All Products
Search

This Product

    Object Storage Service:put-access-point-public-access-block

    Document Center

    Object Storage Service:put-access-point-public-access-block

    Last Updated:Mar 20, 2026

    Blocks public access for an access point by applying a Block Public Access configuration.

    Prerequisites

    Before you begin, ensure that you have:

    • An OSS bucket with an access point

    • The oss:PutAccessPointPublicAccessBlock permission (required for RAM users and Security Token Service (STS) users; Alibaba Cloud accounts have this permission by default)

    For details on granting permissions, see Grant custom policy to RAM users.

    Syntax

    ossutil api put-access-point-public-access-block
  --bucket <value>
  --access-point-name <value>
  --public-access-block-configuration <value>
  [flags]
    ParameterTypeRequiredDescription
    --bucketstringYesThe name of the bucket.
    --access-point-namestringYesThe name of the access point.
    --public-access-block-configurationstringYesThe Block Public Access configuration for the access point. Supports XML and JSON formats. Use the file:// prefix to load the configuration from a file.
    Note

    This command corresponds to the PutAccessPointPublicAccessBlock API operation. For supported global flags, see Command-line options.

    --public-access-block-configuration formats

    The --public-access-block-configuration parameter accepts XML or JSON. Pass the value inline or load it from a file using the file:// prefix.

    XML format:

    <PublicAccessBlockConfiguration>
  <BlockPublicAccess>true</BlockPublicAccess>
</PublicAccessBlockConfiguration>

    JSON format:

    {
  "BlockPublicAccess": "string"
}

    Examples

    Enable Block Public Access using an XML configuration file

    1. Create public-access-block-configuration.xml:

      <?xml version="1.0" encoding="UTF-8"?>
<PublicAccessBlockConfiguration>
  <BlockPublicAccess>true</BlockPublicAccess>
</PublicAccessBlockConfiguration>

    2. Run the command:

      ossutil api put-access-point-public-access-block --bucket examplebucket --access-point-name ap-01 --public-access-block-configuration file://public-access-block-configuration.xml

    Enable Block Public Access using a JSON configuration file

    1. Create public-access-block-configuration.json:

      {
  "BlockPublicAccess": "true"
}

    2. Run the command:

      ossutil api put-access-point-public-access-block --bucket examplebucket --access-point-name ap-01 --public-access-block-configuration file://public-access-block-configuration.json

    Enable Block Public Access using inline JSON

    ossutil api put-access-point-public-access-block --bucket examplebucket --access-point-name ap-01 --public-access-block-configuration "{\"BlockPublicAccess\":\"true\"}"

    What's next

    After applying the configuration, verify or manage it with related commands:

    • get-access-point-public-access-block — retrieve the current Block Public Access configuration for an access point

    • delete-access-point-public-access-block — remove the Block Public Access configuration from an access point