Skip to main content

Create a Bucket Policy

You can create a single Bucket Policy for a bucket. If a policy is created, everything not allowed by the policy rules is prohibited.

Create a Bucket Policy

  1. In the control panel, go to S3Buckets.
  2. Open the bucket page.
  3. Open the Bucket Policy tab.
  4. Click Create Bucket Policy.
  5. Add rules.
  6. Click Save.

Add rule

  1. In the control panel, go to S3Buckets.

  2. Open the bucket page → Bucket Policy tab.

  3. Click EditAdd Rule.

  4. Enter the rule name.

  5. In the Access field, select the rule type.

  6. Select the users to whom the rule will apply:

    • to all authorized users — for all account users regardless of their user type and permissions;
    • or to users from the list — for individual project users that you select.

  7. If you chose access for users from the list, select the users.

  8. Select the set of actions that apply to the rule:

    • reader — a set of permissions to view the bucket and objects within it;
    • editor — a set of permissions to edit the bucket and objects within it;
    • custom — an empty set to which you can add any actions;
    • all — a set of all actions.

  9. If you chose the Custom set, add actions to it.

  10. Optional: if you selected a different set, add new actions or remove pre-filled ones if necessary. When editing a set, its type will change to Custom.

  11. Specify the bucket resources to which the rule will apply. You cannot specify resources of another bucket:

    • all bucket objects: <bucket_name>/*
    • objects with a specific prefix: <bucket_name>/<prefix>/*
    • object: <bucket_name>/<prefix>/<object_name>

  12. Optional: to add a condition that determines when the rule will work, click Add Condition. You can add any number of conditions. For the condition, specify:

    • key — a parameter to which the condition will apply;
    • operator — checks if the value from the request matches the key value;
    • value — the key value, you can add multiple values;
    • optional: select the Apply if field exists checkbox (equivalent to the IfExists operator). If the checkbox is selected and the field with such a key exists, the condition will be applied. If the field does not exist, it will be created with the specified value.

  13. Click Save.