This topic describes how to use Python SDK V2 to manage the Block Public Access feature at the bucket level.
Notes
The sample code in this topic uses the public endpoint of the China (Hangzhou) region (
cn-hangzhou) as an example. If you want to access OSS from other Alibaba Cloud services in the same region, use an internal endpoint. For more information about the mappings between OSS regions and endpoints, see OSS regions and endpoints.
Sample code
Enable Block Public Access for a bucket
You can use the following code to enable Block Public Access for a bucket.
import argparse
import alibabacloud_oss_v2 as oss
# Create a command-line argument parser and describe the purpose of the script: Set the Block Public Access configuration for a bucket.
parser = argparse.ArgumentParser(description="put bucket public access block sample")
# Define command-line arguments, including the required region, bucket name, and endpoint, and whether to enable Block Public Access.
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
parser.add_argument('--block_public_access',
help='Specifies whether to enable Block Public Access. '
'true: enables Block Public Access. '
'false (default): disables Block Public Access.',
default=False, type=bool)
def main():
# Parse command-line arguments to obtain the values that are entered by the user.
args = parser.parse_args()
# Load access credential information from environment variables for identity verification.
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
# Create a configuration object using the default SDK configurations and set the authentication provider.
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
# Set the region property of the configuration object based on the command-line arguments that are provided by the user.
cfg.region = args.region
# If a custom endpoint is provided, update the endpoint property in the configuration object.
if args.endpoint is not None:
cfg.endpoint = args.endpoint
# Initialize the OSS client using the preceding configurations to prepare for interaction with OSS.
client = oss.Client(cfg)
# Send a request to set the Block Public Access configuration for the specified bucket.
result = client.put_bucket_public_access_block(oss.PutBucketPublicAccessBlockRequest(
bucket=args.bucket, # The bucket name.
public_access_block_configuration=oss.PublicAccessBlockConfiguration(
block_public_access=args.block_public_access, # Specifies whether to enable Block Public Access.
),
))
# Print the status code and request ID of the operation result to confirm the request status.
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
)
# When this script is directly executed, call the main function to start processing the logic.
if __name__ == "__main__":
main() # The entry point of the script. The program flow starts from here.
Obtain the Block Public Access configuration of a specified bucket
You can use the following code to obtain the Block Public Access configuration for a bucket.
import argparse
import alibabacloud_oss_v2 as oss
# Create a command-line argument parser and describe the purpose of the script: Obtain the Block Public Access configuration of a bucket.
parser = argparse.ArgumentParser(description="get bucket public access block sample")
# Define command-line arguments, including the required region and bucket name, and the optional endpoint.
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
def main():
# Parse command-line arguments to obtain the values that are entered by the user.
args = parser.parse_args()
# Load access credential information from environment variables for identity verification.
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
# Create a configuration object using the default SDK configurations and set the authentication provider.
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
# Set the region property of the configuration object based on the command-line arguments that are provided by the user.
cfg.region = args.region
# If a custom endpoint is provided, update the endpoint property in the configuration object.
if args.endpoint is not None:
cfg.endpoint = args.endpoint
# Initialize the OSS client using the preceding configurations to prepare for interaction with OSS.
client = oss.Client(cfg)
# Send a request to obtain the Block Public Access configuration of the specified bucket.
result = client.get_bucket_public_access_block(oss.GetBucketPublicAccessBlockRequest(
bucket=args.bucket, # The bucket name.
))
# Print the status code, request ID, and Block Public Access configuration status of the operation result to confirm the request status and configuration details.
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
f' block public access: {getattr(result.public_access_block_configuration, "block_public_access", "Not set")},'
)
# When this script is directly executed, call the main function to start processing the logic.
if __name__ == "__main__":
main() # The entry point of the script. The program flow starts from here.Delete the Block Public Access configuration of a specified bucket
You can use the following code to delete the Block Public Access configuration for a bucket.
import argparse
import alibabacloud_oss_v2 as oss
# Create a command-line argument parser and describe the purpose of the script: Delete the Block Public Access configuration of a bucket.
parser = argparse.ArgumentParser(description="delete bucket public access block sample")
# Define command-line arguments, including the required region and bucket name, and the optional endpoint.
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
def main():
# Parse command-line arguments to obtain the values that are entered by the user.
args = parser.parse_args()
# Load access credential information from environment variables for identity verification.
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
# Create a configuration object using the default SDK configurations and set the authentication provider.
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
# Set the region property of the configuration object based on the command-line arguments that are provided by the user.
cfg.region = args.region
# If a custom endpoint is provided, update the endpoint property in the configuration object.
if args.endpoint is not None:
cfg.endpoint = args.endpoint
# Initialize the OSS client using the preceding configurations to prepare for interaction with OSS.
client = oss.Client(cfg)
# Send a request to delete the Block Public Access configuration of the specified bucket.
result = client.delete_bucket_public_access_block(oss.DeleteBucketPublicAccessBlockRequest(
bucket=args.bucket, # The bucket name.
))
# Print the status code and request ID of the operation result to confirm the request status.
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
)
# When this script is directly executed, call the main function to start processing the logic.
if __name__ == "__main__":
main() # The entry point of the script. The program flow starts from here.