PutBucketACL
    • PDF

    PutBucketACL

    • PDF

    Article summary

    Available in Classic and VPC

    Create an access control list (ACL) to apply to buckets in Object Storage, or edit an existing ACL.
    Applying ACLs allows you to grant different sets of permissions to different storage accounts based on the account's identity or by using a predefined ACL (default ACL).

    Note

    You can grant access to buckets and objects to members who are using NAVER Cloud Platform's Object Storage service.
    For more information, see Access control list (ACL).

    Requests

    The following describes the request format for the endpoint. The request format is as follows.

    MethodURI
    PUT{bucket-name}

    Request syntax

    The request syntax is as follows.

    PUT https://{endpoint}/{bucket-name}?acl= # path style
    PUT https://{bucket-name}.{endpoint}?acl= # virtual host style
    

    Request headers

    The following describes the bucket ACL settings API headers. For headers common to all Object Storage APIs, see Object Storage common headers.

    HeadersDescription
    x-amz-aclPermissions granted to owners and users

    Request path parameters

    The following describes the parameters.

    FieldTypeRequiredDescription
    bucket-nameStringRequiredName of the bucket to create or edit access control list (ACL) for

    Request query parameters

    The following describes the parameters.

    FieldTypeRequiredDescription
    aclStringOptionalCreate or edit access control list (ACL)

    Request example

    The following is a sample request.

    Default ACL

    The following is an example of requesting that a bucket be granted public-read permission through the x-amz-acl request header. Once that permission is granted, anyone using the storage account will be able to see the contents and ACL details of that bucket.

    PUT /{bucket-name}?acl= HTTP/1.1
    Host: kr.object.ncloudstorage.com
    X-amz-date: {Timestamp}
    x-amz-acl: public-read
    Authorization: {authorization-string}
    

    Custom ACL

    The following is an example of using a different account to request to be able to view the ACLs applied to a bucket, but not to be able to view the objects stored in the bucket.

    In the XML content below, the second account is granted all permissions, so it can perform all operations within the same bucket. Any user authenticated to the system can view objects in the bucket.

    PUT /{bucket-name}?acl= HTTP/1.1
    Host: kr.object.ncloudstorage.com
    X-amz-date: {Timestamp}
    Authorization: {authorization-string}
    
    <?xml version="1.0" encoding="UTF-8"?>
    <AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
      <Owner>
        <ID>{owner-user-id}</ID>
        <DisplayName>{owner-user-id}</DisplayName>
      </Owner>
      <AccessControlList>
        <Grant>
          <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
            <ID>{first-grantee-user-id}</ID>
            <DisplayName>{first-grantee-user-id}</DisplayName>
          </Grantee>
          <Permission>READ_ACP</Permission>
        </Grant>
        <Grant>
          <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
            <ID>{second-grantee-user-id}</ID>
            <DisplayName>{second-grantee-user-id}</DisplayName>
          </Grantee>
          <Permission>FULL_CONTROL</Permission>
        </Grant>
      </AccessControlList>
    </AccessControlPolicy>
    

    Responses

    The following describes the response format.

    Response headers

    For response headers common to all Object Storage APIs, see Object Storage common response headers.

    Response status codes

    For response status codes common to all Object Storage APIs, see Object Storage response status codes.

    Response example

    The following is a sample response.

    Default ACL

    The following is a sample default ACL response.

    HTTP/1.1 200 OK
    Date: Wed, 24 Aug 2016 17:45:25 GMT
    Accept-Ranges: bytes
    x-amz-request-id: xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
    Content-Length: 0
    

    Custom ACL

    The following is a sample custom ACL response.

    HTTP/1.1 200 OK
    Date: Wed, 24 Aug 2016 17:45:25 GMT
    Accept-Ranges: bytes
    x-amz-request-id: xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
    

    Was this article helpful?

    What's Next
    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.