Skip to main content
A newer release of this product is available.

vserver object-store-server bucket policy-statement-condition create

Contributors
Suggest changes

Create a bucket policy statement condition

Availability: This command is available to cluster and Vserver administrators at the advanced privilege level.

Description

The vserver object-store-server bucket policy-statement-condition create command creates a single condition for a bucket policy statement in an object store server bucket.

Parameters

-vserver <Vserver Name> - Vserver Name (privilege: advanced)

This parameter specifies the name of the Vserver on which the bucket policy statement condition needs to be created for the object store server bucket.

-bucket <TextNoCase> - Object Store Server Bucket Name (privilege: advanced)

This parameter specifies the name of the object store server bucket for which the policy statement condition needs to be created. The object store bucket must already exist.

-index <integer> - Statement Index (privilege: advanced)

This parameter specifies the index of the object store server bucket policy statement in which a condition needs to be created. The index must already exist.

-operator {ip-address|not-ip-address|string-equals|string-not-equals|string-equals-ignore-case|string-not-equals-ignore-case|string-like|string-not-like|numeric-equals|numeric-not-equals|numeric-greater-than|numeric-greater-than-equals|numeric-less-than|numeric-less-than-equals} - Policy Condition Operator (privilege: advanced)

This parameter specifies the condition operator to be applied on the condition keys specified.

[-source-ips <IP Address or Subnet>,…​] - List of IP Addresses with Access Allowed or Denied (privilege: advanced)

Use this parameter to specify a list of IP addresses for which the access will be allowed or denied based on the operator specified.

[-usernames <text>,…​] - List of Usernames with Access Allowed or Denied (privilege: advanced)

Use this parameter to specify a list of object store server users for which the access will be allowed or denied based on the operator specified.

[-prefixes <text>,…​] - List of Prefixes to be Matched (privilege: advanced)

Use this parameter to specify a list of prefixes that are compared with the input prefix value specified at the time of execution of an S3-based command, using the condition operator specified.

[-max-keys <integer>,…​] - List of Maximum Keys Allowed to be Fetched (privilege: advanced)

Use this parameter to specify a list of max-keys values that are allowed or denied retrieval using an S3 list operation, based on the condition operator specified.

[-delimiters <text>,…​] - List of Delimiters to be Matched (privilege: advanced)

Use this parameter to specify a list of delimiters that are compared with the input delimiter value specified at the time of execution of an S3-based command, using the condition operator specified.

Examples

The following example creates an object store server bucket policy statement condition for Storage Virtual Machine (SVM) vs1, bucket bucket1, index 1 and ip-address as operator.

cluster1::*> vserver object-store-server bucket policy-statement-condition create -vserver vs1 -bucket bucket1 -index 1 -operator ip-address -source-ips 10.1.1.0/24,10.1.1.1