Use OSS SDK for Python V2 to enable, retrieve, and delete the global Block Public Access configuration for OSS. All three operations share the same client setup: load credentials from environment variables, build a client, and call the corresponding method.
Prerequisites
Before you begin, ensure that you have:
An OSS bucket
The required RAM permissions for Block Public Access operations
OSS SDK for Python V2 installed (
alibabacloud_oss_v2)AccessKey credentials stored in environment variables (
OSS_ACCESS_KEY_IDandOSS_ACCESS_KEY_SECRET)
The examples in this topic use the China (Hangzhou) region (cn-hangzhou) with the public endpoint. To access OSS from another Alibaba Cloud service in the same region, use the internal endpoint instead. For endpoint details, see OSS regions and endpoints.Enable Block Public Access
Call put_public_access_block to enable or disable Block Public Access for a bucket.
Sample code arguments
| Argument | Required | Type | Description |
|---|---|---|---|
--region | Yes | string | Region where the bucket is located |
--bucket | Yes | string | Bucket name |
--endpoint | No | string | Custom endpoint domain |
--block_public_access | No | bool | true enables Block Public Access; false (default) disables it |
Sample code
import argparse
import alibabacloud_oss_v2 as oss
parser = argparse.ArgumentParser(description="put public access block sample")
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
parser.add_argument('--block_public_access',
help='Specifies whether to enable Block Public Access. '
'true: enables Block Public Access. '
'false (default): disables Block Public Access.',
default=False, type=bool)
def main():
args = parser.parse_args()
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
cfg.region = args.region
if args.endpoint is not None:
cfg.endpoint = args.endpoint
client = oss.Client(cfg)
result = client.put_public_access_block(oss.PutPublicAccessBlockRequest(
bucket=args.bucket,
public_access_block_configuration=oss.PublicAccessBlockConfiguration(
block_public_access=args.block_public_access,
),
))
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
)
if __name__ == "__main__":
main()Response fields
| Field | Description |
|---|---|
status_code | HTTP status code of the request |
request_id | Unique identifier for the request, useful for troubleshooting |
Get the Block Public Access configuration
Call get_public_access_block to retrieve the Block Public Access setting for a bucket.
Sample code arguments
| Argument | Required | Type | Description |
|---|---|---|---|
--region | Yes | string | Region where the bucket is located |
--bucket | Yes | string | Bucket name |
--endpoint | No | string | Custom endpoint domain |
Sample code
import argparse
import alibabacloud_oss_v2 as oss
parser = argparse.ArgumentParser(description="get public access block sample")
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
def main():
args = parser.parse_args()
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
cfg.region = args.region
if args.endpoint is not None:
cfg.endpoint = args.endpoint
client = oss.Client(cfg)
result = client.get_public_access_block(oss.GetPublicAccessBlockRequest(
bucket=args.bucket,
))
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
f' block public access: {result.public_access_block_configuration.block_public_access if hasattr(result.public_access_block_configuration, "block_public_access") else "Not set"},'
)
if __name__ == "__main__":
main()Response fields
| Field | Description |
|---|---|
status_code | HTTP status code of the request |
request_id | Unique identifier for the request, useful for troubleshooting |
public_access_block_configuration.block_public_access | Block Public Access setting (true, false, or Not set if no configuration has been applied) |
Delete the Block Public Access configuration
Call delete_public_access_block to remove the Block Public Access configuration from a bucket.
Sample code arguments
| Argument | Required | Type | Description |
|---|---|---|---|
--region | Yes | string | Region where the bucket is located |
--bucket | Yes | string | Bucket name |
--endpoint | No | string | Custom endpoint domain |
Sample code
import argparse
import alibabacloud_oss_v2 as oss
parser = argparse.ArgumentParser(description="delete public access block sample")
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
def main():
args = parser.parse_args()
credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()
cfg = oss.config.load_default()
cfg.credentials_provider = credentials_provider
cfg.region = args.region
if args.endpoint is not None:
cfg.endpoint = args.endpoint
client = oss.Client(cfg)
result = client.delete_public_access_block(oss.DeletePublicAccessBlockRequest(
bucket=args.bucket,
))
print(f'status code: {result.status_code},'
f' request id: {result.request_id},'
)
if __name__ == "__main__":
main()Response fields
| Field | Description |
|---|---|
status_code | HTTP status code of the request |
request_id | Unique identifier for the request, useful for troubleshooting |