Under the corporate account CompanyExample (with ownerUin as 12345678 and appId as 1250000000), there is a sub-account named Developer. This sub-account requires read/write permissions for objects prefixed with test in the dir1 directory of the Bucket1 storage bucket in the Shanghai region of CompanyExample's COS service.
Solution A:
1. Create a policy through policy syntax.
{"version": "2.0","statement":[{"effect": "allow","action": "cos:*","resource": "qcs::cos:ap-shanghai:uid/1250000000:Bucket1-1250000000/dir1/test*"}]}
2. Grant this policy to the sub-account. For the authorization method, please see Authorization Management.