AI 助理
备案控制台
官方文档
输入文档关键字查找
首页 对象存储 开发参考 SDK参考 OSS Python SDK V2 向量Bucket(Python SDK V2) Bucket Policy(Python SDK V2)

Bucket Policy(Python SDK V2)

更新时间:
产品详情
我的收藏

Bucket PolicyOSS提供的一种针对存储空间(Bucket)的授权策略,使您可以精细化地授权或限制有身份的访问者(阿里云账号、RAM用户、RAM角色)或匿名访问者对指定OSS资源的访问。例如,您可以为其他阿里云账号的RAM用户授予指定OSS资源的只读权限。

注意事项

要设置Bucket Policy,您必须有oss:PutBucketPolicy权限;要获取Bucket Policy,您必须有oss:GetBucketPolicy权限;要删除Bucket Policy,您必须有oss:DeleteBucketPolicy权限。具体操作,请参见RAM用户授予自定义的权限策略

方法定义

设置Bucket Policy

put_bucket_policy(request: PutBucketPolicyRequest, **kwargs) → PutBucketPolicyResult

获取Bucket Policy

get_bucket_policy(request: GetBucketPolicyRequest, **kwargs) → GetBucketPolicyResult

删除Bucket Policy

delete_bucket_policy(request: DeleteBucketPolicyRequest, **kwargs) → DeleteBucketPolicyResult

参数名

类型

说明

request

PutBucketPolicyRequest

设置请求参数,具体请参见PutBucketPolicyRequest

GetBucketPolicyRequest

设置请求参数,具体请参见GetBucketPolicyRequest

DeleteBucketPolicyRequest

设置请求参数,具体请参见DeleteBucketPolicyRequest

返回值列表

类型

说明

PutBucketPolicyResult

返回值,具体请参见PutBucketPolicyResult

GetBucketPolicyResult

返回值,具体请参见GetBucketPolicyResult

DeleteBucketPolicyResult

返回值,具体请参见DeleteBucketPolicyResult

关于设置Bucket Policy方法的完整定义,请参见put_bucket_policy

关于获取Bucket Policy方法的完整定义,请参见get_bucket_policy

关于删除Bucket Policy方法的完整定义,请参见delete_bucket_policy

示例代码

设置Bucket Policy

您可以使用以下代码设置Bucket Policy。

import argparse
import alibabacloud_oss_v2 as oss
import alibabacloud_oss_v2.vectors as oss_vectors

parser = argparse.ArgumentParser(description="vector put bucket policy sample")
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
parser.add_argument('--account_id', help='The account id.', required=True)

def main():
    args = parser.parse_args()

    # Loading credentials values from the environment variables
    credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()

    # Using the SDK's default configuration
    cfg = oss.config.load_default()
    cfg.credentials_provider = credentials_provider
    cfg.region = args.region
    cfg.account_id = args.account_id
    if args.endpoint is not None:
        cfg.endpoint = args.endpoint

    vector_client = oss_vectors.Client(cfg)


    policy_content = '''
        {
           "Version":"1",
           "Statement":[
               {
                 "Action":[
                   "oss:PutVectors",
                   "oss:GetVectors"
                ],
                "Effect":"Deny",
                "Principal":["1234567890"],
                "Resource":["acs:ossvector:cn-hangzhou:1234567890:*"]
               }
            ]
         }
    '''

    result = vector_client.put_bucket_policy(oss_vectors.models.PutBucketPolicyRequest(
        bucket=args.bucket,
        body=policy_content
    ))

    print(f'status code: {result.status_code},'
          f' request id: {result.request_id},'
    )

if __name__ == "__main__":
    main()

获取Bucket Policy

您可以使用以下代码获取Bucket Policy。

import argparse
import alibabacloud_oss_v2 as oss
import alibabacloud_oss_v2.vectors as oss_vectors

parser = argparse.ArgumentParser(description="vector get bucket policy sample")
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
parser.add_argument('--account_id', help='The account id.', required=True)

def main():
    args = parser.parse_args()

    # Loading credentials values from the environment variables
    credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()

    # Using the SDK's default configuration
    cfg = oss.config.load_default()
    cfg.credentials_provider = credentials_provider
    cfg.region = args.region
    cfg.account_id = args.account_id
    if args.endpoint is not None:
        cfg.endpoint = args.endpoint

    vector_client = oss_vectors.Client(cfg)

    result = vector_client.get_bucket_policy(oss_vectors.models.GetBucketPolicyRequest(
        bucket=args.bucket,
    ))

    print(f'status code: {result.status_code},'
          f' request id: {result.request_id},'
          )

    if result.body:
        print(f'policy content: {result.body}')


if __name__ == "__main__":
    main()

删除Bucket Policy

您可以使用以下代码删除Bucket Policy。

import argparse
import alibabacloud_oss_v2 as oss
import alibabacloud_oss_v2.vectors as oss_vectors

parser = argparse.ArgumentParser(description="vector delete bucket policy sample")
parser.add_argument('--region', help='The region in which the bucket is located.', required=True)
parser.add_argument('--bucket', help='The name of the bucket.', required=True)
parser.add_argument('--endpoint', help='The domain names that other services can use to access OSS')
parser.add_argument('--account_id', help='The account id.', required=True)

def main():
    args = parser.parse_args()

    # Loading credentials values from the environment variables
    credentials_provider = oss.credentials.EnvironmentVariableCredentialsProvider()

    # Using the SDK's default configuration
    cfg = oss.config.load_default()
    cfg.credentials_provider = credentials_provider
    cfg.region = args.region
    cfg.account_id = args.account_id
    if args.endpoint is not None:
        cfg.endpoint = args.endpoint

    vector_client = oss_vectors.Client(cfg)

    result = vector_client.delete_bucket_policy(oss_vectors.models.DeleteBucketPolicyRequest(
        bucket=args.bucket,
    ))

    print(f'status code: {result.status_code},'
          f' request id: {result.request_id},'
    )

if __name__ == "__main__":
    main()

相关文档

上一篇:删除Vectors(Python SDK V2)下一篇:日志转存(Python SDK V2)