管理桶策略
除了桶访问权限外,桶的拥有者还可以通过桶策略,提供对桶和桶内对象的集中访问控制。
更多关于桶策略的内容请参考桶策略。
设置桶策略
您可以通过setBucketPolicy设置桶策略。示例代码如下:
static OBSClient *client; NSString *endPoint = @"your-endpoint"; // 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量AccessKeyID和SecretAccessKey。 // 您可以登录访问管理控制台获取访问密钥AK/SK,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html char* ak_env = getenv("AccessKeyID"); char* sk_env = getenv("SecretAccessKey"); NSString *AK = [NSString stringWithUTF8String:ak_env]; NSString *SK = [NSString stringWithUTF8String:sk_env]; // 初始化身份验证 OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK]; //初始化服务配置 OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider]; // 初始化client client = [[OBSClient alloc] initWithConfiguration:conf]; // 设置桶策略 OBSSetBucketPolicyWithStringRequest *request = [[OBSSetBucketPolicyWithStringRequest alloc] initWithBucketName:@"bucketname" policyString:@"policystring"]; [client setBucketPolicy:request completionHandler:^(OBSSetBucketPolicyResponse *response, NSError *error){ NSLog(@"%@",response); }];
桶策略内容的具体格式(JSON格式字符串)请参考《对象存储服务API参考》。
获取桶策略
您可以通过getBucketPolicy获取桶策略。示例代码如下:
static OBSClient *client; NSString *endPoint = @"your-endpoint"; // 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量AccessKeyID和SecretAccessKey。 // 您可以登录访问管理控制台获取访问密钥AK/SK,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html char* ak_env = getenv("AccessKeyID"); char* sk_env = getenv("SecretAccessKey"); NSString *AK = [NSString stringWithUTF8String:ak_env]; NSString *SK = [NSString stringWithUTF8String:sk_env]; // 初始化身份验证 OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK]; //初始化服务配置 OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider]; // 初始化client client = [[OBSClient alloc] initWithConfiguration:conf]; // 获取桶策略 OBSGetBucketPolicyRequest *request = [[OBSGetBucketPolicyRequest alloc] initWithBucketName:g_bucketName]; [client getBucketPolicy:request completionHandler:^(OBSGetBucketPolicyResponse *response, NSError *error){ NSLog(@"%@",response); }];
删除桶策略
您可以通过deleteBucketPolicy删除桶策略。示例代码如下:
static OBSClient *client; NSString *endPoint = @"your-endpoint"; // 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量AccessKeyID和SecretAccessKey。 // 您可以登录访问管理控制台获取访问密钥AK/SK,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html char* ak_env = getenv("AccessKeyID"); char* sk_env = getenv("SecretAccessKey"); NSString *AK = [NSString stringWithUTF8String:ak_env]; NSString *SK = [NSString stringWithUTF8String:sk_env]; // 初始化身份验证 OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK]; //初始化服务配置 OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider]; // 初始化client client = [[OBSClient alloc] initWithConfiguration:conf]; // 删除桶策略 OBSDeleteBucketPolicyRequest *request = [[OBSDeleteBucketPolicyRequest alloc] initWithBucketName:g_bucketName]; [client deleteBucketPolicy:request completionHandler:^(OBSDeleteBucketPolicyResponse *response, NSError *error) { NSLog(@"%@",response); }];