search
LoginSignup

Policies

hashtag
Overview

Bucket policies are used to control access to objects within a bucket. These policies define who can access the bucket and what actions they are allowed to perform.

Using the Policy Setup Wizard, administrators can configure access by selecting the bucket, assigning permissions, and defining the target users.

hashtag
Prerequisites

Before creating a bucket policy, ensure that:

  • A bucket is already created.

  • You have access to the Zata.ai Dashboard.

  • You have permission to manage bucket policies.

hashtag
Procedure

Step 1: Navigate to Access Policies

  1. Log in to the Zata.ai Dashboard.

  2. Open the Object Storage section.

  3. Click Access Policies.

  4. Click Create Policy.

Step 2: Select Bucket and Scope

  1. Select the bucket name from the dropdown list.

Example:prertest

  1. Choose the Access Scope:

Entire Bucket

  • Applies the policy to all objects within the bucket.

Specific Folders

  • Applies the policy only to selected folders inside the bucket.

  1. Click Next to continue.

Step 3: Select Grantee

In this step, define who will receive the permissions.

Select the Available options include:

  • Public (Anyone) – Allows access to all users.

  • Authenticated Users – Allows access only to logged-in users.

  • Specific Users or Roles – Allows access only to selected identities.

Click Next.

Step 4: Configure Permissions

Permissions define what actions users are allowed to perform.

A. Object Operations

These permissions apply to files stored in the bucket.

Recommended configuration for public read access:

Enable: Download files

Disable:

Upload files Add/Edit file tags Remove file tags Cancel uploads Restore archived files

hashtag
Bucket Operations

These permissions control bucket-level actions.

Optional: List files (allows users to view objects in the bucket)

Disable:

List file versions View bucket tags View versioning status

Click Next.

Step 5: Review and Create Policy

The Review page displays a summary of the policy configuration.

Verify the following details:

  • Bucket name

  • Region

  • Grantee

  • Scope

  • Selected permissions

  • Policy effect (Allow or Deny)

Enter a Policy Name (optional but recommended).

Example: public-read-policy

Click Create Policy.

Result

After the policy is created, the defined permissions are applied to the selected bucket.

With this configuration:

  • Users can download objects

  • Users can view files (optional)

  • Users cannot upload, modify, or delete objects

This ensures secure read-only access to bucket contents.

Best Practices

  • Grant only the permissions that are required.

  • Avoid enabling write or delete permissions for public access.

  • Use specific folder scope if access should be limited to certain objects.

PreviousCreate a SubuserNextCreate a new access key and secret key for the specific subuser.

Last updated