Restricting Access to a Bucket for Specific IP Addresses
Scenario
This case describes how to restrict the source IP addresses that can access an OBS bucket. The following shows how to deny a client access whose source IP address is within the range of 114.115.1.0/24.
Recommended Configuration
Bucket policy
Procedure
- In the bucket list, click the bucket name you want to go to the Overview page.
- In the navigation pane, choose Permissions.
Verification
Initiate an access request from an IP address within 114.115.1.0/24. The access is denied. Initiate an access request from an IP address outside 114.115.1.0/24. The access is allowed.
Related Scenarios
- To allow only a specified IP address to access an OBS bucket, you need to create two bucket policies:
Policy 1: Select Deny for Effect. Set Condition Operator to NotIpAddress and specify the allowed IP address as the Value.
Policy 2: Select Allow for Effect. Set Condition Operator to IpAddress and specify the allowed IP address as the Value.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
