
}