Jump toUpdate content
Using bucket policies
A bucket policy is a resource-based policy option. It allows users to grant access to buckets in other Scaleway projects and organizations.
By default, all Object Storage resources in a project are private and can be accessed only by users of said project. Adding a bucket policy to a bucket allows you to grant access to outside users. You can use different combinations of the policy's component strings to customize your permissions for different purposes as required.
How to apply a bucket policy
- Create the
bucket-policy.jsonfile in your environment using a text editor, such asnanoorvim. You can edit the contents of the configuration according to your preference. Refer to Understanding bucket policies for more details about each string.{"Version": "2012-10-17","Id": "MyBucketPolicy","Statement": [{"Sid": "DelegateAccess","Effect": "Allow","Principal": {"SCW": "project_id:<PROJECT_ID>"},"Action": ["s3:ListBucket","s3:GetObject"],"Resource": ["<BUCKET_NAME>","<BUCKET_NAME>/*"]}]} - Run the command below to apply the policy. Replace
<BUCKET_NAME>by the name of your bucket.aws s3api put-bucket-policy --bucket <BUCKET_NAME> --policy file://bucket-policy.json
How to import a copy of objects from a bucket in a different project
Import a copy of your objects in a bucket to another bucket using the AWS-CLI.
See related content.
How to manage bucket permissions for IP addresses or ranges of IP
You can stipulate which IP addresses or IP ranges have access or permission to perform S3 operations on your buckets by creating a bucket policy with the IpAddress or NotIpAddress conditions.
See related content.
How to share buckets in read-only mode
It is possible to implement a bucket policy to grant a Scaleway organization or project viewing rights to a bucket in a different project.
See related content.