PUT Bucket acl
Description
This implementation of the PUT
operation uses the acl
sub-resource to set the access control list (ACL) permissions for
an existing bucket. (To set the ACL permissions of a bucket when you create it, use the
x-amz-acl
request header.) To set the ACL of a bucket, you
must have WRITE_ACP permission.
For more information about creating a bucket, see
Requests
Syntax
PUT /?acl HTTP/1.1 Host:BucketName
.s3.amazonaws.com Date:date
Authorization:signatureValue
<AccessControlPolicy> <Owner> <ID>ID
</ID> <DisplayName>EmailAddress
</DisplayName> </Owner> <AccessControlList> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>ID
</ID> <DisplayName>EmailAddress
</DisplayName> </Grantee> <Permission>Permission
</Permission> </Grant> </AccessControlList> </AccessControlPolicy>
Request Parameters
This implementation of the operation does not use request parameters.
Request Headers
This implementation of the operation only uses request headers common to all operations. For more information, see Common Request Headers.
Request Elements
Name | Description | Required |
---|---|---|
AccessControlList |
Container for Grant, Grantee, and Permission Type: Container Ancestors: AcessControlPolicy |
No |
AccessControlPolicy |
Contains the elements that set the ACL permissions for an object per Grantee. Type: String Ancestors: None |
No |
DisplayName |
Screen name of the bucket owner. Type: String Ancestors: AcessControlPolicy.Owner |
No |
Grant |
Container for the grantee and his or her permissions. Type: Container Ancestors: AcessControlPolicy.AccessControlList |
No |
Grantee |
The subject whose permissions are being set. For more information, see Grantee Values. Type: String Ancestors: AcessControlPolicy.AccessControlList.Grant |
No |
ID |
ID of the bucket owner, or the ID of the grantee. Type: String Ancestors: AcessControlPolicy.Owner | AcessControlPolicy.AccessControlList.Grant |
No |
Owner |
Container for the bucket owner's display name and ID. Type: Container Ancestors: AcessControlPolicy |
No |
Permission |
Specifies the permission given to the grantee. Type: String Valid Values: FULL_CONTROL | WRITE | WRITE_ACP | READ | READ_ACP Ancestors: AcessControlPolicy.AccessControlList.Grant |
No |
Grantee Values
You can specify the person (grantee) that you're assigning access rights to (using request elements) in the following ways:
-
By the person's ID:
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>
ID
</ID> <DisplayName>GranteesEmail
</DisplayName> </Grantee>DisplayName
is optional and ignored in the request. -
By E-mail address:
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="AmazonCustomerByEmail"> <EmailAddress>
[email protected]
</EmailAddress> </Grantee>The grantee is resolved to the
CanonicalUser
and in a response to aGET Object acl
request appears as theCanonicalUser
. -
By URI:
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"> <URI>
http://acs.amazonaws.com/groups/global/AuthenticatedUsers
<URI> </Grantee>
Responses
Response Headers
This implementation of the operation uses only response headers that are common to most responses. For more information, see Common Response Headers.
Response Elements
This implementation of the operation does not return response elements.
Special Errors
This implementation of the operation does not return special errors. For general information about Amazon S3 errors and a list of error codes, see Error Responses.
Examples
Sample Request
This request gives the owner of the bucket full control.
PUT ?acl HTTP/1.1 Host: quotes.s3.amazonaws.com Content-Length: 214 Date: Wed, 25 Nov 2009 12:00:00 GMT Authorization: AWS 15B4D3461F177624206A:xQE0diMbLRepdf3YB+FIEXAMPLE= <AccessControlPolicy> <Owner> <ID>8a6925ce4adf588a4f21c32aa379004fef</ID> <DisplayName>[email protected]</DisplayName> </Owner> <AccessControlList> <Grant> <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> <ID>8a6925ce47f21c32aa379004fef</ID> <DisplayName>[email protected]</DisplayName> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> </AccessControlList> </AccessControlPolicy>
Sample Response
HTTP/1.1 200 OK x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo x-amz-request-id: 236A8905248E5A01 Date: Wed, 01 Mar 2009 12:00:00 GMT