全部產品
Search

搜尋本產品

    CloudOps Orchestration Service:ACS-OSS-PutBucketPolicy

    文件中心

    CloudOps Orchestration Service:ACS-OSS-PutBucketPolicy

    更新時間:Sep 06, 2024

    模板名稱

    ACS-OSS-PutBucketPolicy 設定儲存空間授權策略

    立即執行

    模板描述

    設定儲存空間授權策略

    模板類型

    自動化

    所有者

    Alibaba Cloud

    輸入參數

    參數名稱

    描述

    類型

    是否必填

    預設值

    約束

    bucketName

    OSS bucket 名稱

    String

    bucketPolicy

    儲存空間授權策略

    Json

    regionId

    地區ID

    String

    {{ ACS::RegionId }}

    OOSAssumeRole

    OOS扮演的RAM角色

    String

    ""

    輸出參數

    參數名稱

    描述

    類型

    policyInfo

    Json

    執行此模板需要的權限原則

    {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "oss:GetBucketPolicy",
                "oss:PutBucketPolicy"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

    詳情

    ACS-OSS-PutBucketPolicy詳情

    模板內容

    FormatVersion: OOS-2019-06-01
Description:
  en: Put the bucket policy
  zh-cn: 設定儲存空間授權策略
  name-en: ACS-OSS-PutBucketPolicy
  name-zh-cn: 設定儲存空間授權策略
  categories:
    - security
Parameters:
  regionId:
    Type: String
    Label:
      en: RegionId
      zh-cn: 地區ID
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  bucketName:
    Label:
      en: BucketName
      zh-cn: OSS bucket 名稱
    Type: String
  bucketPolicy:
    Label:
      en: BucketPolicy
      zh-cn: 儲存空間授權策略
    Description:
      en: (for example:{"Version":"1","Statement":[{"Action":["oss:PutObject","oss:GetObject"],"Effect":"Deny","Principal":["1234567890"],"Resource":["acs:oss:*:1234567890:*/*"]}]}).
      zh-cn: (例子:{"Version":"1","Statement":[{"Action":["oss:PutObject","oss:GetObject"],"Effect":"Deny","Principal":["1234567890"],"Resource":["acs:oss:*:1234567890:*/*"]}]})。
    Type: Json
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
      zh-cn: OOS扮演的RAM角色
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
  - Name: putBucketPolicy
    Action: 'ACS::ExecuteAPI'
    Description:
      en: Put the bucket policy
      zh-cn: 設定儲存空間的授權策略
    Properties:
      Service: OSS
      API: PutBucketPolicy
      Method: PUT
      URI: '?policy'
      Headers:
        Content-MD5: ""
        Content-Type: application/json
      Parameters:
        BucketName: '{{ bucketName }}'
        RegionId: '{{ regionId }}'
      Body: '{{ bucketPolicy }}'
  - Name: waitBucketPolicy
    Action: 'ACS::WaitFor'
    Description:
      en: Wait for the authorization policy of the storage space to take effect
      zh-cn: 等待儲存空間的授權策略生效
    Properties:
      Service: OSS
      API: GetBucketPolicy
      Method: GET
      URI: '?policy'
      Headers: {}
      Parameters:
        BucketName: '{{ bucketName }}'
        RegionId: '{{ regionId }}'
      DesiredValues:
        - '{{ bucketPolicy }}'
      PropertySelector: .
Outputs:
  policyInfo:
    Type: Json
    Value:
      bucketName: '{{ bucketName }}'
      bucketPolicy: '{{ bucketPolicy }}'