Help Center/ Object Storage Service/ SDK Reference/ Go/ Bucket-Related APIs (SDK for Go)/ Obtaining the BPA Configuration of a Bucket (SDK for Go)
Updated on 2025-12-01 GMT+08:00
View PDF
Share

Obtaining the BPA Configuration of a Bucket (SDK for Go)

Function

This API returns the public access block configuration of an OBS bucket.

Restrictions

Method

func (obsClient ObsClient) GetBucketPublicAccessBlock(input *GetBucketPublicAccessBlockInput) (output *BaseModel, err error)

Request Parameters

Table 1 List of request parameters

Parameter

Type

Mandatory (Yes/No)

Description

input

*GetBucketPublicAccessBlockInput

Yes

Explanation:

Request parameters for obtaining the BPA configuration of a bucket. For details, see GetBucketPublicAccessBlockInput.
Table 2 GetBucketPublicAccessBlockInput

Parameter

Type

Mandatory (Yes/No)

Description

bucketName

String

Yes

Explanation:

Bucket name.

Restrictions:

  • A bucket name must be unique across all accounts and regions.
  • A bucket name:
    • Must be 3 to 63 characters long and start with a digit or letter. Lowercase letters, digits, hyphens (-), and periods (.) are allowed.
    • Cannot be formatted as an IP address.
    • Cannot start or end with a hyphen (-) or period (.).
    • Cannot contain two consecutive periods (..), for example, my..bucket.
    • Cannot contain a period (.) and a hyphen (-) adjacent to each other, for example, my-.bucket or my.-bucket.
  • If you repeatedly create buckets of the same name in the same region, no error will be reported and the bucket attributes comply with those set in the first creation request.

Default value:

None

Responses

Table 3 List of returned results

Parameter

Type

Description

output

*BaseModel

Explanation:

Returned results. For details, see Table 4.

err

error

Explanation:

Error messages returned by the API
Table 4 BaseModel

Parameter

Type

Description

statusCode

int

Explanation:

HTTP status code.

Value range:

A status code is a group of digits indicating the status of a response. It ranges from 2xx (indicating successes) to 4xx or 5xx (indicating errors).

For more information, see Status Code.

Default value:

None

BlockPublicAcls

Boolean

Explanation:

Whether to block public ACLs. If this parameter is set to True, objects cannot be uploaded when the request includes a public ACL. Requests for modifying bucket or object ACLs fail if the requests include public ACLs.

Restrictions:

None

Value range:

  • True: The public ACL is blocked.
  • False: The public ACL is not blocked.

Default value:

None

IgnorePublicAcls

Boolean

Explanation:

Whether to ignore public ACLs. If this parameter is set to True, the public ACL does not take effect during OpenAPI permissions checks.

Restrictions:

None

Value range:

  • True: The public ACL is ignored.
  • False: The public ACL is not ignored.

Default value:

None

BlockPublicPolicy

Boolean

Explanation:

Whether to block the public policy. If this parameter is set to True, OBS rejects calls to modify bucket policies if the specified bucket policy allows public access.

Restrictions:

None

Value range:

  • True: The public policy is blocked.
  • False: The public policy is not blocked.

Default value:

None

RestrictPublicBuckets

Boolean

Explanation:

Whether to restrict account access. If this parameter is set to True, only cloud service accounts and this account can access the bucket if a public bucket policy is found during the OpenAPI permissions check.

Restrictions:

None

Value range:

  • True: The account access is restricted.
  • False: The account access is not restricted.

Default value:

None

Code Examples

This example obtains the PublicAccessBlock configuration of bucket examplebucket.

package main
import (
    "fmt"
    "os"
    obs "github.com/huaweicloud/huaweicloud-sdk-go-obs/obs"
)
func main() {
    //Obtain an AK/SK pair using environment variables or import an AK/SK pair in other ways. Using hard coding may result in leakage.
    //Obtain an AK/SK pair on the management console. For details, see https://support.huaweicloud.com/intl/en-us/usermanual-ca/ca_01_0003.html.
    ak := os.Getenv("AccessKeyID")
    sk := os.Getenv("SecretAccessKey")
    // (Optional) If you use a temporary AK/SK pair and a security token to access OBS, you are advised not to use hard coding, which may result in information leakage. You can obtain an AK/SK pair using environment variables or import an AK/SK pair in other ways.
    securityToken := os.Getenv("SecurityToken")
    // Enter the endpoint corresponding to the region where the bucket is located. CN-Hong Kong is used here as an example. Replace it with the one currently in use.
    endPoint := "https://obs.ap-southeast-1.myhuaweicloud.com"
    // Create an obsClient instance.
    // If you use a temporary AK/SK pair and a security token to access OBS, use the obs.WithSecurityToken method to specify a security token when creating an instance.
    obsClient, err := obs.New(ak, sk, endPoint, obs.WithSecurityToken(securityToken))
    if err != nil {
        fmt.Printf("Create obsClient error, errMsg: %s", err.Error())
    }
    // Specify the bucket name.
    bucketName := "examplebucket"
    // Obtain the PublicAccessBlock configuration of the bucket.
    output, err := obsClient.GetBucketPublicAccessBlock(bucketName)
    if err == nil {
	fmt.Printf("Get bucket(%s)'s PublicAccessBlock successful!\n", bucketName)
	fmt.Printf("RequestId:%s\n", output.RequestId)
	return
    }
    fmt.Printf("Get bucket(%s)'s PublicAccessBlock fail!\n", bucketName)
    if obsError, ok := err.(obs.ObsError); ok {
	fmt.Println("An ObsError was found, which means your request sent to OBS was rejected with an error response.")
	fmt.Println(obsError.Error())
    } else {
	fmt.Println("An Exception was found, which means the client encountered an internal problem when attempting to communicate with OBS, for example, the client was unable to access the network.")
	fmt.Println(err)
    }
}