GET Bucket acl

Last updated: 2020-06-23 17:47:39

    Description

    This API is used to get the access control list (ACL) of a bucket. To make this request, you need to have the permission to read the ACL of the bucket.

    Request

    Sample Request

    GET /?acl HTTP/1.1
    Host: <BucketName-APPID>.cos.<Region>.myqcloud.com
    Date: GMT Date
    Authorization: Auth String

    Authorization: Auth String (see Request Signature for details).

    Request Parameters

    This API does not use any request parameter.

    Request Headers

    This API only uses common request headers. For more information on common request headers, see Common Request Headers.

    Request Body

    This API does not have a request body.

    Response

    Response Headers

    This API only returns common response headers. For more information, see Common Response Headers.

    Response Body

    A successful query will return application/xml data which include the bucket owner information and full authorization information.

    <AccessControlPolicy>
        <Owner>
            <ID>string</ID>
            <DisplayName>string</DisplayName>
        </Owner>
        <AccessControlList>
            <Grant>
                <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group">
                    <URI>string</URI>
                </Grantee>
                <Permission>Enum</Permission>
            </Grant>
            <Grant>
                <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
                    <ID>string</ID>
                    <DisplayName>string</DisplayName>
                </Grantee>
                <Permission>Enum</Permission>
            </Grant>
        </AccessControlList>
    </AccessControlPolicy>

    The nodes are described in details below:

    Node Name (Keyword) Parent Node Description Type
    AccessControlPolicy None Stores the result of the GET Bucket acl operation Container

    Content of the Container node AccessControlPolicy:

    Node Name (Keyword) Parent Node Description Type
    Owner AccessControlPolicy Bucket owner information Container
    AccessControlList AccessControlPolicy Information on the grantee and permissions Container

    Content of the Container node Owner:

    Node Name (Keyword) Parent Node Description Type
    ID AccessControlPolicy.Owner Complete ID of the bucket owner in the format of qcs::cam::uin/[OwnerUin]:uin/[OwnerUin], such as qcs::cam::uin/100000000001:uin/100000000001 string
    DisplayName AccessControlPolicy.Owner Bucket owner name string

    Content of the Container node AccessControlList:

    Node Name (Keyword) Parent Node Description Type
    Grant AccessControlPolicy.AccessControlList A single permission entry Container

    Content of the Container node AccessControlList.Grant:

    Node Name (Keyword) Parent Node Description Type
    Grantee AccessControlPolicy.AccessControlList.Grant Grantee information. If xsi:type is specified as Group, the child node includes and only includes URI. If it is specified as CanonicalUser, the child nodes include and only include ID and DisplayName Container
    Permission AccessControlPolicy.AccessControlList.Grant Permissions. For the enumerated values such as WRITE and FULL_CONTROL, see the “Actions on buckets” section in ACL Overview Enum

    Content of the Container node AccessControlList.Grant.Grantee:

    Node Name (Keyword) Parent Node Description Type
    URI AccessControlPolicy.AccessControlList.Grant.Grantee Preset user group such as http://cam.qcloud.com/groups/global/AllUsers or http://cam.qcloud.com/groups/global/AuthenticatedUsers. For more information, see the “Preset user group” section in ACL Overview string
    ID AccessControlPolicy.AccessControlList.Grant.Grantee Complete ID of the grantee in the format of qcs::cam::uin/[OwnerUin]:uin/[OwnerUin], such as qcs::cam::uin/100000000001:uin/100000000001 string
    DisplayName AccessControlPolicy.AccessControlList.Grant.Grantee Grantee name string

    Error Codes

    This API uses standardized error responses and error codes. For more information, see Error Codes .

    Example

    Request

    GET /?acl HTTP/1.1
    Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.com
    Date: Mon, 17 Jun 2019 08:37:35 GMT
    Authorization: q-sign-algorithm=sha1&q-ak=AKID8A0fBVtYFrNm02oY1g1JQQF0c3JO****&q-sign-time=1560760655;1560767855&q-key-time=1560760655;1560767855&q-header-list=date;host&q-url-param-list=acl&q-signature=24b9d377eac860917a33c8c298042ce5b1a5****
    Connection: close

    Response

    HTTP/1.1 200 OK
    Content-Type: application/xml
    Content-Length: 1035
    Connection: close
    Date: Mon, 17 Jun 2019 08:37:36 GMT
    Server: tencent-cos
    x-cos-request-id: NWQwNzUxNTBfMzdiMDJhMDlfOWM0Nl85NDFk****
    
    <AccessControlPolicy>
        <Owner>
            <ID>qcs::cam::uin/100000000001:uin/100000000001</ID>
            <DisplayName>qcs::cam::uin/100000000001:uin/100000000001</DisplayName>
        </Owner>
        <AccessControlList>
            <Grant>
                <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group">
                    <URI>http://cam.qcloud.com/groups/global/AllUsers</URI>
                </Grantee>
                <Permission>READ</Permission>
            </Grant>
            <Grant>
                <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
                    <ID>qcs::cam::uin/100000000002:uin/100000000002</ID>
                    <DisplayName>qcs::cam::uin/100000000002:uin/100000000002</DisplayName>
                </Grantee>
                <Permission>WRITE</Permission>
            </Grant>
            <Grant>
                <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
                    <ID>qcs::cam::uin/100000000002:uin/100000000002</ID>
                    <DisplayName>qcs::cam::uin/100000000002:uin/100000000002</DisplayName>
                </Grantee>
                <Permission>READ_ACP</Permission>
            </Grant>
        </AccessControlList>
    </AccessControlPolicy>

    Was this page helpful?

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback
    Help