Access Control

Last updated: 2020-08-31 16:34:30

    Overview

    This document provides an overview of APIs and SDK code samples related to bucket and object access control lists (ACL).

    Bucket ACL

    API Operation Description
    PUT Bucket acl Setting a bucket ACL Sets an ACL for a specified bucket
    GET Bucket acl Querying a bucket ACL Queries the ACL of a specified bucket

    Object ACL

    API Operation Description
    PUT Object acl Setting an object ACL Sets an ACL for a specified object in a bucket
    GET Object acl Querying an object ACL Queries the ACL of an object

    SDK API Reference

    For the parameters and method descriptions of all the APIs in the SDK, see Api Documentation.

    Bucket ACL

    Setting a bucket ACL

    API description

    This API is used to set an access control list (ACL) for a specified bucket.

    Sample code

    try
    {
      String bucket = "examplebucket-1250000000"; // Format: BucketName-APPID
      PutBucketACLRequest request = new PutBucketACLRequest(bucket);
      // Set private read and write permissions
      request.SetCosACL(CosACL.PRIVATE);
      // Grant read permission for account 1131975903
      COSXML.Model.Tag.GrantAccount readAccount = new COSXML.Model.Tag.GrantAccount();
      readAccount.AddGrantAccount("1131975903", "1131975903");
      request.SetXCosGrantRead(readAccount);
      // Execute the request
      PutBucketACLResult result = cosXml.PutBucketACL(request);
      // Request successful
      Console.WriteLine(result.GetResultInfo());
    }
    catch (COSXML.CosException.CosClientException clientEx)
    {
      // Request failed
      Console.WriteLine("CosClientException: " + clientEx);
    }
    catch (COSXML.CosException.CosServerException serverEx)
    {
      // Request failed
      Console.WriteLine("CosServerException: " + serverEx.GetInfo());
    }

    Note:

    For more samples, please visit GitHub.

    Querying a bucket ACL

    API description

    This API is used to query the access control list (ACL) of a specified bucket.

    Sample code

    try
    {
      String bucket = "examplebucket-1250000000"; // Format: BucketName-APPID
      GetBucketACLRequest request = new GetBucketACLRequest(bucket);
      // Execute the request
      GetBucketACLResult result = cosXml.GetBucketACL(request);
      // Bucket ACL information
      AccessControlPolicy acl = result.accessControlPolicy;
    }
    catch (COSXML.CosException.CosClientException clientEx)
    {
      // Request failed
      Console.WriteLine("CosClientException: " + clientEx);
    }
    catch (COSXML.CosException.CosServerException serverEx)
    {
      // Request failed
      Console.WriteLine("CosServerException: " + serverEx.GetInfo());
    }

    Note:

    For more samples, please visit GitHub.

    Object ACL

    Setting an object ACL

    API description

    This API is used to set the access control list (ACL) for an object in a bucket.

    Sample code

    // To avoid reaching the upper limit of 1,000 bucket ACLs,
    // we do not recommend setting an object ACL for a single object unless absolutely necessary. The object will inherit bucket permissions by default.
    try
    {
      string bucket = "examplebucket-1250000000"; // Bucket name in the format: BucketName-APPID
      string key = "exampleobject"; // Object key
      PutObjectACLRequest request = new PutObjectACLRequest(bucket, key);
      // Set private read and write permissions 
      request.SetCosACL(CosACL.PRIVATE);
      // Grant read permission for account 1131975903 
      COSXML.Model.Tag.GrantAccount readAccount = new COSXML.Model.Tag.GrantAccount();
      readAccount.AddGrantAccount("1131975903", "1131975903");
      request.SetXCosGrantRead(readAccount);
      // Execute the request
      PutObjectACLResult result = cosXml.PutObjectACL(request);
      // Request successful
      Console.WriteLine(result.GetResultInfo());
    }
    catch (COSXML.CosException.CosClientException clientEx)
    {
      // Request failed
      Console.WriteLine("CosClientException: " + clientEx);
    }
    catch (COSXML.CosException.CosServerException serverEx)
    {
      // Request failed
      Console.WriteLine("CosServerException: " + serverEx.GetInfo());
    }

    Note:

    For more samples, please visit GitHub.

    Querying an object ACL

    API description

    This API is used to query the ACL of an object.

    Sample code

    try
    {
      string bucket = "examplebucket-1250000000"; // Bucket name in the format: BucketName-APPID
      string key = "exampleobject"; // Object key
      GetObjectACLRequest request = new GetObjectACLRequest(bucket, key);
      // Execute the request
      GetObjectACLResult result = cosXml.GetObjectACL(request);
      // Object ACL information
      AccessControlPolicy acl = result.accessControlPolicy;
    }
    catch (COSXML.CosException.CosClientException clientEx)
    {
      // Request failed
      Console.WriteLine("CosClientException: " + clientEx);
    }
    catch (COSXML.CosException.CosServerException serverEx)
    {
      // Request failed
      Console.WriteLine("CosServerException: " + serverEx.GetInfo());
    }

    Note:

    For more samples, please visit GitHub.

    Was this page helpful?

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback
    Help