ONTAP 9.13.1 commands

vserver object-store-server bucket policy-statement-condition create

Create a bucket policy statement condition

Availability: This command is available to cluster and Vserver administrators at the advanced privilege level.

Description

The vserver object-store-server bucket policy-statement-condition create command creates a single condition for a bucket policy statement in an object store server bucket.

Parameters

-vserver <Vserver Name> - Vserver Name

This parameter specifies the name of the Vserver on which the bucket policy statement condition needs to be created for the object store server bucket.

-bucket <TextNoCase> - Object Store Server Bucket Name

This parameter specifies the name of the object store server bucket for which the policy statement condition needs to be created. The object store bucket must already exist.

-index <integer> - Statement Index

This parameter specifies the index of the object store server bucket policy statement in which a condition needs to be created. The index must already exist.

-operator {ip-address|not-ip-address|string-equals|string-not-equals|string-equals-ignore-case|string-not-equals-ignore-case|string-like|string-not-like|numeric-equals|numeric-not-equals|numeric-greater-than|numeric-greater-than-equals|numeric-less-than|numeric-less-than-equals} - Policy Condition Operator

This parameter specifies the condition operator to be applied on the condition keys specified.

[-source-ips <IP Address or Subnet>,…​] - List of IP Addresses with Access Allowed or Denied

Use this parameter to specify a list of IP addresses for which the access will be allowed or denied based on the operator specified.

[-usernames <text>,…​] - List of Usernames with Access Allowed or Denied

Use this parameter to specify a list of object store server users for which the access will be allowed or denied based on the operator specified.

[-prefixes <text>,…​] - List of Prefixes to be Matched

Use this parameter to specify a list of prefixes that are compared with the input prefix value specified at the time of execution of an S3-based command, using the condition operator specified.

[-max-keys <integer>,…​] - List of Maximum Keys Allowed to be Fetched

Use this parameter to specify a list of max-keys values that are allowed or denied retrieval using an S3 list operation, based on the condition operator specified.

[-delimiters <text>,…​] - List of Delimiters to be Matched

Use this parameter to specify a list of delimiters that are compared with the input delimiter value specified at the time of execution of an S3-based command, using the condition operator specified.

Examples

The following example creates an object store server bucket policy statement condition for Storage Virtual Machine (SVM) vs1, bucket bucket1, index 1 and ip-address as operator.

cluster1::*> vserver object-store-server bucket policy-statement-condition create -vserver vs1 -bucket bucket1 -index 1 -operator ip-address -source-ips 10.1.1.0/24,10.1.1.1
Top of Page