tencent cloud


Authorizing Sub-account Read-only Access to Files in Specific Directory

Last updated: 2024-01-23 18:02:53
The enterprise account, CompanyExample (ownerUin: 12345678; appID: 1250000000), has a sub-account, Developer, that requires read permissions for files under the dir1 directory of the Bucket1 bucket of the COS service in Shanghai region under the CompanyExample enterprise account.
Solution A:
Step 1: create the following policy by using policy syntax.
"version": "2.0",
"effect": "allow",
"action": [
"resource": "qcs::cos:ap-shanghai:uid/1250000000:Bucket1-1250000000/dir1/*"
Step 2: associate the sub-account with the policy. To learn how to associate a policy with a user account, see Authorization Management.
Solution B:
Configure the policy and ACL in the COS Console. For more information, see the COS documentation.
Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support