Configuring a Bucket ACL

You can use an Access Control List (ACL) to set permissions for other users to access and manage your bucket. For more information, see Access Control List (ACL) Reference.

Configuring a Bucket ACL Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

To configure the ACL of a bucket, use the put-bucket-acl command following this syntax:

Request sample

$ aws s3api put-bucket-acl \
    --profile YOUR_PROFILE \
    --bucket BUCKET \
    --acl private \
    --grant-full-control "id=USER_ID, id=USER_ID" \
    --grant-read "id=USER_ID, id=USER_ID" \
    --grant-read-acp "id=USER_ID, id=USER_ID" \
    --grant-write "id=USER_ID, id=USER_ID" \
    --grant-write-acp "id=USER_ID, id=USER_ID" \
    --endpoint https://oos.eu-west-2.outscale.com

This command contains the following options that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
bucket: The name of the bucket for which you want to set the ACL.

(optional) acl: The permissions you grant for your bucket (private | public-read | public-read-write | authenticated-read).

If you do not specify a permission for your bucket upon creation, it will automatically be set to private.
When specifying new permissions, all the previous permissions are replaced. Therefore, you need to specify both the existing permissions that you want to keep and the new permissions that you want to give in a single command.

For more information about existing permissions, see Getting Information About a Bucket ACL and Getting Information About an Object ACL.

(optional) grant-full-control: One or more IDs of users to whom you grant the full-control permission.
(optional) grant-read: One or more IDs of users to whom you grant the read permission.
(optional) grant-read-acp: One or more IDs of users to whom you grant the read-acp permission.
(optional) grant-write: One or more IDs of users to whom you grant the write permission.

(optional) grant-write-acp: One or more IDs of users to whom you grant the write-acp permission.

You need to specify S3 user IDs. You can retrieve S3 user IDs via the Listing Your Buckets and Listing the Objects of a Bucket methods.
You can also specify user email addresses using the emailaddress=name@domain.com format.

endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The ACL is configured for your bucket.

Related Pages

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.