更新时间:2023-11-08 GMT+08:00
分享

管理桶策略

除了桶访问权限外,桶的拥有者还可以通过桶策略,提供对桶和桶内对象的集中访问控制。

更多关于桶策略的内容请参考桶策略

设置桶策略

您可以通过setBucketPolicy设置桶策略。示例代码如下:

static OBSClient *client;
NSString *endPoint = @"your-endpoint";

// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量AccessKeyID和SecretAccessKey。
// 您可以登录访问管理控制台获取访问密钥AK/SK,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
char* ak_env = getenv("AccessKeyID");
char* sk_env = getenv("SecretAccessKey");
NSString *AK = [NSString stringWithUTF8String:ak_env];
NSString *SK = [NSString stringWithUTF8String:sk_env];

// 初始化身份验证
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//初始化服务配置
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// 初始化client
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// 设置桶策略
OBSSetBucketPolicyWithStringRequest *request = [[OBSSetBucketPolicyWithStringRequest alloc] initWithBucketName:@"bucketname" policyString:@"policystring"];
[client setBucketPolicy:request completionHandler:^(OBSSetBucketPolicyResponse *response, NSError *error){
    NSLog(@"%@",response);  
 }];

桶策略内容的具体格式(JSON格式字符串)请参考《对象存储服务API参考》。

获取桶策略

您可以通过getBucketPolicy获取桶策略。示例代码如下:

static OBSClient *client;
NSString *endPoint = @"your-endpoint";
// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量AccessKeyID和SecretAccessKey。
// 您可以登录访问管理控制台获取访问密钥AK/SK,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
char* ak_env = getenv("AccessKeyID");
char* sk_env = getenv("SecretAccessKey");
NSString *AK = [NSString stringWithUTF8String:ak_env];
NSString *SK = [NSString stringWithUTF8String:sk_env];

// 初始化身份验证
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//初始化服务配置
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// 初始化client
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// 获取桶策略
OBSGetBucketPolicyRequest *request = [[OBSGetBucketPolicyRequest alloc] initWithBucketName:g_bucketName];
[client getBucketPolicy:request completionHandler:^(OBSGetBucketPolicyResponse *response, NSError *error){
    NSLog(@"%@",response);  
 }];

删除桶策略

您可以通过deleteBucketPolicy删除桶策略。示例代码如下:

static OBSClient *client;
NSString *endPoint = @"your-endpoint";

// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量AccessKeyID和SecretAccessKey。
// 您可以登录访问管理控制台获取访问密钥AK/SK,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
char* ak_env = getenv("AccessKeyID");
char* sk_env = getenv("SecretAccessKey");
NSString *AK = [NSString stringWithUTF8String:ak_env];
NSString *SK = [NSString stringWithUTF8String:sk_env];

// 初始化身份验证
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//初始化服务配置
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// 初始化client
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// 删除桶策略
OBSDeleteBucketPolicyRequest *request = [[OBSDeleteBucketPolicyRequest alloc] initWithBucketName:g_bucketName];
[client deleteBucketPolicy:request completionHandler:^(OBSDeleteBucketPolicyResponse *response, NSError *error) {
     NSLog(@"%@",response);
}];

相关文档