Amazon Simple Storage Service
API Reference (API Version 2006-03-01)
AWS Documentation » Amazon Simple Storage Service (S3) » API Reference » REST API » Operations on Buckets » PUT Bucket acl
Print this pageEmail this pageGo to the ForumsView the PDFShare this page on TwitterShare this page on FacebookBookmark this page on DeliciousSubmit this page to RedditSubmit this page to DiggDid this page help you?  Yes  No   Tell us about it...

PUT Bucket acl

Description

This implementation of the PUT operation uses the acl subresource to set the access control list (ACL) permissions for an existing bucket. (To set the ACL permissions of a bucket when you create it, use the x-amz-acl request header.) To set the ACL of a bucket, you must have WRITE_ACP permission.

For more information about creating a bucket, see PUT Bucket. For more information about returning the ACL of a bucket, see GET Bucket ACL. For more information about setting the Versioning for a bucket, see PUT Bucket Versioning Status.

Requests

Syntax

PUT /?acl HTTP/1.1
Host: BucketName.s3.amazonaws.com
Date: date
Authorization: signatureValue

<AccessControlPolicy>
  <Owner>
    <ID>ID</ID>
    <DisplayName>EmailAddress</DisplayName>
  </Owner>
  <AccessControlList>
    <Grant>
      <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
        <ID>ID</ID>
        <DisplayName>EmailAddress</DisplayName>
      </Grantee>
      <Permission>Permission</Permission>
    </Grant>
  </AccessControlList>
</AccessControlPolicy>

Request Parameters

This implementation of the operation does not use request parameters.

Request Headers

This implementation of the operation only uses request headers common to all operations. For more information, see Common Request Headers.

Request Elements

Name Description Required
AccessControlList

Container for Grant, Grantee, and Permission

Type: Container

Ancestors: AcessControlPolicy

No
AccessControlPolicy

Contains the elements that set the ACL permissions for an object per Grantee.

Type: String

Ancestors: None

No
DisplayName

Screen name of the bucket owner.

Type: String

Ancestors: AcessControlPolicy.Owner

No
Grant

Container for the grantee and his or her permissions.

Type: Container

Ancestors: AcessControlPolicy.AccessControlList

No
Grantee

The subject whose permissions are being set. For more information, see Grantee Values.

Type: String

Ancestors: AcessControlPolicy.AccessControlList.Grant

No
ID

ID of the bucket owner, or the ID of the grantee.

Type: String

Ancestors: AcessControlPolicy.Owner | AcessControlPolicy.AccessControlList.Grant

No
Owner

Container for the bucket owner's display name and ID.

Type: Container

Ancestors: AcessControlPolicy

No
Permission

Specifies the permission given to the grantee.

Type: String

Valid Values: FULL_CONTROL | WRITE | WRITE_ACP | READ | READ_ACP

Ancestors: AcessControlPolicy.AccessControlList.Grant

No

Grantee Values

You can specify the person (grantee) that you're assigning access rights to (using request elements) in the following ways:

  • By the person's ID:

    <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
  <ID>ID</ID>
  <DisplayName>GranteesEmail</DisplayName>
</Grantee>

    DisplayName is optional and ignored in the request.

  • By E-mail address:

    <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="AmazonCustomerByEmail">
  <EmailAddress>Grantees@email.com</EmailAddress>
</Grantee>

    The grantee is resolved to the CanonicalUser and in a response to a GET Object acl request appears as the CanonicalUser.

  • By URI:

    <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group">
  <URI>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<URI>
</Grantee>

Responses

Response Headers

This implementation of the operation uses only response headers that are common to most responses. For more information, see Common Response Headers.

Response Elements

This implementation of the operation does not return response elements.

Special Errors

This implementation of the operation does not return special errors. For general information about Amazon S3 errors and a list of error codes, see Error Responses.

Examples

Sample Request

This request gives the owner of the bucket full control.

PUT ?acl HTTP/1.1
Host: quotes.s3.amazonaws.com
Content-Length: 214
Date: Wed, 25 Nov 2009 12:00:00 GMT
Authorization: AWS 15B4D3461F177624206A:xQE0diMbLRepdf3YB+FIEXAMPLE=

<AccessControlPolicy>
  <Owner>
    <ID>8a6925ce4adf588a4f21c32aa379004fef</ID>
    <DisplayName>BucketOwnersEmail@amazon.com</DisplayName>
  </Owner>
  <AccessControlList>
    <Grant>
      <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
        <ID>8a6925ce47f21c32aa379004fef</ID>
        <DisplayName>BucketOwnersEmail@amazon.com</DisplayName>
      </Grantee>
      <Permission>FULL_CONTROL</Permission>
    </Grant>
  </AccessControlList>
</AccessControlPolicy>

Sample Response

HTTP/1.1 200 OK
x-amz-id-2: YgIPIfBiKa2bj0KMgUAdQkf3ShJTOOpXUueF6QKo
x-amz-request-id: 236A8905248E5A01
Date: Wed, 01 Mar  2009 12:00:00 GMT

Related Resources

Document Conventions
Terms of Use		Did this page help you?  Yes  No   Tell us about it...