Kebijakan IAM dan ACL memerlukan pengelolaan aktif agar efektif.
Sebelum membuat bucket atau objek dapat diakses pengguna lain, pastikan Anda tahu
dengan siapa Anda ingin membagikan bucket atau objek tersebut dan peran apa
yang dimiliki orang tersebut. Seiring waktu, perubahan pada pengelolaan project, pola penggunaan,
dan kepemilikan organisasi mungkin mengharuskan Anda mengubah setelan IAM atau ACL
di bucket dan project, terutama jika Anda mengelola
Cloud Storage di organisasi atau untuk kelompok pengguna yang besar. Saat
mengevaluasi dan merencanakan setelan kontrol akses, ingatlah praktik terbaik
berikut:
Gunakan prinsip hak istimewa terendah saat memberikan akses ke bucket atau
objek Anda.
Prinsip hak istimewa terendah adalah panduan
keamanan dalam memberikan akses ke resource Anda. Saat memberikan akses berdasarkan
prinsip hak istimewa terendah, Anda memberikan izin minimum
yang diperlukan pengguna untuk menyelesaikan tugas yang diberikan. Misalnya,
jika Anda ingin membagikan file ke seseorang, Anda harus memberi orang tersebut
peran storage.objectViewer IAM atau izin READER ACL,
dan bukan peran storage.admin IAM atau izin
OWNER ACL.
Hindari memberikan peran IAM dengan izin setIamPolicy atau
memberikan izin OWNER ACL pada orang yang tidak Anda kenal.
Dengan memberikan izin setIamPolicy IAM atau
izin OWNER ACL, pengguna dapat mengubah izin dan mengontrol
data. Sebaiknya gunakan peran dengan izin ini hanya jika Anda ingin
mendelegasikan kontrol administratif atas objek dan bucket.
Perhatikan cara Anda memberikan izin untuk pengguna anonim.
Jenis akun utama allUsers dan allAuthenticatedUsers hanya boleh
digunakan jika siapa saja di Internet boleh membaca dan menganalisis
data Anda. Meskipun cakupan ini berguna untuk beberapa aplikasi dan
skenario, sebaiknya jangan berikan izin tertentu kepada semua
pengguna, seperti izin setIamPolicy,
update, create, atau delete IAM, atau izin OWNER ACL.
Pastikan Anda mendelegasikan kontrol administratif bucket.
Anda harus yakin bahwa resource masih dapat dikelola
anggota tim lain jika seseorang dengan akses administratif keluar dari
grup.
Agar resource tetap dapat diakses, Anda dapat melakukan salah satu hal
berikut:
Memberikan peran IAM Storage Admin untuk project Anda ke
grup, bukan perorangan
Memberikan peran IAM Storage Admin untuk project Anda kepada
setidaknya dua orang
Berikan izin OWNER ACL untuk bucket Anda kepada setidaknya dua
orang
Saat menggunakan XML API untuk akses interoperabilitas dengan layanan penyimpanan lain,
seperti Amazon S3, ID tanda tangan akan menentukan sintaksis ACL. Misalnya,
jika alat atau library yang Anda gunakan membuat permintaan ke
Cloud Storage untuk mengambil ACL dan permintaan tersebut menggunakan ID tanda tangan penyedia
penyimpanan lain, Cloud Storage akan menampilkan dokumen
XML yang menggunakan sintaks ACL penyedia penyimpanan yang sesuai. Jika
alat atau library yang Anda gunakan membuat permintaan ke Cloud Storage
untuk menerapkan ACL dan permintaan tersebut menggunakan ID tanda tangan penyedia
penyimpanan lain, Cloud Storage mengharapkan dokumen XML
yang menggunakan sintaks ACL penyedia penyimpanan yang sesuai.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-05 UTC."],[],[],null,["# Access control best practices\n\nThis page describes best practices for using\n[Identity and Access Management (IAM)](/storage/docs/access-control/iam)\nand [Access Control Lists (ACLs)](/storage/docs/access-control/lists) to manage access to your data.\n\nIAM policies and ACLs require active management to be effective.\nBefore you make a bucket or object accessible to other users, be sure you know\nwho you want to share the bucket or object with and what roles you want each of\nthose people to have. Over time, changes in project management, usage patterns,\nand organizational ownership may require you to modify IAM or ACL\nsettings on buckets and projects, especially if you manage\nCloud Storage in a large organization or for a large group of users. As\nyou evaluate and plan your access control settings, keep the following best\npractices in mind:\n\n- **Use the principle of least privilege when granting access to your buckets or\n objects.**\n\n The [*principle of least privilege*](https://en.wikipedia.org/wiki/Principle_of_least_privilege) is a security\n guideline for granting access to your resources. When you grant access based\n on the principle of least privilege, you grant the minimum permission\n that's necessary for a user to accomplish their assigned task. For example,\n if you want to share files with someone, you should grant them the\n `storage.objectViewer` IAM role or the `READER` ACLs\n permission, and not the `storage.admin` IAM role or the\n `OWNER` ACLs permission.\n- **Avoid granting IAM roles with `setIamPolicy` permission or\n granting the ACL `OWNER` permission to people you do not know.**\n\n Granting the `setIamPolicy` IAM permission or the\n `OWNER` ACLs permission allows a user to change permissions and take control\n of data. You should use roles with these permissions only when you want to\n delegate administrative control over objects and buckets.\n- **Be careful how you grant permissions for anonymous users.**\n\n The `allUsers` and `allAuthenticatedUsers` principal types should only be\n used when it is acceptable for anyone on the Internet to read and analyze\n your data. While these scopes are useful for some applications and\n scenarios, it is usually not a good idea to grant all users certain\n permissions, such as the IAM permissions `setIamPolicy`,\n `update`, `create`, or `delete`, or the ACLs `OWNER` permission.\n- **Be sure you delegate administrative control of your buckets.**\n\n You should be sure that your resources can still be managed by\n other team members should an individual with administrative access leave the\n group.\n\n To prevent resources from becoming inaccessible, you can do any of the\n following:\n - Grant the **Storage Admin** IAM role for your project to a\n group instead of an individual\n\n - Grant the **Storage Admin** IAM role for your project to\n at least two individuals\n\n - Grant the `OWNER` ACLs permission for your bucket to at least two\n individuals\n\n- **Be aware of Cloud Storage's interoperable behavior.**\n\n When using the XML API for interoperable access with other storage services,\n such as Amazon S3, the signature identifier determines the ACL syntax. For\n example, if the tool or library you are using makes a request to\n Cloud Storage to retrieve ACLs and the request uses another storage\n provider's signature identifier, then Cloud Storage returns an XML\n document that uses the corresponding storage provider's ACL syntax. If the\n tool or library you are using makes a request to Cloud Storage to\n apply ACLs and the request uses another storage provider's signature\n identifier, then Cloud Storage expects to receive an XML document\n that uses the corresponding storage provider's ACL syntax.\n\n For more information about using the XML API for interoperability with\n Amazon S3, see [Simple migration from Amazon S3 to Cloud Storage](/storage/docs/aws-simple-migration).\n\nWhat's next\n-----------\n\n- [Learn how to use IAM policies with Cloud Storage](/storage/docs/access-control/using-iam-permissions).\n- [Learn how to use ACLs with Cloud Storage](/storage/docs/access-control/create-manage-lists).\n- [Review the IAM reference table for Cloud Storage](/storage/docs/access-control/iam-reference)."]]
