Bucket管理
更新时间:2025-04-29
Bucket既是BOS上的命名空间,也是计费、权限控制、日志记录等高级功能的管理实体。
-
Bucket名称在所有区域中具有全局唯一性,且不能修改。
说明: 百度智能云目前开放了多区域支持,请参考区域选择说明。
目前支持“华北-北京”、“华南-广州”和“华东-苏州”三个区域。北京区域:
http://bj.bcebos.com,广州区域:http://gz.bcebos.com,苏州区域:http://su.bcebos.com。 - 存储在BOS上的每个Object都必须包含在一个Bucket中。
- 一个用户最多可创建100个Bucket,但每个Bucket中存放的Object的数量和大小总和没有限制,用户不需要考虑数据的可扩展性。
Bucket权限管理
设置Bucket的访问权限
如下代码将Bucket的权限设置为了private。
Java
1public void setBucketPrivate (BosClient client, String bucketName) {
2 client.setBucketAcl(<bucketName>, CannedAccessControlList.Private);
3}CannedAccessControlList是枚举类型,包含三个值: Private 、 PublicRead 、 PublicReadWrite ,它们分别对应相关权限。具体内容可以参考BOS API文档 使用CannedAcl方式的权限控制。
设置指定用户对Bucket的访问权限
BOS还可以实现设置指定用户对Bucket的访问权限,参考如下代码实现:
Java
1List<Grant> accessControlList = new ArrayList<Grant>();
2List<Grantee> grantees = new ArrayList<Grantee>();
3List<Permission> permissions = new ArrayList<Permission>();
4List<String> ipAddress = new ArrayList<String>();
5List<String> stringLike = new ArrayList<String>();
6List<String> stringEquals = new ArrayList<String>();
7List<String> resource = new ArrayList<String>();
8List<String> notResource = new ArrayList<String>();
9Referer referer = new Referer();
10Condition condition = new Condition();
11
12// 授权给特定用户
13grantees.add(new Grantee("user_id1"));
14grantees.add(new Grantee("user_id2"));
15grantees.add(new Grantee("user_id3"));
16
17//授权给Everyone
18grantees.add(new Grantee("*"));
19
20
21//设置权限
22permissions.add(Permission.WRITE);
23permissions.add(Permission.READ);
24permissions.add(Permission.LIST);
25
26// 设置ip
27ipAddress.add("ipAddress1");
28ipAddress.add("ipAddress2");
29ipAddress.add("ipAddress3");
30condition.setIpAddress(ipAddress);
31
32//设置 refer stringLike
33stringLike.add("http://www.example1.com/");
34stringLike.add("http://www.example2.com/");
35stringLike.add("http://www.example3.com/");
36referer.setStringLike(stringLike);
37condition.setReferer(referer);
38
39// 设置 refer stringEquals
40stringEquals.add("http://www.baidu.com");
41stringEquals.add("http://www.xiaomi.com");
42stringEquals.add("http://www.google.com");
43referer.setStringEquals(stringEquals);
44condition.setReferer(referer);
45
46// 设置 resource
47resource.add("yourBucketName");
48
49
50//设置notResource
51List<String> notResouce = new ArrayList<String>();
52notResouce.add("yourBucketName");
53notResouce.add("yourBucketName/*");
54
55Grant grant = new Grant();
56
57grant.setGrantee(grantees);
58grant.setPermission(permissions);
59grant.setCondition(condition);
60grant.setResource(resource);
61
62List<Grantee> grantees1 = new ArrayList<Grantee>();
63List<Permission> permissions1 = new ArrayList<Permission>();
64List<String> ipAddress1 = new ArrayList<String>();
65List<String> stringLike1 = new ArrayList<String>();
66List<String> stringEquals1 = new ArrayList<String>();
67List<String> resource1 = new ArrayList<String>();
68List<String> notResource1 = new ArrayList<String>();
69Referer referer1 = new Referer();
70Condition condition1 = new Condition();
71
72// 授权给特定用户
73grantees1.add(new Grantee("user_id4"));
74grantees1.add(new Grantee("user_id5"));
75grantees1.add(new Grantee("user_id6"));
76
77//授权给Everyone
78grantees.add(new Grantee("*"));
79
80//设置权限
81permissions.add(Permission.FULL_CONTROL);
82permissions1.add(Permission.WRITE);
83permissions1.add(Permission.READ);
84permissions1.add(Permission.LIST);
85
86// 设置ip
87ipAddress1.add("ipAddress4");
88ipAddress1.add("ipAddress5");
89ipAddress1.add("ipAddress6");
90condition1.setIpAddress(ipAddress1);
91
92//设置 refer stringLike
93stringLike1.add("http://www.example4.com/");
94stringLike1.add("http://www.example5.com/");
95stringLike1.add("http://www.example6.com/");
96referer1.setStringLike(stringLike1);
97condition1.setReferer(referer1);
98
99// 设置 refer stringEquals
100stringEquals1.add("http://www.baidu1.com");
101stringEquals1.add("http://www.xiaomi1.com");
102stringEquals1.add("http://www.google1.com");
103referer1.setStringEquals(stringEquals1);
104condition1.setReferer(referer1);
105
106// 设置 resource
107resource1.add("yourBucketName");
108
109// 设置notResource
110List<String> notResouce = new ArrayList<String>();
111notResouce.add("yourBucketName");
112notResouce.add("yourBucketName/*");
113
114Grant grant1 = new Grant();
115
116grant1.setGrantee(grantees1);
117grant1.setPermission(permissions1);
118grant1.setCondition(condition1);
119grant1.setResource(resource1);
120
121accessControlList.add(grant);
122accessControlList.add(grant1);
123
124SetBucketAclRequest request = new SetBucketAclRequest("yourBucketName",accessControlList);
125client.setBucketAcl(request);注意: resource和notResource不能同时设置 Permission中的权限设置包含三个值:
READ、WRITE、FULL_CONTROL,它们分别对应相关权限。具体内容可以参考BOS API文档 上传ACL文件方式的权限控制。
设置更多Bucket访问权限
- 通过设置refer白名单方式设置防盗链
Java
1String jsonAcl = "";
2client.setBucketAcl("bucketName", jsonAcl)其中jsonAcl为{\"accessControlList\":["+ "{\"grantee\":[{\"id\":\"*\"}], "+ "\"permission\":[\"FULL_CONTROL\"], "+ "\"condition\":{\"referer\":{\"stringEquals\":[\"http://test/index\"]}" + "}}]}
- 限制客户端IP访问,只允许部分客户端IP访问
Java
1String jsonAcl = "";
2client.setBucketAcl("bucketName", jsonAcl)其中jsonAcl为{\"accessControlList\":["+ "{\"grantee\":[{\"id\":\"*\"}], "+ "\"permission\":[\"FULL_CONTROL\"], "+ "\"condition\":{\"ipAddress\":[\"192.170.0.6\"]" + "}}]}")
设置STS临时token权限
对于通过STS方式创建的临时访问身份,管理员也可进行专门的权限设定。 STS的简介及设置临时权限的方式可参见临时授权访问。
使用BOS JAVA SDK设置STS临时token权限可参考使用STS创建BosClient
查看Bucket的权限
如下代码可以查看Bucket的权限:
Java
1GetBucketAclResponse aclResponse = client.getBucketAcl("bucketName");
2System.out.println(aclResponse.getAccessControlList().toString());getBucketAcl方法返回的解析类中可供调用的参数有:
| 参数 | 说明 |
|---|---|
| owner | Bucket owner信息 |
| id | Bucket owner的用户ID |
| acl | 标识Bucket的权限列表 |
| grantee | 标识被授权人 |
| -id | 被授权人ID |
| permission | 标识被授权人的权限 |
查看Bucket所属的区域
Bucket Location即Bucket Region,百度智能云支持的各region详细信息可参见区域选择说明。
如下代码可以获取该Bucket的Location信息:
Java
1BosClient client = new BosClient(config);
2
3ListBucketsResponse listBucketsResponse = client.listBuckets();
4
5List<BucketSummary> bucketSummaryList = listBucketsResponse.getBuckets();
6
7for(BucketSummary bs : bucketSummaryList){
8 System.out.println( bs.getLocation());
9}
10
11System.out.println(client.getBucketLocation("bucket-test").getLocationConstraint());新建Bucket
如下代码可以新建一个Bucket:
Java
1public void createBucket (BosClient client, String bucketName) {
2 // 新建一个Bucket
3 client.createBucket(<bucketName>); //指定Bucket名称
4}注意: 由于Bucket的名称在所有区域中是唯一的,所以需要保证bucketName不与其他所有区域上的Bucket名称相同。
Bucket的命名有以下规范:
- 只能包括小写字母,数字,短横线(-)。
- 必须以小写字母或者数字开头。
- 长度必须在4-63字节之间。
通过上述代码创建的bucket,权限是私有读写,存储类型是标准类型(Standard)。
- 新建lcc bucket
java sdk支持新建lcc bucket,用户可以在构造新建bucket的请求中填入lcclocation,CreateBucketRequest具体参数如下:
| 参数 | 类型 | 说明 |
|---|---|---|
| bucketTags | String | Bucket 标签 |
| lccLocation | String | lcc id,用于创建lcc bucket到特定的lcc集群 |
| enableDedicated | Boolean | 用于控制控制台开启lcc识别白名单 |
如下代码可以新建一个lcc Bucket:
Java
1public void createBucket (BosClient client, String bucketName) {
2 CreateBucketRequest request = new CreateBucketRequest("bucketName");
3 // 设置lcc location id
4 request.setLccLocation("lcc id");
5 request.setEnableDedicated(true);
6 client.createBucket(request);
7}列举Bucket
如下代码可以列出用户所有的Bucket,或参考完整示例。
Java
1public void listBuckets (BosClient client) {
2 // 获取用户的Bucket列表
3 List<BucketSummary> buckets = client.listBuckets().getBuckets();
4
5 // 遍历Bucket
6 for (BucketSummary bucket : buckets) {
7 System.out.println(bucket.getName());
8 }
9} 删除Bucket
如下代码可以删除一个Bucket,或参考完整示例。
Java
1public void deleteBucket (BosClient client, String bucketName) {
2 // 删除Bucket
3 client.deleteBucket(<bucketName>); //指定Bucket名称
4}注意:
- 在删除前需要保证此Bucket下的所有Object和未完成的三步上传Part已经被删除,否则会删除失败。
- 在删除前确认该Bucket没有开通跨区域复制,不是跨区域复制规则中的源Bucket或目标Bucket,否则不能删除。
判断Bucket是否存在
若用户需要判断某个Bucket是否存在,则如下代码可以做到,或参考完整示例。
Java
1public void doesBucketExist (BosClient client, String bucketName) {
2
3 // 获取Bucket的存在信息
4 boolean exists = client.doesBucketExist(<bucketName>); //指定Bucket名称
5
6 // 输出结果
7 if (exists) {
8 System.out.println("Bucket exists");
9 } else {
10 System.out.println("Bucket not exists");
11 }
12}注意: 如果Bucket不为空(即Bucket中有Object存在),则Bucket无法被删除,必须清空Bucket后才能成功删除。
设置Bucket存储类型
新建的Bucket默认是标准存储类型,用户也可以通过如下代码设置或获取指定Bucket的存储类型:
| 参数 | 说明 |
|---|---|
| storageClass | 存储类型,支持"STANDARD"、"STANDARD_IA"、"COLD"、"ARCHIVE" |
Java
1public void PutBucketStorageClass() {
2 // 设置"STANDARD_IA",低频存储
3 String storageClass = STORAGE_CLASS_STANDARD_IA;
4 this.client.putBucketStorageClass(this.bucketName, storageClass);
5}
6
7public String GetBucketStorageClass() {
8 GetBucketStorageClassResponse response = this.client.getBucketStorageClass(this.bucketName);
9 return response.getStorageClass();
10}设置Bucket服务端加密
若用户需要开启Bucket服务端加密,则如下代码可以做到:
| 参数 | 说明 |
|---|---|
| encryptionAlgorithm | 指定Bucket的服务器端加密类型,当前只支持AES256加密。 |
Java
1public void PutBucketEncryptionByEncryption(BosClient client, String bucketName, String encryptionAlgorithm ) {
2 SetBucketEncryptionRequest setBucketEncryptionRequest = new SetBucketEncryptionRequest();
3 setBucketEncryptionRequest.setBucketName(bucketName);
4 BucketEncryption encryption = new BucketEncryption();
5 encryption.setEncryptionAlgorithm(encryptionAlgorithm);
6 setBucketEncryptionRequest.setBucketEncryption(encryption);
7 client.setBucketEncryption(setBucketEncryptionRequest);
8}若用户想查看Bucket服务端加密信息,则如下代码可以做到:
Java
1public GetBucketEncryptionResponse GetBucketEncryption(BosClient client, String bucketName) {
2 GetBucketEncryptionRequest getBucketEncryptionRequest = new GetBucketEncryptionRequest();
3 getBucketEncryptionRequest.withBucketName(bucketName);
4 GetBucketEncryptionResponse resp = new GetBucketEncryptionResponse();
5 resp = client.getBucketEncryption(getBucketEncryptionRequest);
6 return resp;
7}若用户想删除Bucket服务端加密信息,则如下代码可以做到:
Java
1public void DeleteBucketEncryption(BosClient client, String bucketName) {
2 DeleteBucketEncryptionRequest deleteBucketEncryptionRequest = new DeleteBucketEncryptionRequest();
3 deleteBucketEncryptionRequest.withBucketName(bucketName);
4 client.deleteBucketEncryption(deleteBucketEncryptionRequest);
5}Bucket数据同步
若用户需要开启Bucket之间的数据同步,则如下代码可以做到:
| 参数 | 是否必须 | 描述 |
|---|---|---|
| id | 是 | replication规则名,id 由数字字母 - _ 组成,不得超过20个字符 |
| status | 是 | 是否生效,生效为enabled |
| resource | 是 | replication生效前缀,resource的配置形式为{$bucket_name/<生效的对象前缀>},必须要以$bucket_name+/开头 |
| destination | 是 | 复制的目的端配置 |
| +bucket | 是 | 目的Bucket name |
| +storageClass | 否 | 目的Object的存储类型。如果保持和源Bucket的存储类型一致,则该参数不需要配置;如果需要单独指定存储类型可以为STANDARD,STANDARD_IA,COLD。 |
| replicateHistory | 否 | 历史文件复制,有该项则认为是开启。开启历史文件复制后,存量的全部Object都同步复制到目的Bucket,复制范围共用resource。 |
| +storageClass | 否 | 目的Object的存储类型。如果保持和源Bucket的存储类型一致,则该参数不需要配置;如果需要单独指定存储类型可以为STANDARD,STANDARD_IA,COLD。 |
| replicateDeletes | 是 | 是否开启删除同步,可以为enabled,disabled 。 |
Java
1public void PutBucketReplicationByReplication(BosClient client, String bucketName, String replicationId, String dstBucketName) {
2 SetBucketReplicationRequest request = new SetBucketReplicationRequest(bucketName);
3 request.setId(replicationId);
4 request.setStatus("enabled");
5 String[] resource = {bucketName + "/abc"};
6 request.setResource(resource);
7 Destination destination = new Destination();
8 destination.setBucket(dstBucketName);
9 request.setDestination(destination);
10 request.setReplicateDeletes("enabled");
11 client.setBucketReplication(request);
12 }若用户想获取bucket指定id的数据同步信息,包括源Bucket名称、目的Bucket名称、存储类型、是否进行历史复制,数据同步策略,目的region等。如下代码可以做到:
Java
1public void GetBucketReplication(BosClient client, String bucketName, String replicationId) {
2 GetBucketReplicationRequest grequest = new GetBucketReplicationRequest(bucketName);
3 grequest.setId(replicationId);
4 GetBucketReplicationResponse response = client.getBucketReplication(grequest);
5 }若用户想删除bucket指定id的数据同步,则如下代码可以做到:
Java
1public void DeleteBucketReplication(BosClient client, String bucketName, String replicationId) {
2 DeleteBucketReplicationRequest drequest = new DeleteBucketReplicationRequest();
3 drequest.setBucketName(this.bucketName);
4 drequest.setId(this.replicationId);
5 client.deleteBucketReplication(drequest);
6}若用户想获取bucket所有的replication同步规则,则如下代码可以做到:
Java
1public void ListBucketReplication(BosClient client, String bucketName) {
2 ListBucketReplicationResponse replicationResponse;
3 ListBucketReplicationRequest listreq = new ListBucketReplicationRequest(this.bucketName);
4 replicationResponse = client.listBucketReplication(listreq);
5}若用户想获取指定id的数据同步复制的进程状态,则如下代码可以做到:
Java
1public void GetBucketReplicationProgress(BosClient client, String bucketName,String replicationId) {
2 GetBucketReplicationProgressRequest proreq = new GetBucketReplicationProgressRequest(this.bucketName);
3 proreq.setId(this.replicationId);
4 BucketReplicationProgress progress = client.getBucketReplicationProgress(proreq);
5}Bucket静态网站托管
将网站托管在Bucket上,实现轻量化运维,如下代码可以做到:
| 参数 | 说明 |
|---|---|
| index | Index文件名称 |
| notFound | 404文件名称 |
Java
1public void PutBucketStaticWebsite(BosClient client, String bucketName, String index, String notFound) {
2 SetBucketStaticWebsiteRequest setBucketStaticWebsiteRequest = new SetBucketStaticWebsiteRequest();
3 setBucketStaticWebsiteRequest.setBucketName(bucketName);
4 setBucketStaticWebsiteRequest.setIndex(index);
5 setBucketStaticWebsiteRequest.setNotFound(notFound);
6 client.setBucketStaticWebSite(setBucketStaticWebsiteRequest);
7}若用户想查看静态网站托管信息,则如下代码可以做到:
Java
1public GetBucketStaticWebsiteResponse GetBucketStaticWebsite(BosClient client, String bucketName) {
2 GetBucketStaticWebsiteRequest getBucketStaticWebsiteRequest = new GetBucketStaticWebsiteRequest();
3 getBucketStaticWebsiteRequest.withBucketName(bucketName);
4 GetBucketStaticWebsiteResponse resp = new GetBucketStaticWebsiteResponse();
5 resp = client.getBucketStaticWebsite(getBucketStaticWebsiteRequest);
6 return resp;
7}若用户想关闭静态网站托管功能,则如下代码可以做到:
Java
1public void DeleteBucketStaticWebsite(BosClient client, String bucketName) {
2 DeleteBucketStaticWebsiteRequest deleteBucketStaticWebsiteRequest = new DeleteBucketStaticWebsiteRequest();
3 deleteBucketStaticWebsiteRequest.withBucketName(bucketName);
4 client.deleteBucketStaticWebSite(deleteBucketStaticWebsiteRequest);
5}原图保护
若用户想开启Bucket的原图保护功能,则如下代码可以做到:
| 参数 | 说明 |
|---|---|
| resource | 表示生效的资源范围 |
Java
1public void PutBucketCopyrightProtection(BosClient client, String bucketName, List<String> resource) {
2 SetBucketCopyrightProtectionRequest request = new SetBucketCopyrightProtectionRequest();
3 request.setBucketName(bucketName);
4 request.setResource(resource);
5 client.setBucketCopyrightProtection(request);
6}若用户想获取某个Bucket的原图保护配置情况,则如下代码可以做到:
Java
1public GetBucketCopyrightProtectionResponse GetBucketCopyrightProtection(BosClient client, String bucketName) {
2 GetBucketCopyrightProtectionRequest getBucketCopyrightProtectionRequest =
3 new GetBucketCopyrightProtectionRequest();
4 getBucketCopyrightProtectionRequest.withBucketName(bucketName);
5 GetBucketCopyrightProtectionResponse resp = new GetBucketCopyrightProtectionResponse();
6 resp = client.getBucketCopyrightProtection(getBucketCopyrightProtectionRequest);
7 return resp;
8}若用户想关闭原图保护功能,则如下代码可以做到:
Java
1public void DeleteBucketCopyrightProtection(BosClient client, String bucketName) {
2 DeleteBucketCopyrightProtectionRequest deleteBucketCopyrightProtectionRequest =
3 new DeleteBucketCopyrightProtectionRequest();
4 deleteBucketCopyrightProtectionRequest.withBucketName(bucketName);
5 client.deleteBucketCopyrightProtection(deleteBucketCopyrightProtectionRequest);
6}