Impossible Cloud Storage Help
  • Company overview
    • What is Impossible Cloud
  • Getting Started
    • Getting Started with Impossible Cloud Storage
      • Setting up
      • Next steps
      • Getting support
  • Impossible cloud storage Guide
    • Storage Console URLs and API Endpoints
    • Storage Console
      • Accessing the console
        • Signing up for Impossible Cloud Storage
        • Signing in to Impossible Cloud Storage
        • Session lifetime limits
      • Interacting with the console
        • Navigating the menu
        • Using the panel
    • Buckets and Objects
      • Creating a bucket
      • Storing objects in a bucket
      • Interacting with objects
      • Creating folders in a bucket
      • Interacting with folders and buckets
      • Public File Sharing via URLs
      • Emptying a Bucket
      • Limitations
      • Versioning and object lock
        • Enabling versioning
        • Using versioning
        • Enabling object lock
        • Using object lock
    • Access keys
    • CLI User Guide
      • AWS CLI installation instructions
      • AWS CLI configuration
      • Using Impossible Cloud with AWS CLI
      • AWS CLI basic commands
      • AWS CLI advanced commands
        • Examples
      • AWS CLI for cloud-to-cloud migration scenarios
      • AWS CLI Credentials & Config chain
      • AWS CLI: IAM
        • Limitations
        • List of supported operations
        • Operations Descriptions and Examples
    • Usage
      • Storage Calculation
      • Fair use policy
    • Profile settings
      • Multi-Factor Authentication (MFA)
        • Enabling and Disabling MFA
        • MFA Reset
        • Organization-Wide Policies
  • Security
    • Securing Your Data
    • Identity Access Management (IAM)
      • Managing Users
      • Managing Groups
      • Managing Policies
    • CORS support
      • Limitations
      • CORS Configuration
  • Troubleshooting & Common Questions
    • Common errors
      • I can only see 'buckets' and 'keys' in the menu of the console
      • I can delete objects despite object lock & retention enabled
      • Cannot remove bucket [name]. The bucket you tried to delete is not empty. You must delete all ...
      • Errors while creating a bucket
    • FAQ
      • How to collect HAR log
      • How does pricing work?
      • What are the rules for setting a password?
      • What are the rules for naming buckets?
      • How to retrieve your CanonicalID
      • How to delete thousands of objects via aws cli
      • How does Impossible Cloud handle tax collection?
  • Integrations with other applications
    • Backup Software Integrations Guides
      • Acronis Cyber Infrastructure: creating a backup storage
      • Backup Exec: configuring Cloud Storage
      • Comet Backup: creating a storage vault using storage templates
      • Duplicati: adding a Backup Destination
      • HYCU: adding a Target
      • Impossible Surveillance Cloud
        • Step 1: Create a bucket in Impossible Cloud Console
        • Step 2: Create a subuser and assign policy
        • Step 3: Indentify VMS
          • XProtect
          • MOBOTIX
          • Siviellance
          • Velocity Vision
          • Other
      • MSP360: configuring a Storage Account in the management console
      • Nakivo: creating a Backup Repository
      • Tiger Bridge: configuring Tiger Bridge Target
      • Veeam: adding a Backup Repository
      • Storware: Adding a Backup Destination
    • Cloud Storage Browsers Integrations Guides
      • Cyberduck
        • Using Cyberduck with Impossible Cloud Storage
      • S3 Browser
        • Configuring S3 Browser with Impossible Cloud Bucket
      • CloudBerry Explorer
        • Adding a new Storage Account
      • CloudBerry Drive
        • Add Storage Account in CloudBerry Drive
    • Media Management Software Integrations Guides
      • Iconik: Media Management & Collaboration tool
        • Iconik Integration: Configuring Cloud Storage
    • NAS Applications Integrations Guides
      • QNAP Hybrid Backup Sync
        • Creating a Backup Job to Impossible Cloud Storage
      • Synology Hyper Backup
        • Creating a Backup Task to Impossible Cloud Storage
  • Other support resources
    • Other support resources
    • Impossible Cloud Management Console (ICMC)
Powered by GitBook
On this page
  • Creating a Policy
  • Updating a Policy
  • Deleting a Policy

Was this helpful?

  1. Security
  2. Identity Access Management (IAM)

Managing Policies

In Impossible Cloud Storage, IAM policies are used to define and manage access permissions for specific resources. These policies follow the Industry S3 policy standard, ensuring compatibility and familiarity for users with experience in other environments. Each policy is written in JSON format, allowing for precise and structured permission definitions.

IAM Policy management at Impossible Cloud Storage Console can be done in Policies tab. From there, you can add, filter, delete as well as edit an existing policy.

The Policies tab is only visible for root users - and accordingly, also conducting any of the above actions.

Creating a Policy

To simplify policy creation, the Impossible Cloud Storage Console includes a built-in JSON editor. This editor provides a convenient interface for writing and editing policies directly within the Console, making it easy to define access rules according to your requirements.

To create a policy, follow these instructions:

  1. Navigate to the Policies tab in left-pane menu.

  2. Click the Add Policy button on the top-right of the console.

  • Fill in the Policy name

  • (Optional) Fill in the description of the policy.

The policy name must consist of alphanumeric characters (upper and lowercase) with no spaces. Once created, the policy name and description cannot be changed.

  1. Write the S3 policy in the built-in JSON editor.

  2. Click Create Policy on the top-right corner of your screen to confirm the creation of the policy.

Updating a Policy

When you update a policy using the Graphical User Interface (GUI) in the Impossible Cloud Storage Console, a new version of that policy is automatically created. This versioning system allows you to easily revert to a previous version if needed.

To edit a policy, follow these instructions:

  1. Navigate to the Policies tab in left-pane menu.

  2. Click the Edit button next to the policy you want to modify.

  3. You can edit the policy using the built-in JSON editor, just like when creating a new policy.

  4. Click the Save button in the top-right corner to create a new version.

  5. Click on the newly created version and set it as the default to activate the version.

The Storage Console supports a maximum of 5 (five) policy versions. If this limit is reached, you must remove an existing version before creating a new one.

Deleting a Policy

Deleting a policy will automatically remove the access and permissions for the corresponding group(s) of users.

To delete a policy, follow these instructions:

  1. Navigate to the Policies tab in left-pane menu.

  2. Click on the Delete button next to the policy.

  3. Confirm the deletion.

PreviousManaging GroupsNextCORS support

Last updated 4 days ago

Was this helpful?