This topic describes how to use Python SDK V2 to enable global Block Public Access for OSS, retrieve the global Block Public Access configuration, and delete the global Block Public Access configuration.
Notes
The sample code in this topic uses the China (Hangzhou) region (
cn-hangzhou) as an example. The public endpoint is used by default. If you want to access OSS from other Alibaba Cloud services within the same region, you can use the internal endpoint. For more information about the mappings between OSS-supported regions and endpoints, see OSS regions and endpoints.
Sample code
Enable global Block Public Access for OSS
You can use the following code to enable global Block Public Access.
import argparse
import alibabacloud_oss_v2 as oss
# Create a command-line argument parser and describe the purpose of the script: Set the Block Public Access configuration for a bucket.
parser = argparse.ArgumentParser(description="put public access block sample")
# Define command-line arguments, including the required region, bucket name, and endpoint, and whether to enable Block Public Access.
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
parser.add_argument('--block_public_access',
help='Specifies whether to enable Block Public Access. '
'true: enables Block Public Access. '
'false (default): disables Block Public Access.',
default=False, type=bool)
def main():
# Parse command-line arguments to obtain the values entered by the user.
args = parser.parse_args()
# Load access credential information from environment variables for identity verification.
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
# Create a configuration object using the default SDK configurations and set the authentication provider.
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
# Set the region property of the configuration object based on the command-line arguments provided by the user.
cfg.region = args.region
# If a custom endpoint is provided, update the endpoint property in the configuration object.
if args.endpoint is not None:
cfg.endpoint = args.endpoint
# Initialize the OSS client using the preceding configurations to prepare for interaction with OSS.
client = oss.Client(cfg)
# Send a request to set the Block Public Access configuration for the specified bucket.
result = client.put_public_access_block(oss.PutPublicAccessBlockRequest(
bucket=args.bucket, # The bucket name.
public_access_block_configuration=oss.PublicAccessBlockConfiguration(
block_public_access=args.block_public_access, # Specifies whether to enable Block Public Access.
),
))
# Print the status code and request ID of the operation result to confirm the request status.
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
)
# When this script is directly executed, call the main function to start processing the logic.
if __name__ == "__main__":
main() # The entry point of the script. The program flow starts from here.Obtain the configuration information of global Block Public Access for OSS
You can use the following code to retrieve the configuration of global Block Public Access for OSS.
import argparse
import alibabacloud_oss_v2 as oss
# Create a command-line argument parser and describe the purpose of the script: Obtain the Block Public Access configuration of a bucket.
parser = argparse.ArgumentParser(description="get public access block sample")
# Define command-line arguments, including the required region and bucket name, and the optional endpoint.
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
def main():
# Parse command-line arguments to obtain the values entered by the user.
args = parser.parse_args()
# Load access credential information from environment variables for identity verification.
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
# Create a configuration object using the default SDK configurations and set the authentication provider.
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
# Set the region property of the configuration object based on the command-line arguments provided by the user.
cfg.region = args.region
# If a custom endpoint is provided, update the endpoint property in the configuration object.
if args.endpoint is not None:
cfg.endpoint = args.endpoint
# Initialize the OSS client using the preceding configurations to prepare for interaction with OSS.
client = oss.Client(cfg)
# Send a request to obtain the Block Public Access configuration for the specified bucket.
result = client.get_public_access_block(oss.GetPublicAccessBlockRequest(
bucket=args.bucket, # The bucket name.
))
# Print the status code, request ID, and Block Public Access configuration status of the operation result to confirm the request status and configuration details.
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
f' block public access: {result.public_access_block_configuration.block_public_access if hasattr(result.public_access_block_configuration, "block_public_access") else "Not set"},'
)
# When this script is directly executed, call the main function to start processing the logic.
if __name__ == "__main__":
main() # The entry point of the script. The program flow starts from here.Delete the configuration information of global Block Public Access for OSS
You can use the following code to delete the configuration of global Block Public Access for OSS.
import argparse
import alibabacloud_oss_v2 as oss
# Create a command-line argument parser and describe the purpose of the script: Delete the Block Public Access configuration of a bucket.
parser = argparse.ArgumentParser(description="delete public access block sample")
# Define command-line arguments, including the required region and bucket name, and the optional endpoint.
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
def main():
# Parse command-line arguments to obtain the values entered by the user.
args = parser.parse_args()
# Load access credential information from environment variables for identity verification.
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
# Create a configuration object using the default SDK configurations and set the authentication provider.
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
# Set the region property of the configuration object based on the command-line arguments provided by the user.
cfg.region = args.region
# If a custom endpoint is provided, update the endpoint property in the configuration object.
if args.endpoint is not None:
cfg.endpoint = args.endpoint
# Initialize the OSS client using the preceding configurations to prepare for interaction with OSS.
client = oss.Client(cfg)
# Send a request to delete the Block Public Access configuration for the specified bucket.
result = client.delete_public_access_block(oss.DeletePublicAccessBlockRequest(
bucket=args.bucket, # The bucket name.
))
# Print the status code and request ID of the operation result to confirm the request status.
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
)
# When this script is directly executed, call the main function to start processing the logic.
if __name__ == "__main__":
main() # The entry point of the script. The program flow starts from here.