全部产品
Search

搜索本产品

    CloudOps Orchestration Service:ACS-OSS-PutBucketPolicy

    文档中心

    CloudOps Orchestration Service:ACS-OSS-PutBucketPolicy

    更新时间:Jun 28, 2025

    Nama template

    ACS-OSS-PutBucketPolicy

    Eksekusi Sekarang

    Deskripsi template

    Mengonfigurasi kebijakan untuk bucket.

    Tipe template

    Otomatis

    Pemilik

    Alibaba Cloud

    Parameter input

    Parameter

    Deskripsi

    Tipe

    Diperlukan

    Nilai default

    Batasan

    bucketName

    Nama bucket Object Storage Service (OSS).

    String

    Ya

    bucketPolicy

    Kebijakan untuk bucket.

    Json

    Ya

    regionId

    ID wilayah.

    String

    Tidak

    {{ ACS::RegionId }}

    OOSAssumeRole

    Peran RAM yang diasumsikan oleh CloudOps Orchestration Service (OOS).

    String

    Tidak

    ""

    Parameter output

    Parameter

    Deskripsi

    Tipe

    policyInfo

    Json

    Kebijakan izin yang diperlukan untuk mengeksekusi template

    {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "oss:GetBucketPolicy",
                "oss:PutBucketPolicy"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

    Referensi

    Untuk informasi lebih lanjut, lihat ACS-OSS-PutBucketPolicy.yml di GitHub.

    Konten Template

    FormatVersion: OOS-2019-06-01
Description:
  en: Put the bucket policy
  name-en: ACS-OSS-PutBucketPolicy
  categories:
    - security
Parameters:
  regionId:
    Type: String
    Label:
      en: RegionId
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  bucketName:
    Label:
      en: BucketName
    Type: String
  bucketPolicy:
    Label:
      en: BucketPolicy
    Description:
      en: (contohnya:{"Version":"1","Statement":[{"Action":["oss:PutObject","oss:GetObject"],"Effect":"Deny","Principal":["1234567890"],"Resource":["acs:oss:*:1234567890:*/*"]}]}).
    Type: Json
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
  - Name: putBucketPolicy
    Action: 'ACS::ExecuteAPI'
    Description:
      en: Put the bucket policy
    Properties:
      Service: OSS
      API: PutBucketPolicy
      Method: PUT
      URI: '?policy'
      Headers:
        Content-MD5: ""
        Content-Type: application/json
      Parameters:
        BucketName: '{{ bucketName }}'
        RegionId: '{{ regionId }}'
      Body: '{{ bucketPolicy }}'
  - Name: waitBucketPolicy
    Action: 'ACS::WaitFor'
    Description:
      en: Tunggu hingga kebijakan otorisasi ruang penyimpanan berlaku
    Properties:
      Service: OSS
      API: GetBucketPolicy
      Method: GET
      URI: '?policy'
      Headers: {}
      Parameters:
        BucketName: '{{ bucketName }}'
        RegionId: '{{ regionId }}'
      DesiredValues:
        - '{{ bucketPolicy }}'
      PropertySelector: .
Outputs:
  policyInfo:
    Type: Json
    Value:
      bucketName: '{{ bucketName }}'
      bucketPolicy: '{{ bucketPolicy }}'