原则

临时账号主要用于数据接收、分发与迁移,过程中请尽可能遵守以下原则:

  • 最小权限原则,仅开放需要的目录权限
  • 临时账户仅保持7天有效期,请务必及时清除临时账户与相关权限设置
  • 避免通过阿里云OSS分发大量数据
  • 避免使用临时目录

    临时账号开设步骤

    权限配置

    1. {
    2.   "Version": "1",
    3.   "Statement": [
    4.       {
    5.           "Effect": "Allow",
    6.           "Action": [
    7.               "oss:DeleteObject",
    8.               "oss:GetObject",
    9.               "oss:PutObject"
    10.           ],
    11.           "Resource": [
    12.               "acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_4Samples_20210105/",
    13.               "acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_4Samples_20210105/*",
    14.               "acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_3Samples_20210105/",
    15.               "acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_3Samples_20210105/*",
    16.               "acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_7Samples_20201231/",
    17.               "acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_7Samples_20201231/*"
    18.           ]
    19.       },
    20.       {
    21.           "Effect": "Allow",
    22.           "Action": [
    23.               "oss:ListObjects"
    24.           ],
    25.           "Resource": [
    26.               "acs:oss:*:*:share-data-temp"
    27.           ],
    28.           "Condition": {
    29.               "StringLike": {
    30.                   "oss:Prefix": "NextCODE/*"
    31.               }
    32.           }
    33.       }
    34.   ]
    35. }