Documentation | Tencent Cloud

Recent Pages

Access control

Last updated: 2020-05-26 18:35:14

Overview

This document provides an overview of APIs and SDK code samples related to bucket and object access control lists (ACLs).

Bucket ACL

API	Operation Name	Operation Description
PUT Bucket acl	Setting bucket ACL	Sets the ACL for a specified bucket
GET Bucket acl	Querying bucket ACL	Gets the ACL of a specified bucket

Object ACL

API	Operation Name	Operation Description
PUT Object acl	Setting object ACL	Sets the ACL for a specified object (file/object) in a bucket
GET Object acl	Querying object ACL	Queries the ACL of an object (file/object)

Bucket ACL

Setting bucket ACL

Feature description

This API is used to set the access control list (ACL) for a specified bucket.

Method prototype

public Guzzle\Service\Resource\Model putBucketAcl(array $args = array());

Sample request

try {
    $result = $cosClient->putBucketAcl(array(
        'Bucket' => 'examplebucket-1250000000', // Format: BucketName-APPID
        'ACL' => 'private',
        'Grants' => array(
            array(
                'Grantee' => array(
                    'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'Type' => 'CanonicalUser',
                ),  
                'Permission' => 'FULL_CONTROL',
            ),  
            // ... repeated
        ),  
        'Owner' => array(
            'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
            'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
        )));
    // Request succeeded
    print_r($result);
} catch (\Exception $e) {
    // Request failed
    echo "$e\n";
}

Parameter description

Parameter Name	Type	Description	Parent Node
Bucket	String	Bucket name in the format of `BucketName-APPID`	None
Grants	Array	ACL permissions list	None
Grant	Array	ACL permission information	Grants
Grantee	Array	ACL permission information	Grant
Type	String	Owner permission type	Grantee
Permission	String	Permission type. Valid values: FULL_CONTROL, WRITE, READ	Grant
ACL	String	Overall permission type. Valid values: private, public-read, public-read-write	None
Owner	String	Bucket owner information	None
DisplayName	String	Permission owner name	Grantee/Owner
ID	String	Permission owner ID	Grantee/Owner

Querying bucket ACL

Feature description

This API is used to get the access control list (ACL) for a specified bucket.

Method prototype

public Guzzle\Service\Resource\Model getBucketAcl(array $args = array());

Sample request

try {
    $result = $cosClient->getBucketAcl(array(
        'Bucket' => 'examplebucket-1250000000' // Format: BucketName-APPID
    )); 
    // Request succeeded
    print_r($result);
} catch (\Exception $e) {
    // Request failed
    echo($e);
}

Sample return result

Array
(
    [data:protected] => Array
        (
          [Owner] => Array
              (
                 [ID] => qcs::cam::uin/100000000001:uin/100000000001
                 [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
              )

          [Grants] => Array
                (
                  [0] => Array
                      (
                        [Grantee] => Array
                           (
                             [ID] => qcs::cam::uin/100000000001:uin/100000000001
                             [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
                           )

                        [Permission] => FULL_CONTROL
                      )

                )

          [RequestId] => NWE3YzhjMTRfYzdhMzNiMGFfYjdiOF8yYzZmMzU=
        )
)

Returned result description

Parameter Name	Type	Description	Parent Node
Grants	Array	ACL permissions list	None
Grant	Array	ACL permission information	Grants
Grantee	Array	ACL permission information	Grant
Permission	String	Permission type. Valid values: FULL_CONTROL, WRITE, READ	Grant
Owner	String	Bucket owner information	None
DisplayName	String	Permission owner name	Grantee/Owner
ID	String	Permission owner ID	Grantee/Owner

Object ACL

Setting object ACL

Feature description

This API (PUT Object acl) is used to set the access control list (ACL) for a specified object.

Method prototype

public Guzzle\Service\Resource\Model putObjectAcl(array $args = array());

Sample request

try {
    $result = $cosClient->putObjectAcl(array(
        'Bucket' => 'examplebucket-1250000000', // Format: BucketName-APPID
        'Key' => 'exampleobject',
        'ACL' => 'private',
        'Grants' => array(
            array(
                'Grantee' => array(
                    'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'Type' => 'CanonicalUser',
                ),  
                'Permission' => 'FULL_CONTROL',
            ),  
            // ... repeated
        ),  
        'Owner' => array(
            'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
            'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
        )));
    // Request succeeded
    print_r($result);
} catch (\Exception $e) {
    // Request failed
    echo "$e\n";
}

Parameter description

Parameter Name	Type	Description	Required
Bucket	String	Bucket name in the format of `BucketName-APPID`	Yes
Key	String	Object key	Yes
Grants	Array	ACL permission list	No
Grant	Array	ACL permission information	No
Grantee	Array	ACL permission information	No
Type	String	Owner permission type	No
Permission	String	Permission type. Valid values: FULL_CONTROL, WRITE, READ	No
ACL	String	Overall permission type. Valid values: private, public-read	No
Owner	String	Bucket owner information	No
DisplayName	String	Permission owner name	No
ID	String	Permission owner ID	No

Querying object ACL

Feature description

This API (GET Object acl) is used to query the access control list (ACL) of a specified object.

Method prototype

public Guzzle\Service\Resource\Model getObjectAcl(array $args = array());

Sample request

try {
    $result = $cosClient->getObjectAcl(array(
        'Bucket' => 'examplebucket-1250000000', // Format: BucketName-APPID
        'Key' => 'exampleobject',
    )); 
    // Request succeeded
    print_r($result);
} catch (\Exception $e) {
    // Request failed
    echo($e);
}

Sample return result

Array
(
    [data:protected] => Array
        (
            [Owner] => Array
                (
                    [ID] => qcs::cam::uin/100000000001:uin/100000000001
                    [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
                )

            [Grants] => Array
                (
                    [0] => Array
                        (
                            [Grantee] => Array
                                (
                                    [ID] => qcs::cam::uin/100000000001:uin/100000000001
                                    [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
                                )

                            [Permission] => FULL_CONTROL
                        )

                )

            [RequestId] => NWE3YzhjMTRfYzdhMzNiMGFfYjdiOF8yYzZmMzU=
        )
)

Returned result description

Parameter Name	Type	Description	Parent Node
Grants	Array	ACL permissions list	None
Grant	Array	ACL permission information	Grants
Grantee	Array	ACL permission information	Grant
Permission	String	Permission type. Valid values: FULL_CONTROL, WRITE, READ	Grant
Owner	String	Bucket owner information	None
DisplayName	String	Permission owner name	Grantee / Owner
ID	String	Permission owner ID	Grantee / Owner

Was this page helpful?

Confirm

Was this page helpful?

Not at all
Not very helpful
Somewhat helpful
Very helpful
Extremely helpful

Send Feedback

Hide

Submit a Ticket Contact Us

Help

About Tencent Cloud
Help & Support
User Center
Resources
7x24 Hotline
- Hong Kong, China
  +852 800-964-163 (Toll Free)
- United States
  +1 888-652-2736 (Toll Free)
- Korea
  +82 080-899-3166 (Toll Free; local time：9:00—12:00, 13：00-18:00)
- Others
  +86 4009100100
- Local hotline to be supported for more regions

Sign Up

Log in

Recent Pages

Access control

Overview

Bucket ACL

Setting bucket ACL

Feature description

Method prototype

Sample request

Parameter description

Querying bucket ACL

Feature description

Method prototype

Sample request

Sample return result

Returned result description

Object ACL

Setting object ACL

Feature description

Method prototype

Sample request

Parameter description

Querying object ACL

Feature description

Method prototype

Sample request

Sample return result

Returned result description

Was this page helpful?

Was this page helpful?

About Tencent Cloud

Help & Support

User Center

Resources

7x24 Hotline