这个是我云效这个账号的策略,但是这个在云绩里面并没有生效,为什么?
这个是我云效这个账号的策略,要求只允许在指定 ip 白名单内访问 指定 oss bucket。但是这个在云绩里面并没有生效?{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:DescribeRegions",
"oss:DoMetaQuery",
"oss:GetAccessPoint",
"oss:GetAccessPointPolicy",
"oss:GetBucketAccessMonitor",
"oss:GetBucketAcl",
"oss:GetBucketCors",
"oss:GetBucketEncryption",
"oss:GetBucketInfo",
"oss:GetBucketLifecycle",
"oss:GetBucketLocation",
"oss:GetBucketLogging",
"oss:GetBucketPolicy",
"oss:GetBucketReferer",
"oss:GetBucketReplication",
"oss:GetBucketReplicationLocation",
"oss:GetBucketReplicationProgress",
"oss:GetBucketRequestPayment",
"oss:GetBucketResourceGroup",
"oss:GetBucketStat",
"oss:GetBucketTagging",
"oss:GetBucketTransferAcceleration",
"oss:GetBucketVersioning",
"oss:GetBucketWebsite",
"oss:GetBucketWorm",
"oss:GetCnameToken",
"oss:GetLiveChannel",
"oss:GetLiveChannelHistory",
"oss:GetLiveChannelStat",
"oss:GetMetaQueryStatus",
"oss:GetObject",
"oss:GetObjectAcl",
"oss:GetObjectTagging",
"oss:GetStyle",
"oss:GetUserAntiDDosInfo",
"oss:GetVodPlaylist",
"oss:ListLiveChannel",
"oss:ListObjects",
"oss:AbortBucketWorm",
"oss:AbortMultipartUpload",
"oss:CloseMetaQuery",
"oss:CompleteBucketWorm",
"oss:CreateAccessPoint",
"oss:CreateCnameToken",
"oss:CreateOrder",
"oss:DeleteAccessPoint",
"oss:DeleteAccessPointPolicy",
"oss:DeleteBucket",
"oss:DeleteBucketCors",
"oss:DeleteBucketEncryption",
"oss:DeleteBucketInventory",
"oss:DeleteBucketLifecycle",
"oss:DeleteBucketLogging",
"oss:DeleteBucketPolicy",
"oss:DeleteBucketReplication",
"oss:DeleteBucketTagging",
"oss:DeleteBucketWebsite",
"oss:DeleteLiveChannel",
"oss:DeleteObject",
"oss:DeleteObjectTagging",
"oss:DeleteStyle",
"oss:ExtendBucketWorm",
"oss:InitBucketAntiDDosInfo",
"oss:InitiateBucketWorm",
"oss:InitUserAntiDDosInfo",
"oss:OpenMetaQuery",
"oss:PostDataLakeStorageAdminOperation",
"oss:PostDataLakeStorageFileOperation",
"oss:PostDataLakeStorageSecurityOperation",
"oss:PutAccessPointPolicy",
"oss:PutBucket",
"oss:PutBucketAccessMonitor",
"oss:PutBucketAcl",
"oss:PutBucketCors",
"oss:PutBucketEncryption",
"oss:PutBucketInventory",
"oss:PutBucketLifecycle",
"oss:PutBucketLogging",
"oss:PutBucketPolicy",
"oss:PutBucketReferer",
"oss:PutBucketReplication",
"oss:PutBucketRequestPayment",
"oss:PutBucketResourceGroup",
"oss:PutBucketTagging",
"oss:PutBucketTransferAcceleration",
"oss:PutBucketVersioning",
"oss:PutBucketWebsite",
"oss:PutCname",
"oss:PutLiveChannel",
"oss:PutLiveChannelStatus",
"oss:PutObject",
"oss:PutObjectAcl",
"oss:PutObjectTagging",
"oss:PutStyle",
"oss:RestoreObject",
"oss:UpdateBucketAntiDDosInfo",
"oss:UpdateUserAntiDDosInfo"
],
"Resource": [
"acs:oss:oss-::tracker-test",
"acs:oss:oss-::tracker-pre",
"acs:oss:oss-::tracker-online",
"acs:oss:oss-::safeis-public"
],
"Condition": {
"IpAddress": {
"acs:SourceIp": [
"47.57.70.87",
"47.242.65.197",
"47.90.29.115",
"47.57.136.136",
"47.93.89.246",
"47.94.150.17",
"112.126.70.240",
"123.56.255.38",
"47.94.150.88"
]
}
}
}
]
}
写回答
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。
云效,企业级一站式研发协同平台,数十万企业都在用。支持公共云、专有云和混合云多种部署形态,通过云原生新技术和研发新模式,助力创新创业和数字化转型企业快速实现研发敏捷和组织敏捷,打造“双敏”组织,实现多倍效能提升。
