After you upload an object to a bucket, Object Storage Service (OSS) generates a URL for the object. You can use this URL, which is the public endpoint of the bucket, to access the object. To use a custom domain name to access these objects, add a CNAME record that maps the custom domain name to the bucket.
Usage notes
In this topic, the public endpoint of the China (Hangzhou) region is used. If you want to access OSS from other Alibaba Cloud services in the same region as OSS, use an internal endpoint. For more information about OSS regions and endpoints, see Regions and endpoints.
In this topic, access credentials are obtained from environment variables. For more information about how to configure access credentials, see Configure access credentials.
In this topic, an OSSClient instance is created by using an OSS endpoint. If you want to create an OSSClient instance by using custom domain names or Security Token Service (STS), see Configure OSSClient instances.
Examples
Create a CNAME token
The following code shows how to create a CNAME token.
package main
import (
"log"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Obtain access credentials from environment variables. Before you run this code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
provider, err := oss.NewEnvironmentVariableCredentialsProvider()
if err != nil {
log.Fatalf("Failed to create credentials provider: %v", err)
}
// Create an OSSClient instance.
// Set yourEndpoint to the endpoint of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. For other regions, use the actual endpoint.
// Set yourRegion to the region of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the region to cn-hangzhou. For other regions, use the actual region ID.
clientOptions := []oss.ClientOption{oss.SetCredentialsProvider(&provider)}
clientOptions = append(clientOptions, oss.Region("yourRegion"))
// Set the signature version.
clientOptions = append(clientOptions, oss.AuthVersion(oss.AuthV4))
client, err := oss.New("yourEndpoint", "", "", clientOptions...)
if err != nil {
log.Fatalf("Failed to create OSS client: %v", err)
}
// Specify the bucket name, for example, examplebucket.
bucketName := "examplebucket"
// Specify the custom domain name.
cname := "www.example.com"
// Create a CNAME token.
cbResult, err := client.CreateBucketCnameToken(bucketName, cname)
if err != nil {
log.Fatalf("Failed to create CNAME token: %v", err)
}
// Print the CNAME token information.
log.Printf("Cname: %s", cbResult.Cname)
log.Printf("Token: %s", cbResult.Token)
log.Printf("ExpireTime: %s", cbResult.ExpireTime)
}
Get a CNAME token
The following code shows how to retrieve a CNAME token.
package main
import (
"log"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Obtain access credentials from environment variables. Before you run this code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
provider, err := oss.NewEnvironmentVariableCredentialsProvider()
if err != nil {
log.Fatalf("Failed to create credentials provider: %v", err)
}
// Create an OSSClient instance.
// Set yourEndpoint to the endpoint of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. For other regions, use the actual endpoint.
// Set yourRegion to the region of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the region to cn-hangzhou. For other regions, use the actual region ID.
clientOptions := []oss.ClientOption{oss.SetCredentialsProvider(&provider)}
clientOptions = append(clientOptions, oss.Region("yourRegion"))
// Set the signature version.
clientOptions = append(clientOptions, oss.AuthVersion(oss.AuthV4))
client, err := oss.New("yourEndpoint", "", "", clientOptions...)
if err != nil {
log.Fatalf("Failed to create OSS client: %v", err)
}
// Specify the bucket name, for example, examplebucket.
bucketName := "examplebucket"
// Specify the custom domain name.
cname := "www.example.com"
// Get the CNAME token.
cbResult, err := client.GetBucketCnameToken(bucketName, cname)
if err != nil {
log.Fatalf("Failed to get CNAME token: %v", err)
}
// Print the CNAME token information.
log.Printf("Cname: %s", cbResult.Cname)
log.Printf("Token: %s", cbResult.Token)
log.Printf("ExpireTime: %s", cbResult.ExpireTime)
}
Add a CNAME record
Map a custom domain name
package main
import (
"log"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Obtain access credentials from environment variables. Before you run this code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
provider, err := oss.NewEnvironmentVariableCredentialsProvider()
if err != nil {
log.Fatalf("Failed to create credentials provider: %v", err)
}
// Create an OSSClient instance.
// Set yourEndpoint to the endpoint of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. For other regions, use the actual endpoint.
// Set yourRegion to the region of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the region to cn-hangzhou. For other regions, use the actual region ID.
clientOptions := []oss.ClientOption{oss.SetCredentialsProvider(&provider)}
clientOptions = append(clientOptions, oss.Region("yourRegion"))
// Set the signature version.
clientOptions = append(clientOptions, oss.AuthVersion(oss.AuthV4))
client, err := oss.New("yourEndpoint", "", "", clientOptions...)
if err != nil {
log.Fatalf("Failed to create OSS client: %v", err)
}
// Specify the bucket name, for example, examplebucket.
bucketName := "examplebucket"
// Specify the custom domain name.
cname := "www.example.com"
// Map the custom domain name to the bucket.
err = client.PutBucketCname(bucketName, cname)
if err != nil {
log.Fatalf("Failed to put bucket CNAME: %v", err)
}
// Print the success message.
log.Println("Put Bucket Cname Success!")
}
Map a custom domain name and associate a certificate
package main
import (
"log"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Obtain access credentials from environment variables. Before you run this code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
provider, err := oss.NewEnvironmentVariableCredentialsProvider()
if err != nil {
log.Fatalf("Failed to create credentials provider: %v", err)
}
// Create an OSSClient instance.
// Set yourEndpoint to the endpoint of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. For other regions, use the actual endpoint.
// Set yourRegion to the region of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the region to cn-hangzhou. For other regions, use the actual region ID.
clientOptions := []oss.ClientOption{oss.SetCredentialsProvider(&provider)}
clientOptions = append(clientOptions, oss.Region("yourRegion"))
// Set the signature version.
clientOptions = append(clientOptions, oss.AuthVersion(oss.AuthV4))
client, err := oss.New("yourEndpoint", "", "", clientOptions...)
if err != nil {
log.Fatalf("Failed to create OSS client: %v", err)
}
// Specify the bucket name, for example, examplebucket.
bucketName := "examplebucket"
// Configure the CNAME record and certificate.
putCnameConfig := oss.PutBucketCname{
Cname: "www.example.com",
CertificateConfiguration: &oss.CertificateConfiguration{
CertId: "92******-cn-hangzhou",
Certificate: "-----BEGIN CERTIFICATE-----MIIGeDCCBOCgAwIBAgIRAPj4FWpW5XN6kwgU7*******-----END CERTIFICATE-----",
PrivateKey: "-----BEGIN CERTIFICATE-----MIIFBzCCA++gT2H2hT6Wb3nwxjpLIfXmSVcV*****-----END CERTIFICATE-----",
Force: true,
},
}
// Map the custom domain name and associate the certificate.
err = client.PutBucketCnameWithCertificate(bucketName, putCnameConfig)
if err != nil {
log.Fatalf("Failed to bind CNAME and certificate: %v", err)
}
// Print the success message.
log.Println("Bind Certificate Success!")
}
Disassociate a certificate
If you no longer want the domain name to use the certificate, you can disassociate the certificate.
package main
import (
"log"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Obtain access credentials from environment variables. Before you run this code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
provider, err := oss.NewEnvironmentVariableCredentialsProvider()
if err != nil {
log.Fatalf("Failed to create credentials provider: %v", err)
}
// Create an OSSClient instance.
// Set yourEndpoint to the endpoint of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. For other regions, use the actual endpoint.
// Set yourRegion to the region of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the region to cn-hangzhou. For other regions, use the actual region ID.
clientOptions := []oss.ClientOption{oss.SetCredentialsProvider(&provider)}
clientOptions = append(clientOptions, oss.Region("yourRegion"))
// Set the signature version.
clientOptions = append(clientOptions, oss.AuthVersion(oss.AuthV4))
client, err := oss.New("yourEndpoint", "", "", clientOptions...)
if err != nil {
log.Fatalf("Failed to create OSS client: %v", err)
}
// Specify the bucket name, for example, examplebucket.
bucketName := "examplebucket"
// Configure the CNAME record and delete the certificate.
putCnameConfig := oss.PutBucketCname{
Cname: "www.example.com",
CertificateConfiguration: &oss.CertificateConfiguration{
DeleteCertificate: true,
},
}
// Map the custom domain name and disassociate the certificate.
err = client.PutBucketCnameWithCertificate(bucketName, putCnameConfig)
if err != nil {
log.Fatalf("Failed to unbind CNAME and delete certificate: %v", err)
}
// Print the success message.
log.Println("Unbind Certificate Success!")
}
Query CNAME records
The following code shows how to query CNAME records.
package main
import (
"log"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Obtain access credentials from environment variables. Before you run this code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
provider, err := oss.NewEnvironmentVariableCredentialsProvider()
if err != nil {
log.Fatalf("Error: %v", err)
}
// Create an OSSClient instance.
// Set yourEndpoint to the endpoint of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. For other regions, use the actual endpoint.
// Set yourRegion to the region of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the region to cn-hangzhou. For other regions, use the actual region ID.
clientOptions := []oss.ClientOption{oss.SetCredentialsProvider(&provider)}
clientOptions = append(clientOptions, oss.Region("yourRegion"))
// Set the signature version.
clientOptions = append(clientOptions, oss.AuthVersion(oss.AuthV4))
client, err := oss.New("yourEndpoint", "", "", clientOptions...)
if err != nil {
log.Fatalf("Error: %v", err)
}
// Specify the bucket name, for example, examplebucket.
bucketName := "examplebucket"
// Query the CNAME records.
cnResult, err := client.ListBucketCname(bucketName)
if err != nil {
log.Fatalf("Error: %v", err)
}
var certificate oss.Certificate
log.Printf("Bucket: %s", cnResult.Bucket)
log.Printf("Owner: %s", cnResult.Owner)
if len(cnResult.Cname) > 0 {
for _, cnameInfo := range cnResult.Cname {
// Print the custom domain name.
log.Printf("Domain: %s", cnameInfo.Domain)
// Print the time when the custom domain name was mapped.
log.Printf("LastModified: %s", cnameInfo.LastModified)
// Print the status of the domain name.
log.Printf("Status: %s", cnameInfo.Status)
if cnameInfo.Certificate != certificate {
// Print the source of the certificate.
log.Printf("Type: %s", cnameInfo.Certificate.Type)
// Print the certificate ID.
log.Printf("CertId: %s", cnameInfo.Certificate.CertId)
// Print the status of the certificate.
log.Printf("Status: %s", cnameInfo.Certificate.Status)
// Print the time when the certificate was associated.
log.Printf("CreationDate: %s", cnameInfo.Certificate.CreationDate)
// Print the signature of the certificate.
log.Printf("Fingerprint: %s", cnameInfo.Certificate.Fingerprint)
// Print the start time of the certificate validity period.
log.Printf("ValidStartDate: %s", cnameInfo.Certificate.ValidStartDate)
// Print the end time of the certificate validity period.
log.Printf("ValidEndDate: %s", cnameInfo.Certificate.ValidEndDate)
}
}
}
}
Delete a CNAME record
The following code shows how to delete a CNAME record.
package main
import (
"log"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Obtain access credentials from environment variables. Before you run this code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
provider, err := oss.NewEnvironmentVariableCredentialsProvider()
if err != nil {
log.Fatalf("Error: %v", err)
}
// Create an OSSClient instance.
// Set yourEndpoint to the endpoint of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. For other regions, use the actual endpoint.
// Set yourRegion to the region of the bucket. For example, if the bucket is in the China (Hangzhou) region, set the region to cn-hangzhou. For other regions, use the actual region ID.
clientOptions := []oss.ClientOption{oss.SetCredentialsProvider(&provider)}
clientOptions = append(clientOptions, oss.Region("yourRegion"))
// Set the signature version.
clientOptions = append(clientOptions, oss.AuthVersion(oss.AuthV4))
client, err := oss.New("yourEndpoint", "", "", clientOptions...)
if err != nil {
log.Fatalf("Error: %v", err)
}
// Specify the bucket name, for example, examplebucket.
bucketName := "examplebucket"
// Specify the custom domain name.
cname := "www.example.com"
// Delete the CNAME record.
err = client.DeleteBucketCname(bucketName, cname)
if err != nil {
log.Fatalf("Error: %v", err)
}
// Print the success message.
log.Println("Delete Bucket Cname Success!")
}
References
For more information about creating a CNAME token to verify domain ownership, see CreateBucketCnameToken.
For more information about retrieving a CNAME token, see GetBucketCnameToken.
For more information about adding a CNAME record, see PutBucketCname.
For more information about querying CNAME records, see ListBucketCname.
For more information about deleting a CNAME record, see DeleteBucketCname.