阿里云OSS限制多个IP上传

IT
IT
IT
352
文章
1
评论
2020年5月21日14:23:57 评论 2,379 985字阅读3分17秒

提要

很多时候我们有这样的需求:为了安全期间只限制或允许某个或者多个IP上传文件。

配置如下

{
 "Statement": [
 {
 "Action": "oss:*",
 "Effect": "Allow",
 "Resource": [
 "acs:oss:*:*:file-exchange-system/upload/56d4093264104b078e5ae141bd484104p/*",
 "acs:oss:*:*:file-exchange-system/upload/d6b025b7f0034e61971984010652e4c2p/*"
 ],
 "Condition": {
 "IpAddress": {
 "acs:SourceIp": ["222.73.109.218", "112.65.248.146 ","222.73.109.226","222.73.109.10 ","203.110.168.2","203.110.168.3","203.110.168.4","140.207.213.146","140.207.213.147","140.207.213.148"]
 }
 }
 },
 {
 "Effect": "Allow",
 "Action": [
 "oss:ListObjects"
 ],
 "Resource": [
 "acs:oss:*:*:file-exchange-system"
 ],
 "Condition": {
 "StringLike": {
 "oss:Prefix": [
 "upload/56d4093264104b078e5ae141bd484104p/*",
 "upload/d6b025b7f0034e61971984010652e4c2p/*"
 ]
 },
 "IpAddress": {
 "acs:SourceIp": ["222.73.109.218", "112.65.248.146 ","222.73.109.226","222.73.109.10 ","203.110.168.2","203.110.168.3","203.110.168.4","140.207.213.146","140.207.213.147","140.207.213.148"]
 }
 }
 }
 ],
 "Version": "1"
}

还有这样的需求

只允许一个网段

"acs:SourceIp": ["42.120.88.10", "42.120.66.0/24"]

 

继续阅读
  • 我的QQ
  • QQ扫一扫
  • weinxin
  • 我的头条
  • 头条扫一扫
  • weinxin
IT
  • 本文由 发表于 2020年5月21日14:23:57
  • 除非特殊声明,本站文章均为原创,转载请务必保留本文链接
Centos7.9安装jumpserverV2.6.2 jumpserver

Centos7.9安装jumpserverV2.6.2

简述 使用官方提供的一键安装自带docker部署,最后简单配置下即可。 安装目录在 /opt/jumpserver-installer-v2.6.2 系统 # cat /etc/redhat-rele...
Centos7安装frp CentOS

Centos7安装frp

下载 官网下载地址 https://github.com/fatedier/frp 解压 # tar -xvf frp_0.34.3_linux_arm64.tar 移动至 /usr/local # ...