All Products
Search

This Product

    Object Storage Service:Access tracking (Go SDK V2)

    Document Center

    Object Storage Service:Access tracking (Go SDK V2)

    Last Updated:Aug 02, 2025

    This topic describes how to use the OSS SDK for Go V2 to enable access tracking for a bucket.

    Usage notes

    • The sample code in this topic uses the region ID cn-hangzhou for the China (Hangzhou) region. By default, public endpoints are used to access resources in a bucket. However, to access resources from other Alibaba Cloud services in the same region as the bucket, you must use an internal endpoint. For more information about the regions and endpoints supported by OSS, see OSS regions and endpoints.

    • The sample code in this topic reads access credentials from environment variables. For more information about how to configure access credentials, see Configure access credentials.

    Sample code

    Enable access tracking

    The following code provides an example of how to enable access tracking for a bucket:

    package main

import (
	"context"
	"flag"
	"log"

	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss"
	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss/credentials"
)

// Define global variables.
var (
	region     string // The bucket region.
	bucketName string // The bucket name.
)

// The init function initializes command-line parameters.
func init() {
	flag.StringVar(&region, "region", "", "The region in which the bucket is located.")
	flag.StringVar(&bucketName, "bucket", "", "The name of the bucket.")
}

// The main function enables access tracking for the bucket.
func main() {
	// Parse command-line parameters.
	flag.Parse()

	// Check whether the bucket name is empty.
	if len(bucketName) == 0 {
		flag.PrintDefaults()
		log.Fatalf("invalid parameters, bucket name required")
	}

	// Check whether the region is empty.
	if len(region) == 0 {
		flag.PrintDefaults()
		log.Fatalf("invalid parameters, region required")
	}

	// Load the default configurations, and set the credential provider and region.
	cfg := oss.LoadDefaultConfig().
		WithCredentialsProvider(credentials.NewEnvironmentVariableCredentialsProvider()).
		WithRegion(region)

	// Create an OSS client.
	client := oss.NewClient(cfg)

	// Create a request to enable access tracking for the bucket.
	request := &oss.PutBucketAccessMonitorRequest{
		Bucket: oss.Ptr(bucketName),
		AccessMonitorConfiguration: &oss.AccessMonitorConfiguration{
			Status: oss.AccessMonitorStatusEnabled, // Enable access tracking.
		},
	}

	// Execute the operation to enable access tracking for the bucket.
	putResult, err := client.PutBucketAccessMonitor(context.TODO(), request)
	if err != nil {
		log.Fatalf("failed to put bucket access monitor %v", err)
	}

	// Print the result.
	log.Printf("put bucket access monitor result: %#v\n", putResult)
}

    Query the access tracking status

    The following code provides an example of how to query the access tracking status of a bucket:

    package main

import (
	"context"
	"flag"
	"log"

	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss"
	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss/credentials"
)

// Define global variables.
var (
	region     string // The bucket region.
	bucketName string // The bucket name.
)

// The init function initializes command-line parameters.
func init() {
	flag.StringVar(&region, "region", "", "The region in which the bucket is located.")
	flag.StringVar(&bucketName, "bucket", "", "The name of the bucket.")
}

func main() {
	// Parse command-line parameters.
	flag.Parse()

	// Check whether the bucket name is empty.
	if len(bucketName) == 0 {
		flag.PrintDefaults()
		log.Fatalf("invalid parameters, bucket name required")
	}

	// Check whether the region is empty.
	if len(region) == 0 {
		flag.PrintDefaults()
		log.Fatalf("invalid parameters, region required")
	}

	// Load the default configurations, and set the credential provider and region.
	cfg := oss.LoadDefaultConfig().
		WithCredentialsProvider(credentials.NewEnvironmentVariableCredentialsProvider()).
		WithRegion(region)

	// Create an OSS client.
	client := oss.NewClient(cfg)

	// Create a request to query the access tracking configuration of the bucket.
	request := &oss.GetBucketAccessMonitorRequest{
		Bucket: oss.Ptr(bucketName),
	}

	// Execute the operation to query the access tracking configuration and process the result.
	result, err := client.GetBucketAccessMonitor(context.TODO(), request)
	if err != nil {
		log.Fatalf("failed to get bucket access monitor %v", err)
	}

	// Print the result.
	log.Printf("get bucket access monitor result:%#v\n", result)
}

    References