原则
临时账号主要用于数据接收、分发与迁移,过程中请尽可能遵守以下原则:
- 最小权限原则,仅开放需要的目录权限
- 临时账户仅保持7天有效期,请务必及时清除临时账户与相关权限设置
- 避免通过阿里云OSS分发大量数据
- 避免使用临时目录
临时账号开设步骤
权限配置
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:DeleteObject",
"oss:GetObject",
"oss:PutObject"
],
"Resource": [
"acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_4Samples_20210105/",
"acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_4Samples_20210105/*",
"acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_3Samples_20210105/",
"acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_3Samples_20210105/*",
"acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_7Samples_20201231/",
"acs:oss:*:*:share-data-temp/NextCODE/Project_s187r15099_7Samples_20201231/*"
]
},
{
"Effect": "Allow",
"Action": [
"oss:ListObjects"
],
"Resource": [
"acs:oss:*:*:share-data-temp"
],
"Condition": {
"StringLike": {
"oss:Prefix": "NextCODE/*"
}
}
}
]
}