Check whether a bucket policy allows public access.
Prerequisites
By default, an Alibaba Cloud account has permission to query bucket policy configurations. To run this command as a RAM user or with Security Token Service (STS) credentials, grant the oss:GetBucketPolicyStatus permission. For more information, see Attach a custom policy to a RAM user.
Syntax
ossutil api get-bucket-policy-status --bucket <value> [flags]| Parameter | Type | Required | Description |
|---|---|---|---|
--bucket | string | Yes | Name of the bucket |
This command corresponds to the GetBucketPolicyStatus API operation. For supported global flags, see Command-line options.
Examples
Check whether the bucket policy for examplebucket allows public access:
ossutil api get-bucket-policy-status --bucket examplebucketGet the result in JSON format:
ossutil api get-bucket-policy-status --bucket examplebucket --output-format jsonGet the result in YAML format:
ossutil api get-bucket-policy-status --bucket examplebucket --output-format yamlOutput
The response contains a single IsPublic field:
| Value | Meaning |
|---|---|
true | The bucket policy allows public access |
false | The bucket policy does not allow public access |
What's next
get-bucket-policy — Retrieve the full bucket policy document
put-bucket-policy — Set or update a bucket policy
delete-bucket-policy — Delete the bucket policy