Oracle Cloud Infrastructure Documentation

Creating a Preauthenticated Request for a Specific Object

On Private Cloud Appliance, you can create a preauthenticated request for a specific object in a bucket using the OCI CLI and API.

Important

Immediately after creating the request, copy the access-uri to durable storage.

The unique access-uri provided by the system is the only way to construct a URL that a user can use to access the bucket or object specified as the request target.

The access-uri is displayed only at the time of creation and can't be retrieved later.

To construct a URL from the unique access-uri, see Constructing the Preauthenticated Request URL.

Note

Listing objects in a bucket is denied by default. If the --access-type is AnyObjectRead or AnyObjectReadWrite, you can specify the optional --bucket-listing-action ListObjects parameter when creating the preauthenticated request that lets users list the objects in the bucket.

  • This task isn't available in the Compute Web UI.

  • Use the oci os preauth-request create command and required parameters to create a preauthenticated request for a specific object in a bucket.

    oci os preauth-request create --namespace-name <object_storage_namespace> --bucket-name <bucket_name> --name <preauthenticated_request_name> --access-type <access_value> --time-expires <timestamp> -on <object_name_or_null> [OPTIONS]

    For access type, use one of these values:

    • AnyObjectRead permits reads on all objects in the bucket.

    • AnyObjectWrite permits writes to all objects in the bucket.

    • AnyObjectReadWrite permits reads and writes to all objects in the bucket.

    --time-expires is a required argument and must be an RFC 3339 timestamp. For example: 2017-09-01T00:09:51.000+02:00.

    For a complete list of CLI commands, flags, and options, see the Command Line Reference.

  • Use the CreatePreauthenticatedRequest operation to create a preauthenticated request for a specific object in a bucket.

    For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.