Obtaining the Logging Configuration of a Bucket (SDK for Python)

Function

This API returns the logging configuration of a bucket.

Restrictions

To obtain the logging configuration of a bucket, you must be the bucket owner or have the required permission (obs:bucket:GetBucketLogging in IAM or GetBucketLogging in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy.
The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.

Method

ObsClient.getBucketLogging(bucketName)

Request Parameters

Parameter	Type	Mandatory (Yes/No)	Description
bucketName	str	Yes	Explanation: Bucket name Restrictions: A bucket name must be unique across all accounts and regions. A bucket name: Must be 3 to 63 characters long and start with a digit or letter. Lowercase letters, digits, hyphens (-), and periods (.) are allowed. Cannot be formatted as an IP address. Cannot start or end with a hyphen (-) or period (.). Cannot contain two consecutive periods (..), for example, my..bucket. Cannot contain periods (.) and hyphens (-) adjacent to each other, for example, my-.bucket or my.-bucket. If you repeatedly create buckets of the same name in the same region, no error will be reported and the bucket properties comply with those set in the first creation request. Default value: None

Parameter

Type

Mandatory (Yes/No)

Description

bucketName

str

Yes

Explanation:

Bucket name

Restrictions:

A bucket name must be unique across all accounts and regions.
A bucket name:
- Must be 3 to 63 characters long and start with a digit or letter. Lowercase letters, digits, hyphens (-), and periods (.) are allowed.
- Cannot be formatted as an IP address.
- Cannot start or end with a hyphen (-) or period (.).
- Cannot contain two consecutive periods (..), for example, my..bucket.
- Cannot contain periods (.) and hyphens (-) adjacent to each other, for example, my-.bucket or my.-bucket.
If you repeatedly create buckets of the same name in the same region, no error will be reported and the bucket properties comply with those set in the first creation request.

Default value:

None

Responses

Type	Description
GetResult	Explanation: SDK common results

Type

Description

GetResult

Explanation:

SDK common results

**Table 1** GetResult
Parameter	Type	Description
status	int	Explanation: HTTP status code Value range: A status code is a group of digits ranging from 2xx (indicating successes) to 4xx or 5xx (indicating errors). It indicates the status of a response. For more information, see Status Code. Default value: None
reason	str	Explanation: Reason description. Default value: None
errorCode	str	Explanation: Error code returned by the OBS server. If the value of status is less than 300, this parameter is left blank. Default value: None
errorMessage	str	Explanation: Error message returned by the OBS server. If the value of status is less than 300, this parameter is left blank. Default value: None
requestId	str	Explanation: Request ID returned by the OBS server Default value: None
indicator	str	Explanation: Error indicator returned by the OBS server. Default value: None
hostId	str	Explanation: Requested server ID. If the value of status is less than 300, this parameter is left blank. Default value: None
resource	str	Explanation: Error source (a bucket or an object). If the value of status is less than 300, this parameter is left blank. Default value: None
header	list	Explanation: Response header list, composed of tuples. Each tuple consists of two elements, respectively corresponding to the key and value of a response header. Default value: None
body	object	Explanation: Result content returned after the operation is successful. If the value of status is larger than 300, this parameter is left blank. The value varies with the API being called. For details, see Bucket-Related APIs (SDK for Python) and Object-Related APIs (SDK for Python). Default value: None

GetResult.body Type	Description
Logging	Explanation: Logging configuration information

GetResult.body Type

Description

Logging

Explanation:

Logging configuration information

**Table 2** Logging
Parameter	Type	Mandatory (Yes/No)	Description
targetBucket	str	No if used as a request parameter	Explanation: Name of the bucket for storing log files Restrictions: This bucket must be in the same region as the bucket with logging enabled. A bucket name must be unique across all accounts and regions. A bucket name: Must be 3 to 63 characters long and start with a digit or letter. Lowercase letters, digits, hyphens (-), and periods (.) are allowed. Cannot be formatted as an IP address. Cannot start or end with a hyphen (-) or period (.). Cannot contain two consecutive periods (..), for example, my..bucket. Cannot contain periods (.) and hyphens (-) adjacent to each other, for example, my-.bucket or my.-bucket. If you repeatedly create buckets of the same name in the same region, no error will be reported and the bucket properties comply with those set in the first creation request. Default value: None
targetPrefix	str	No if used as a request parameter	Explanation: Name prefix for log files stored in the log storage bucket Value range: The value must contain 1 to 1,024 characters. Default value: None
targetGrants	list of Grant	No if used as a request parameter	Explanation: Permission information list of grantees, which defines grantees and their permissions for log files. For details, see Table 3. Default value: None
agency	str	Yes if the parameter is in a request to enable bucket logging	Explanation: Name of the IAM agency created by the owner of the target bucket for OBS. You can select an existing IAM agency or create one. For details about how to create an agency, see Creating an IAM Agency. Restrictions: By default, the IAM agency only requires the PutObject permission to upload logs to the target bucket. If default encryption is enabled for the target bucket, the agency also requires the KMS Administrator permission in the region where the target bucket is located. Default value: None

**Table 3** Grant
Parameter	Type	Description
grantee	Grantee	Explanation: Grantee information. For details, see Table 4. Default value: None
permission	str	Explanation: Granted permission Value range: See Table 6. Default value: None
delivered	bool	Explanation: Whether the bucket ACL is applied to all objects in the bucket Value range: True: The bucket ACL is applied to all objects in the bucket. False: The bucket ACL is not applied to all objects in the bucket. Default value: False

**Table 4** Grantee
Parameter	Type	Description
grantee_id	str	Explanation: Account (domain) ID of the grantee. Value range: To obtain the account ID, see How Do I Get My Account ID and IAM User ID? (SDK for Python) Default value: None
grantee_name	str	Explanation: Account name of the grantee. Restrictions: Starts with a letter. Contains 6 to 32 characters. Contains only letters, digits, hyphens (-), and underscores (_). Default value: None
group	str	Explanation: Authorized user group. For details, see Table 5. Default value: None

The authorized entity can be an individual user or a user group. grantee_id and grantee_name must be used together and they cannot be used with group.

**Table 5** Group
Constant	Description
ALL_USERS	All users
AUTHENTICATED_USERS	Authorized users. This constant is deprecated.
LOG_DELIVERY	Log delivery group. This constant is deprecated.

**Table 6** Permission
Constant	Description
READ	Read permission A grantee with this permission for a bucket can obtain the list of objects, multipart uploads, bucket metadata, and object versions in the bucket. A grantee with this permission for an object can obtain the object content and metadata.
WRITE	Write permission A grantee with this permission for a bucket can upload, overwrite, and delete any object or part in the bucket. Such permission for an object is not applicable.
READ_ACP	Permission to read ACL configurations A grantee with this permission can obtain the ACL of a bucket or object. A bucket or object owner has this permission for the bucket or object permanently.
WRITE_ACP	Permission to modify ACL configurations A grantee with this permission can update the ACL of a bucket or object. A bucket or object owner has this permission for the bucket or object permanently. A grantee with this permission can modify the access control policy and thus the grantee obtains full access permissions.
FULL_CONTROL	Full control access, including read and write permissions for a bucket and its ACL, or for an object and its ACL. A grantee with this permission for a bucket has READ, WRITE, READ_ACP, and WRITE_ACP permissions for the bucket. A grantee with this permission for an object has READ, READ_ACP, and WRITE_ACP permissions for the object.

Code Examples

This example returns the logging configuration of bucket examplebucket.

    
     
       
       
         from obs import ObsClient
import os
import traceback

# Obtain an AK and SK pair using environment variables or import the AK and SK pair in other ways. Using hard coding may result in leakage.
# Obtain an AK and SK pair on the management console. For details, see https://support.huaweicloud.com/intl/en-us/usermanual-ca/ca_01_0003.html.
ak = os.getenv("AccessKeyID")
sk = os.getenv("SecretAccessKey")
# (Optional) If you use a temporary AK and SK pair and a security token to access OBS, obtain them from environment variables.
security_token = os.getenv("SecurityToken")
# Set server to the endpoint corresponding to the bucket. Here uses CN-Hong Kong as an example. Replace it with the one in use.
server = "https://obs.ap-southeast-1.myhuaweicloud.com" 

# Create an obsClient instance.
# If you use a temporary AK and SK pair and a security token to access OBS, you must specify security_token when creating an instance.
obsClient = ObsClient(access_key_id=ak, secret_access_key=sk, server=server)
try:
    bucketName="examplebucket"
    # Obtain the logging configuration of the bucket.
    resp = obsClient.getBucketLogging(bucketName)
    # If status code 2xx is returned, the API is called successfully. Otherwise, the API call fails.
    if resp.status < 300:
        print('Get Bucket Logging Succeeded')
        print('requestId:', resp.requestId)
        print('targetBucket:', resp.body.targetBucket)
        print('targetPrefix:', resp.body.targetPrefix)

        index = 1
        for grant in resp.body.targetGrants:
            print('grant [' + str(index) + ']')
            print('grant_id:', grant.grantee.grantee_id)
            print('grant_name:', grant.grantee.grantee_name)
            print('group:', grant.grantee.group)
            print('permission:', grant.permission)
            index += 1
    else:
        print('Get Bucket Logging Failed')
        print('requestId:', resp.requestId)
        print('errorCode:', resp.errorCode)
        print('errorMessage:', resp.errorMessage)
except:
    print('Get Bucket Logging Failed')
    print(traceback.format_exc())

        

      

    
   