Object Storage Service


Object Storage Service

Put Bucket Policy


The operation can set policy of specified Bucket, which is only available to the Owner of the Bucket. For more Bucket Policy relevant information, please access Bucket Policy-based Permission Control.



PUT /?policy HTTP/1.1
Host: <BUCKET_NAME>.s3.<REGION>.jdcloud-oss.com
Date: <date>
Authorization: <authorization string> (see Authenticating Requests (AWS Signature Version4))

Policy written in JSON

Request Parameter

No Request Parameters

Request Header

No Special Request Header

Request Elements

Body is JSON character string, including Policy statements. Each Policy may have multiple statements, each statement consists of the following elements:

Element Meaning Must
Action The operation to make the rule take effect, supported operations: s3:DeleteBucket, s3:ListBucket, s3:GetObject, s3:PutObject and s3:DeleteObject Yes
Effect If the generated effect is Deny or Allow when matching the rule Yes
Resource Resource that the rule takes effect, with the format of arn:aws:s3:${bucket}/${dir}, is current Bucket by default Yes
Principal Requester that the rule takes effect is JSON object and supports wildcard "*", allows all. E.g., {"AWS":["arn:aws:iam::191853487641:root"} Yes
Condition Condition generated by the rule is JSON object, which currently only supports Referer and SourceIP No


Response Header

No Special Response Header

Response Element

No Response Element


Request Example

PUT /?policy HTTP/1.1
Host: <BUCKET_NAME>.s3.<REGION>.jdcloud-oss.com 
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Authorization: <authorization string>

"Statement" : [
        "Principal" : {

Response Example

HTTP/1.1 200 OK  
x-amz-request-id: 656c76696e6727732SAMPLE7374  
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Connection: keep-alive  
Server: JDCloudOSS  
Update Time:2019-05-28 16:47:17