Skip to main content

Manage bucket permission

Here's how to manage permissions in Object Storage:

List of roles

You can check role information currently added to the bucket.

  1. Go to KakaoCloud Console > Beyond Storage Service > Object Storage.
  2. In the Bucket menu, select a bucket.
  3. Click the Permission tab, and then check the role information currently added to the bucket in the Role tab.

Add role

You can add roles by individually granting object access permission to members belonging to the same project.
Currently, we only provide permission settings for a single bucket and do not provide permission settings for a single object (file/folder).

info

Depending on your role, certain actions on buckets (such as creating buckets, viewing objects, granting permissions, etc.) may be restricted. For details of permissions and roles, please refer to Manage permission.

  1. Go to KakaoCloud Console > Beyond Storage Service > Object Storage.

  2. In the Bucket menu, select a bucket.

  3. Click the Permission tab, then click the [Add role] button in the Role tab.

  4. Add users and service accounts in User account and Service account, select Role, and click the [Save] button.

    image. Bucket role list Bucket role list

Modify role

You can modify a member's role. However, if there is only one Storage Admin, that member's role cannot be modified.

  1. Go to KakaoCloud Console > Beyond Storage Service > Object Storage.
  2. In the Bucket menu, select a bucket.
  3. Click the Permission tab, then select the [More] icon > Modify role.
  4. Enter the information in the pop-up window and click the [Save] button.

Delete role

You can delete roles for members you no longer use.

You can delete a member's role.

  1. Go to KakaoCloud Console > Beyond Storage Service > Object Storage.
  2. In the Bucket menu, select a bucket.
  3. Click the Permission tab, then select the [More] icon > Delete role.
  4. Check the information in the pop-up window and click the [Delete] button.

Configure bucket access settings

Enable public access

You can set whether your bucket is publicly accessible.

caution

Please note that if you allow public access, external users without permission may still be able to access your bucket.

  1. Go to KakaoCloud Console > Beyond Storage Service > Object Storage.

  2. In the Bucket menu, select a bucket.

  3. Click the Permission tab, then click the [Configure access] button in the Access control tab.

    image. Access-Control tab Access control tab

    CategoryDescription
    Public accessExternal access status of bucket

  4. In the pop-up window, select Allow public access (Read Only), enter the information, and click the [Save] button.

    image. Access settings Access Settings

    CategoryDescription
    Access permissionSelect an access permission type
    - Block public access (default setting): Block public access and allow only authorized users to access the bucket
    - Allow public access (Read Only): Allow public access to the bucket
    Access allowed IP addressDetailed IP address settings
    - Number of IP addresses: Up to 10,000 can be entered
    - Up to 63 IP addresses entered as text or csv upload are displayed as text fields, and for 64 or more, [Download CSV] button to check
    - Duplicate IP values ​​are automatically deleted

    - [Reset input] button: Initialize all created IPs
    - [Copy IP address] button : Copy all created IPs
    - [Download CSV] button: Download the created IPs to an Excel file
    - [Upload CSV] button: Upload the IPs of the Excel file at once
      ᄂ You can set the IP that allows access to public accessors with Read Only
      ᄂ You can enter IPs one by one in the text field, or write multiple IPs using ,
      ᄂ Allowed extensions: csv / xlsx / xls

  5. Check the information in the pop-up window and click the [Save] button.
    - It takes approximately 1 minute for the information to be reflected after access settings.

Configure bucket CORS

For a details of bucket CORS, please refer to Bucket CORS policy.