Change Bucket Policy

When changing the policy, you can add new rules, modify or delete existing ones. You can add and remove conditions in rules.

Edit rule

When editing rules, you can change all settings, as well as add, modify, and delete conditions.

In the control panel, on the top menu, click Products and select S3.
Go to the Buckets section.
Open the bucket page → Bucket Policy tab.
Click Edit.
Open the rule card.
Change the rule name.
In the Access field, select the rule type.
Specify the principal: select the users to whom the rule will apply:
- all — for users with any role and unauthorized users who have accessed the bucket;
- authorized — for individual project users.
If you selected access for authorized users, add users from the list.
Select the set of actions applied in the rule:

If you selected the Custom set, add actions to it.
Optional: if you selected a different set, add new actions or remove pre-filled ones if necessary. When editing a set, its type will change to Custom.
Specify the bucket resources to which the rule will apply. You cannot specify resources of another bucket:
- all bucket objects: <bucket_name>/*
- objects with a specific prefix: <bucket_name>/<prefix>/*
- object: <bucket_name>/<prefix>/<object_name>
Optional: to add a condition that determines when the rule will work, click Add condition. You can add any number of conditions. For a condition, specify:
- key — a parameter to which the condition will apply;
- operator — checks that the request value matches the key value;
- value — the key value; you can add multiple values;
- optional: select the Apply if field exists checkbox (equivalent to the IfExists operator). If the checkbox is selected and the field with such a key exists, the condition will be applied. If the field does not exist, it will be created with the specified value.
Click Save.