PUT Bucket policy

Last updated: 2021-07-27 16:00:43

    Overview

    This API is used to write a permission policy for a bucket. The policy passed in this API will overwrite the existing one (if any) in the bucket.

    You are advised to use API Explorer.
    Debug
    API Explorer makes it easy to make online API calls, verify signatures, generate SDK code, search for APIs, etc. You can also use it to query the content of each request as well as its response.

    Request

    Sample request

    PUT /?policy HTTP/1.1
    Host:<BucketName-APPID>.cos.<Region>.myqcloud.com
    Date: date
    Content-Type:application/json
    Content-MD5:MD5
    Authorization: Auth String
    
    Note:

    Authorization: Auth String (See Request Signature for details.)

    Request headers

    This API only uses common request headers. For more information, please see Common Request Headers.

    Request body

    In the following sample, the root account (100000000001) grants permission to its sub-account (100000000011) to query the list of objects in the examplebucket-1250000000 bucket. For more information about the elements used in access policy settings, please see Access Policy Language Overview. For the policy-granting sample, please see Working with COS API Access Policies.

    {
    "Statement": [
      {
        "Principal": {
          "qcs": [
            "qcs::cam::uin/100000000001:uin/100000000011"
          ]
        },
        "Effect": "allow",
        "Action": [
          "name/cos:GetBucket"
        ],
        "Resource": [
          "qcs::cos:ap-guangzhou:uid/1250000000:examplebucket-1250000000/*"
        ]
      }
    ],
    "version": "2.0"
    }
    

    Response

    Response headers

    This API returns only common response headers. For more information, please see Common Response Headers.

    Response body

    The response body is empty.

    Error codes

    This API returns common error responses and error codes. For more information, please see Error Codes.

    Sample

    Request

    PUT /?policy HTTP/1.1
    Host: examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com
    Authorization:q-sign-algorithm=sha1&q-ak=AKIDWtTCBYjM5OwLB9CAwA1Qb2ThTSUj****&q-sign-time=1484813288;32557709288&q-key-time=1484813288;32557709288&q-header-list=host&q-url-param-list=policy&q-signature=05f7fc936369f910a94a0c815e1f1752f034****
    Content-Type: application/json
    Content-Length: 233
    {
    "Statement": [
      {
        "Principal": {
          "qcs": [
            "qcs::cam::uin/100000000001:uin/100000000001"
          ]
        },
        "Effect": "allow",
        "Action": [
          "name/cos:GetBucket"
        ],
        "Resource": [
          "qcs::cos:ap-guangzhou:uid/1250000000:examplebucket-1250000000/*"
        ]
      }
    ],
    "version": "2.0"
    }
    

    Response

    HTTP/1.1 204 No Content
    Content-Type: application/xml
    Content-Length: 0
    Connection: keep-alive
    Date: Thu Jan 19 16:19:22 2017
    Server: tencent-cos
    x-cos-request-id: NTg4MDc2OGFfNDUyMDRlXzc3NTlf****