This topic uses an example policy to demonstrate how to access a specified directory through the Object Storage Service (OSS) console.
The following policy indicates that the authorized RAM user can access the myphotos/hangzhou/2015/
directory through the OSS console (similar to Windows File Manager).
Note The RAM user can access the directory level by level.
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:ListBuckets",
"oss:GetBucketStat",
"oss:GetBucketInfo",
"oss:GetBucketTagging",
"oss:GetBucketAcl"
],
"Resource": [
"acs:oss:*:*:*"
]
},
{
"Effect": "Allow",
"Action": [
"oss:GetObject",
"oss:GetObjectAcl"
],
"Resource": [
"acs:oss:*:*:myphotos/hangzhou/2015/*"
]
},
{
"Effect": "Allow",
"Action": [
"oss:ListObjects"
],
"Resource": [
"acs:oss:*:*:myphotos"
],
"Condition": {
"StringLike": {
"oss:Delimiter": "/",
"oss:Prefix": [
"",
"hangzhou/",
"hangzhou/2015/*"
]
}
}
}
]
}