Typical Permission Control Scenarios¶
The following typical scenarios are provided to help you better configure OBS permission control.
Factors to consider before configuring permission control:
Who are granted: Grantees can be a single IAM user, multiple IAM users or user groups, other accounts, and anonymous users.
What resources will be accessed: Such resources can be all OBS resources (requiring service-level permissions), specified buckets, and specified objects.
What permissions are granted: In addition to configure basic permissions, such as read and read/write permissions, you can also customize permissions based on your needs.
OBS provides various permission control mechanisms for different scenarios. The following figure can help you quickly find the best method that matches your requirements.
The following table lists the permission control cases in typical scenarios for your reference.