Manage Block Public Access for OSS resources

0.0.201

This topic describes how to enable Block Public Access as well as query and delete the Block Public Access configurations of Object Storage Service (OSS) resources by using OSS SDK for Go V2.

Usage notes

The sample code in this topic uses the region ID cn-hangzhou of the China (Hangzhou) region. By default, the public endpoint is used to access resources in a bucket. If you want to access resources in the bucket by using other Alibaba Cloud services in the same region in which the bucket is located, use an internal endpoint. For more information about the regions and endpoints supported by Object Storage Service (OSS), see OSS regions and endpoints.
In this topic, access credentials are obtained from environment variables. For more information about how to configure access credentials, see Configure access credentials.

Sample code

Enable Block Public Access

The following sample code provides an example of how to enable Block Public Access for OSS resources.

package main

import (
	"context" 
	"flag"    
	"log"     

	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss"           // Import the OSS SDK package.
	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss/credentials" // Import the package for processing authentication information.
)

var (
	region string // Define a string variable to store the region information obtained from the command line.
)

// The init function is executed before the main function to initialize the program.
func init() {
	flag.StringVar(&region, "region", "", "The region in which the bucket is located.") // Specify the region variable by parsing command-line arguments. By default, this parameter is left empty.
}

// The main function serves as the entry point for the program.
func main() {
	flag.Parse() // Parse command line parameters.
	if len(region) == 0 { // If the region parameter is not specified, the program prints an error message indicating that the region parameter is required and terminates.
		flag.PrintDefaults()
		log.Fatalf("invalid parameters, region required") // Log the error message and terminate the program.
	}

	// Create a configuration object, load the credential provider from environment variables and specify the region.
	cfg := oss.LoadDefaultConfig().
		WithCredentialsProvider(credentials.NewEnvironmentVariableCredentialsProvider()).
		WithRegion(region)

	client := oss.NewClient(cfg) // Create a new OSS client using the configurations.

	// Create a PutPublicAccessBlock request to enable Block Public Access.
	request := &oss.PutPublicAccessBlockRequest{
		PublicAccessBlockConfiguration: &oss.PublicAccessBlockConfiguration{
			oss.Ptr(true), // Set this parameter to true to enable Block Public Access.
		},
	}
	putResult, err := client.PutPublicAccessBlock(context.TODO(), request)
	if err != nil {
		log.Fatalf("failed to put public access block %v", err) // If an error occurs, record the error message and exit.
	}

	log.Printf("put public access block result:%#v\n", putResult) // Display the result.
}

Query the Block Public Access configurations

The following sample code provides an example of how to query the Block Public Access configurations.

package main

import (
	"context" // Used to manage context with features such as deadlines and cancellation signals.
	"flag"    // Used to parse command line parameters.
	"log"     // Used to print log information.

	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss"           // Import the OSS SDK package.
	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss/credentials" // Import the package for processing authentication information.
)

var (
	region string // Define a string variable to store the region information obtained from the command line.
)

// The init function used to set up tasks that are required to be completed before the program starts.
func init() {
	flag.StringVar(&region, "region", "", "The region in which the bucket is located.") // Set command line parameters to specify the region, default is an empty string
}

// Entry point of the program.
func main() {
	flag.Parse() // Parse command line parameters.
	if len(region) == 0 { // If the region parameter is not provided, the program prints an error message indicating that the region parameter is required and terminates.
		flag.PrintDefaults()
		log.Fatalf("invalid parameters, region required") // Log the error message and terminate the program.
	}

	// Load the default configuration, load the credential provider from environment variables and specify the region.
	cfg := oss.LoadDefaultConfig().
		WithCredentialsProvider(credentials.NewEnvironmentVariableCredentialsProvider()).
		WithRegion(region)

	client := oss.NewClient(cfg) // Create a new OSS client using the configurations.

	// Create a GetPublicAccessBlock request to query the Block Public Access configurations.
	request := &oss.GetPublicAccessBlockRequest{}
	getResult, err := client.GetPublicAccessBlock(context.TODO(), request) // Execute the request.
	if err != nil {
		log.Fatalf("failed to get public access block %v", err) // If an error occurs, record the error message and exit.
	}

	log.Printf("get public access block result:%#v\n", getResult) // Display the result.
}

Delete the Block Public Access configurations

The following sample code provides an example of how to delete the Block Public Access configurations.

package main

import (
	"context" 
	"flag"    
	"log"    

	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss"           // Import the OSS SDK package.
	"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss/credentials" // Import the package for processing authentication information.
)

var (
	region string // Define a string variable to store the region information obtained from the command line.
)

// The init function is executed before the main function to initialize the program.
func init() {
	flag.StringVar(&region, "region", "", "The region in which the bucket is located.") // Set command line parameters to specify the region, default is an empty string
}

// The main function serves as the entry point for the program.
func main() {
	flag.Parse() // Parse command line parameters.
	if len(region) == 0 { // If the region parameter is not provided, the program prints an error message indicating that the region parameter is required and terminates.
		flag.PrintDefaults()
		log.Fatalf("invalid parameters, region required") // Log the error message and terminate the program.
	}

	// Create a configuration object, load the credential provider from environment variables and specify the region.
	cfg := oss.LoadDefaultConfig().
		WithCredentialsProvider(credentials.NewEnvironmentVariableCredentialsProvider()).
		WithRegion(region)

	client := oss.NewClient(cfg) // Create a new OSS client using the configuration.

	// Create a DeletePublicAccessBlock request to delete the Block Public Access configurations.
	request := &oss.DeletePublicAccessBlockRequest{}
	result, err := client.DeletePublicAccessBlock(context.TODO(), request) // Send the request.
	if err != nil {
		log.Fatalf("failed to delete public access block %v", err) // If an error occurs, record the error message and exit.
	}

	log.Printf("delete public access block result:%#v\n", result) // Display the result.
}

References

For the complete sample code for Block Public Access for OSS resources, see Github example.
For more information about the API operation that you can call to enable Block Public Access, see PutPublicAccessBlock.
For more information about the API operation that you can call to query the Block Public Access configurations, see GetPublicAccessBlock.
For more information about the API operation that you can call to delete the Block Public Access configurations, see DeletePublicAccessBlock.