百度智能云

All Product Document

          Object Storage

          Bucket Management

          Bucket is not only a namespace on BOS, but also a management entity with advanced features such as billing, privilege control and logging.

          • Bucket names are globally unique in all regions and cannot be modified

            Note: Baidu AI Cloud currently has opened access to multi-region support, please refer to Region Selection Description.

            Currently, it supports "North China-Beijing", "South China-Guangzhou" and "East China-Suzhou". Beijing: http://bj.bcebos.com; Guangzhou: http://gz.bcebos.com; Suzhou: http://su.bcebos.com.

          • Each object stored on the BOS must be contained in a bucket.
          • A user can create up to 100 buckets. However, there is no limit on the total number and size of objects stored in each bucket, so users do not need to consider the extensibility of data.

          Bucket Privilege management

          Set Access Privilege of Bucket

          The following code sets the privilege of bucket private.

          public void setBucketPrivate (BosClient client, String bucketName) {
              client.setBucketAcl(<bucketName>, CannedAccessControlList.Private);
          }

          CannedAccessControlList is an enumeration type that contains three values: Private, PublicRead, PublicReadWrite . They correspond to the respective privilege. For specific contents, Please see BOS API Document Privilege Control through CannedAcl.

          Set the Specified User's Access to the Bucket

          BOS can also set the access privilege of specified users to bucket, see the following codes:

          List<Grant> accessControlList = new ArrayList<Grant>(); 
          List<Grantee> grantees = new ArrayList<Grantee>(); 
          List<Permission> privilege = new ArrayList<Permission>(); 
          List<String> ipAddress = new ArrayList<String>(); 
          List<String> stringLike = new ArrayList<String>(); 
          List<String> stringEquals = new ArrayList<String>(); 
          List<String> resource = new ArrayList<String>(); 
          List<String> notResource = new ArrayList<String>(); 
          Referer referer = new Referer(); 
          Condition condition = new Condition(); 
          
          // privilegeto specific users 
          grantees.add(new Grantee("user_id1")); 
          grantees.add(new Grantee("user_id2")); 
          grantees.add(new Grantee("user_id3")); 
          
          //privilegeto Everyone 
          grantee.add(new Grantee("*")); 
          
          
          //privilegesetting 
          privilege.add(Permission.WRITE); 
          privilege.add(Permission.READ); 
          privilege.add(Permission.LIST); 
          
          // Set ip 
          ipAddress.add("ipAddress1"); 
          ipAddress.add("ipAddress2"); 
          ipAddress.add("ipAddress3"); 
          condition.setIpAddress(ipAddress); 
          
          //Set refer stringLike 
          stringLike.add("http://www.example1.com/"); 
          stringLike.add("http://www.example2.com/"); 
          stringLike.add("http://www.example3.com/"); 
          referer.setStringLike(stringLike); 
          condition.setReferer(referer); 
          
          // Set refer stringEquals 
          stringEquals.add("http://www.baidu.com"); 
          stringEquals.add("http://www.xiaomi.com"); 
          stringEquals.add("http://www.google.com"); 
          referer.setStringEquals(stringEquals); 
          condition.setReferer(referer); 
          
          // Set resource 
          resource.add("yourBucketName"); 
          
          
          //Set notResource 
          List<String> notResouce = new ArrayList<String>(); 
          notResouce.add("yourBucketName"); 
          notResouce.add("yourBucketName/*"); 
          
          Grant grant = new Grant(); 
          
          grant.setGrantee(grantees); 
          grant.setPermission(privilege); 
          grant.setCondition(condition); 
          grant.setResource(resource); 
          
          List<Grantee> grantees1 = new ArrayList<Grantee>(); 
          List<Permission> privilege1 = new ArrayList<Permission>(); 
          List<String> ipAddress1 = new ArrayList<String>(); 
          List<String> stringLike1 = new ArrayList<String>(); 
          List<String> stringEquals1 = new ArrayList<String>(); 
          List<String> resource1 = new ArrayList<String>(); 
          List<String> notResource1 = new ArrayList<String>(); 
          Referer referer1 = new Referer(); 
          Condition condition1 = new Condition(); 
          
          // privilegeto specific users 
          grantees1.add(new Grantee("user_id4")); 
          grantees1.add(new Grantee("user_id5")); 
          grantees1.add(new Grantee("user_id6")); 
          
          //privilegeto Everyone 
          grantee.add(new Grantee("*")); 
          
          //privilegesetting 
          privilege.add(Permission.FULL_CONTROL); 
          privilege1.add(Permission.WRITE); 
          privilege1.add(Permission.READ); 
          privilege1.add(Permission.LIST); 
          
          // Set ip 
          ipAddress1.add("ipAddress4"); 
          ipAddress1.add("ipAddress5"); 
          ipAddress1.add("ipAddress6"); 
          condition1.setIpAddress(ipAddress1); 
          
          //Set refer stringLike 
          stringLike1.add("http://www.example4.com/"); 
          stringLike1.add("http://www.example5.com/"); 
          stringLike1.add("http://www.example6.com/"); 
          referer1.setStringLike(stringLike1); 
          condition1.setReferer(referer1); 
          
          // Set refer stringEquals 
          stringEquals1.add("http://www.baidu1.com"); 
          stringEquals1.add("http://www.xiaomi1.com"); 
          stringEquals1.add("http://www.google1.com"); 
          referer1.setStringEquals(stringEquals1); 
          condition1.setReferer(referer1); 
          
          // Set resource 
          resource1.add("yourBucketName"); 
          
          // Set notResource 
          List<String> notResouce = new ArrayList<String>(); 
          notResouce.add("yourBucketName"); 
          notResouce.add("yourBucketName/*"); 
          
          Grant grant1 = new Grant(); 
          
          grant1.setGrantee(grantees1); 
          grant1.setPermission(privilege1); 
          grant1.setCondition(condition1); 
          grant1.setResource(resource1); 
          
          accessControlList.add(grant); 
          accessControlList.add(grant1); 
          
          SetBucketAclRequest request = new SetBucketAclRequest("yourBucketName",accessControlList); 
          client.setBucketAcl(request); 

          Note: resource and notResource cannot be set simultaneously The privilege setting in permission contains 3 values: READ, WRITE and FULL_CONTROL, corresponding to respective privilege. For the specific contents, please see BOS API Document Privilege Control through ACL File Uploading.

          Set More Bucket Access Privilege

          1.Set an anti-theft chain by using refer whitelist

          String jsonAcl = ""; 
          client.setBucketAcl("BucketName", jsonAcl) 

          Where jsonAcl is {\"accessControlList\":["+ "{\"grantee\":[{\"id\":\"*\"}], "+ "\"permission\":[\"FULL_CONTROL\"], "+ "\"condition\":{\"referer\":{\"stringEquals\":[\"http://test/index\"]}" + "}}]}

          2.Limit client IP access, and only allow a few client IP accesses

          String jsonAcl = ""; 
          client.setBucketAcl("BucketName", jsonAcl) 

          Where jsonAcl is {\"accessControlList\":["+ "{\"grantee\":[{\"id\":\"*\"}], "+ "\"permission\":[\"FULL_CONTROL\"], "+ "\"condition\":{\"ipAddress\":[\"192.170.0.6\"]" + "}}]}")

          Set STS Temporary Token Privilege

          For the temporary access identity created by STS, the administrator also can set a special permission. See Temporary Authorized Access for introduction of STS and the mode of setting temporary permission.

          For setting of STS temporary token privilege with BOS JAVA SDK, please see Create BosClient with STS

          View Privilege of Bucket

          The following code can view the privilege of bucket:

          GetBucketAclResponse aclResponse = client.getBucketAcl("bucketName");
          System.out.println(aclResponse.getAccessControlList().toString());

          The parameters available for calling in parsing class returned by getBucketAcl method include:

          Parameter Description
          owner bucket owner information
          id User ID of bucket owner
          acl Identify privilege list of bucket
          grantee Identify authorized person
          -id Authorized person ID.
          permission Identify the privilege of the authorized person.

          View the Region to Which the Bucket Belongs

          Bucket Location is bucket Region. For details of each region supported by Baidu AI Cloud, please see Region Selection Description.

          The following code can get the Location information of this bucket:

          BosClient client = new BosClient(config);
          
          ListBucketsResponse listBucketsResponse =  client.listBuckets();
          
          List<BucketSummary> bucketSummaryList =  listBucketsResponse.getBuckets();
          
          for(BucketSummary bs : bucketSummaryList){
              System.out.println( bs.getLocation());
          }
          
          System.out.println(client.getBucketLocation("bucket-test").getLocationConstraint());

          Create Bucket

          The following code can create bucket:

          public void createbucket (BosClient client, String BucketName) { 
              // Create a bucket. 
              client.createbucket(<BucketName>);                               //Designate the name of the bucket: 
          } 

          Note: Since the name of the bucket is unique in all regions, you need to make sure that the BucketName is different from that on all other regions.

          bucket has the following naming specifications:

          • Only lowercase letters, numbers and dashes (-) can be included.
          • It must begin with a lowercase letter or number.
          • The length must be between 3 and 63 bytes.

          The bucket created by the above code has private read and write privilege and the storage type is Standard.

          Enumerate Bucket

          The following code can list all the users' buckets:

          public void listbuckets (BosClient client) { 
              // Get the user's bucket list. 
              List<BucketSummary> buckets = client.listbuckets().getbuckets(); 
          
              // Traverse all buckets. 
              for (BucketSummary bucket : buckets) { 
                  System.out.println(bucket.getName()); 
              } 
          } 

          Delete Bucket

          The following code can delete a bucket:

          public void deleteBucket (BosClient client, String bucketName) {
              // Delete bucket
              client.deleteBucket(<bucketName>);                                //指定Bucket名称
          }

          Note:

          • Before deleting, you need to make sure that all objects under this bucket and the unfinished three-step upload Parts have been deleted, otherwise, the deletion will fail.
          • Before deleting bucket, you make sure that the bucket does not enable cross-region replication. It is not the source bucket or target bucket in the cross-region replication rule, otherwise it cannot be deleted.

          Judge whether a Bucket Exists or Not

          To judge whether a bucket exists, you need to do with the following code:

          public void doesBucketExist (BosClient client, String bucketName) {
          
              // Obtain the presence information of the bucket 
              boolean exists = client.doesBucketExist(<bucketName>);                //指定Bucket名称
          
              //  Output result 
              if (exists) {
                  System.out.println("Bucket exists");
              } else {
                  System.out.println("Bucket not exists");
              }
          }

          Note: If the bucket is not null (i.e. bucket has object), the bucket cannot be deleted and must be emptied to be deleted successfully.

          Set Bucket Server Encryption

          If you need to enable bucket server encryption, the following codes are available:

          Parameter Description
          encryptionAlgorithm specify the server end encryption class of bucket; currently, only AES256 encryption is supported.
          public void PutBucketEncryptionByEncryption(BosClient client, String bucketName, String encryptionAlgorithm ) {
              SetBucketEncryptionRequest setBucketEncryptionRequest = new SetBucketEncryptionRequest();
              setBucketEncryptionRequest.setBucketName(bucketName);
              BucketEncryption encryption = new BucketEncryption();
              encryption.setEncryptionAlgorithm(encryptionAlgorithm);
              setBucketEncryptionRequest.setBucketEncryption(encryption);
              client.setBucketEncryption(setBucketEncryptionRequest);
          }

          If you want to view bucket server encryption, the following codes are available:

          public GetBucketEncryptionResponse GetBucketEncryption(BosClient client, String bucketName) {
              GetBucketEncryptionRequest getBucketEncryptionRequest = new GetBucketEncryptionRequest();
              getBucketEncryptionRequest.withBucketName(bucketName);
              GetBucketEncryptionResponse resp = new GetBucketEncryptionResponse();
              resp = client.getBucketEncryption(getBucketEncryptionRequest);
              return resp;
          }

          If you want to delete bucket server encryption, the following codes are available:

          public void DeleteBucketEncryption(BosClient client, String bucketName) {
              DeleteBucketEncryptionRequest deleteBucketEncryptionRequest = new DeleteBucketEncryptionRequest();
              deleteBucketEncryptionRequest.withBucketName(bucketName);
              client.deleteBucketEncryption(deleteBucketEncryptionRequest);
          }

          Bucket Static Website Hosting

          Host website in bucket for light-weighted operation and maintenance, and the following codes are available:

          Parameter Description
          index Index file name
          notFound 404 file name
          public void PutBucketStaticWebsite(BosClient client, String bucketName, String index, String notFound) {
              SetBucketStaticWebsiteRequest setBucketStaticWebsiteRequest = new SetBucketStaticWebsiteRequest();
              setBucketStaticWebsiteRequest.setBucketName(bucketName);
              setBucketStaticWebsiteRequest.setIndex(index);
              setBucketStaticWebsiteRequest.setNotFound(notFound);
              client.setBucketStaticWebSite(setBucketStaticWebsiteRequest);
          }

          If you want to view static website hosting information, the following codes are available:

          public void PutBucketStaticWebsite(BosClient client, String bucketName, String index, String notFound) {
              SetBucketStaticWebsiteRequest setBucketStaticWebsiteRequest = new SetBucketStaticWebsiteRequest();
              setBucketStaticWebsiteRequest.setBucketName(bucketName);
              setBucketStaticWebsiteRequest.setIndex(index);
              setBucketStaticWebsiteRequest.setNotFound(notFound);
              client.setBucketStaticWebSite(setBucketStaticWebsiteRequest);
          }

          If you want to disable static website hosting, the following codes are available:

          public void DeleteBucketStaticWebsite(BosClient client, String bucketName) {
              DeleteBucketStaticWebsiteRequest deleteBucketStaticWebsiteRequest = new DeleteBucketStaticWebsiteRequest();
              deleteBucketStaticWebsiteRequest.withBucketName(bucketName);
              client.deleteBucketStaticWebSite(deleteBucketStaticWebsiteRequest);
          }

          Original Photo Protection

          If you want to enable the original photo protection of bucket, the following codes are available:

          Parameter Description
          resource represent the range of effective resources
          public void PutBucketCopyrightProtection(BosClient client, String bucketName, List<String> resource) {
              SetBucketCopyrightProtectionRequest request = new SetBucketCopyrightProtectionRequest();
              request.setBucketName(bucketName);
              request.setResource(resource);
              client.setBucketCopyrightProtection(request);
          }

          If you want to obtain the original photo protection configuration of a bucket, the following codes are available:

          public void GetBucketCopyrightProtection(BosClient client, String bucketName) {
              GetBucketCopyrightProtectionRequest getBucketCopyrightProtectionRequest =
                              new GetBucketCopyrightProtectionRequest();
              getBucketCopyrightProtectionRequest.withBucketName(bucketName);
              GetBucketCopyrightProtectionResponse resp = new GetBucketCopyrightProtectionResponse();
              resp = client.getBucketCopyrightProtection(getBucketCopyrightProtectionRequest);
              return resp;
          }

          If you want to disable the original photo protection function of bucket, the following codes are available:

          public void DeleteBucketCopyrightProtection(BosClient client, String bucketName) {
              DeleteBucketCopyrightProtectionRequest deleteBucketCopyrightProtectionRequest =
                              new DeleteBucketCopyrightProtectionRequest();
              deleteBucketCopyrightProtectionRequest.withBucketName(bucketName);
              client.deleteBucketCopyrightProtection(deleteBucketCopyrightProtectionRequest);
          }
          Previous
          Initialization
          Next
          File Management