- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Bucket Management
- Bucket Overview
- Creating a Bucket
- Deleting a Bucket
- Querying Buckets
- Emptying a Bucket
- Setting Access Permission
- Setting Bucket Encryption
- Setting Hotlink Protection
- Setting Origin-Pull
- Setting CORS
- Setting Versioning
- Setting Up a Static Website
- Setting Lifecycle
- Setting Logging
- Accessing Bucket List Using Sub-Account
- Adding a Bucket Policy
- Setting Log Analysis
- Setting INTELLIGENT TIERING
- Setting Inventory
- Domain Name Management
- Setting Bucket Tags
- Setting Cross-Bucket Replication
- Enabling Global Acceleration
- Object Management
- Uploading Objects
- Downloading Objects
- Copying Objects
- Viewing Object Information
- Searching for Objects
- Sorting and Filtering Objects
- Direct Upload to ARCHIVE
- Modifying Storage Classes
- Deleting Incomplete Multipart Uploads
- Setting Object Access Permission
- Setting Object Encryption
- Custom Headers
- Deleting Objects
- Restoring Archived Objects
- Folder Management
- Data Extraction
- Setting Object Tags
- Exporting Object URLs
- Restoring a Historical Object Version
- Batch Operation
- Monitoring Reports
- Data Processing
- Data Processing Workflow
- Application Integration
- User Tools
- Tool Overview
- Installation and Configuration of Environment
- COSBrowser
- COSCLI (Beta)
- COSCLI Overview
- Download and Installation Configuration
- Common Options
- Common Commands
- Generating and Modifying Configuration Files - config
- Creating a Bucket - mb
- Deleting a Bucket - rb
- Tagging Bucket - bucket-tagging
- Querying Bucket/Object List - ls
- Obtaining Statistics on Different Types of Objects - du
- Uploading/Downloading/Copying Objects - cp
- Syncing Upload/Download/Copy - sync
- Deleting Objects - rm
- Getting File Hash Value - hash
- Listing Incomplete Multipart Uploads - lsparts
- Clearing Incomplete Multipart Uploads - abort
- Restoring Archived Objects - restore
- Getting Pre-signed URL - signurl
- FAQs
- COSCMD
- COS Migration
- FTP Server
- COSFS
- Hadoop
- COSDistCp
- Hadoop-cos-DistChecker
- HDFS TO COS
- Online Auxiliary Tools
- Diagnostic Tool
- GooseFS
- Overview
- Update Log
- Getting Started
- Key Features
- Deployment Guide
- OPS Guide
- Data Security
- GooseFS on TKE Cloud Native Practices
- Quick Start
- Using GooseFS as Fluid Dataset Runtime
- Multi-Master Node Deployment
- Multiple-Master Affinity Scheduling
- Accelerating Data in COS
- Global Client Deployment
- Using Parameters for Encryption
- Manual Scaling
- Data Caching and Metadata Caching
- Data Affinity Scheduling
- Data Scheduling Based on Tolerations and Taints
- Data Preloading
- Deploying Multiple Datasets on the Same Cluster via Placement
- Best Practice
- Overview
- Access Control and Permission Management
- ACL Practices
- Cloud Access Management Practices
- Granting Sub-accounts Access to COS
- Authorization Cases
- Working with COS API Authorization Policies
- Security Guidelines for Using Temporary Credentials for Direct Upload from Frontend to COS
- Generating and Using Temporary Keys
- Grant Sub-account Permissions to Pull Tag List
- Descriptions and Use Cases of Condition Keys
- Granting Sub-account Under One Root Account Permission to Manipulate Buckets Under Another Root Account
- Performance Optimization
- Data Migration
- Accessing COS Using the AWS S3 SDK
- Data Disaster Recovery and Backup
- Direct Data Upload
- Domain Name Management Practice
- Audio/Video Practices
- Data Security
- Data Verification
- Big Data Practice
- Custom Processing
- Using COS in the Third-party Applications
- Using APIs to Zip Files
- Using APIs to Merge Files
- Developer Guide
- Creating Request
- Bucket
- Object
- Data Management
- Data Disaster Recovery
- Data Security
- Cloud Access Management
- Batch Operation
- Global Acceleration
- Data Processing
- Metadata Acceleration
- Data Workflow
- Monitoring and Alarms
- Troubleshooting
- API Documentation
- Introduction
- Common Request Headers
- Common Response Headers
- Error Codes
- Request Signature
- Operation List
- Service APIs
- Bucket APIs
- Basic Operations
- Access Control List (acl)
- Cross-Origin Resource Sharing (cors)
- Lifecycle
- Bucket Policy (policy)
- Hotlink Protection (referer)
- Tag (tagging)
- Static Website (website)
- Intelligent Tiering
- Bucket inventory(inventory)
- Versioning
- Cross-Bucket Replication(replication)
- Log Management(logging)
- Global Acceleration (Accelerate)
- Bucket Encryption (encryption)
- Custom Domain Name (Domain)
- Object APIs
- Batch Operation APIs
- Data Processing APIs
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotation
- Converting Format
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Grayscale Image
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Limiting Output Image Size
- Pipeline Operators
- Image Advanced Compression
- Persistent Image Processing
- Image Compression
- Basic Image Processing
- Media Processing
- Image Processing
- Job and Workflow
- Common Request Headers
- Common Response Headers
- Error Codes
- Workflow APIs
- Job APIs
- Media Processing
- Submitting Media Processing Job
- Submitting Video-to-Animated Image Conversion Job
- Submitting Video Splicing Job
- Submitting Audio Noise Cancellation Job
- Submitting SDR-to-HDR Job
- Submitting Remuxing Job
- Submitting Screenshot Job
- Submitting Super Resolution Job
- Submitting Video Transcoding Job
- Submitting Text-to-Speech Job
- Submitting Video Montage Job
- Submitting Video Enhancement Job
- Submitting Video Tagging Job
- Submitting Voice/Sound Separation Job
- Canceling Media Processing Job
- Querying Media Processing Job
- Media Processing Job Callback
- Video-to-Animated Image Conversion
- Audio/Video Splicing
- Adding Digital Watermark
- Extracting Digital Watermark
- Getting Media Information
- Noise Cancellation
- Video Quality Scoring
- SDRtoHDR
- Remuxing (Audio/Video Segmentation)
- Intelligent Thumbnail
- Frame Capturing
- Super Resolution
- Audio/Video Transcoding
- Text to Speech
- Video Montage
- Video Enhancement
- Video Tagging
- Voice/Sound Separation
- Submitting Media Processing Job
- Image Processing
- AI-Based Content Recognition
- Media Processing
- Template APIs
- Media Processing
- Creating Media Processing Template
- Updating Media Processing Template
- Updating Animated Image Template
- Updating Splicing Template
- Updating Top Speed Codec Transcoding Template
- Updating Screenshot Template
- Updating Super Resolution Template
- Updating Audio/Video Transcoding Template
- Updating Professional Transcoding Template
- Updating Text-to-Speech Template
- Updating Video Montage Template
- Updating Video Enhancement Template
- Updating Voice/Sound Separation Template
- Media Processing
- Callback Content
- SDK Documentation
- SDK Overview
- Preparations
- Android SDK
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Generating Pre-Signed URLs
- Configuring Preflight Requests for Cross-origin Access
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Getting Started
- Quick Experience
- Bucket Operations
- Remote Disaster Recovery
- Data Management
- Cloud Access Management
- Data Verification
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Object Operations
- C SDK
- C++ SDK
- .NET(C#) SDK
- Getting Started
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Restoring Archived Objects
- Querying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Configuring Preflight Requests for Cross-Origin Access
- Server-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Cross-Region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Backward Compatibility
- Go SDK
- iOS SDK
- Getting Started
- Quick Experience
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Listing Objects
- Copying and Moving Objects
- Extracting Object Content
- Checking Whether an Object Exists
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Server-Side Encryption
- Object Access URL
- Generating Pre-Signed URL
- Configuring CORS Preflight Requests
- Cross-region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Java SDK
- Getting Started
- FAQs
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Generating Pre-Signed URL
- Restoring Archived Objects
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Data Management
- Cross-Region Disaster Recovery
- Cloud Access Management
- Image Processing
- Media Processing
- Troubleshooting
- Setting Access Domain Names (CDN/Global Acceleration)
- JavaScript SDK
- Node.js SDK
- PHP SDK
- Python SDK
- Getting Started
- Bucket Operations
- Bucket Management
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Restoring Archived Objects
- Extracting Object Content
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Data Management
- Cloud Access Management
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Image Processing
- Mini Program SDK
- Error Codes
- FAQs
- COS Service Level Agreement
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Bucket Management
- Bucket Overview
- Creating a Bucket
- Deleting a Bucket
- Querying Buckets
- Emptying a Bucket
- Setting Access Permission
- Setting Bucket Encryption
- Setting Hotlink Protection
- Setting Origin-Pull
- Setting CORS
- Setting Versioning
- Setting Up a Static Website
- Setting Lifecycle
- Setting Logging
- Accessing Bucket List Using Sub-Account
- Adding a Bucket Policy
- Setting Log Analysis
- Setting INTELLIGENT TIERING
- Setting Inventory
- Domain Name Management
- Setting Bucket Tags
- Setting Cross-Bucket Replication
- Enabling Global Acceleration
- Object Management
- Uploading Objects
- Downloading Objects
- Copying Objects
- Viewing Object Information
- Searching for Objects
- Sorting and Filtering Objects
- Direct Upload to ARCHIVE
- Modifying Storage Classes
- Deleting Incomplete Multipart Uploads
- Setting Object Access Permission
- Setting Object Encryption
- Custom Headers
- Deleting Objects
- Restoring Archived Objects
- Folder Management
- Data Extraction
- Setting Object Tags
- Exporting Object URLs
- Restoring a Historical Object Version
- Batch Operation
- Monitoring Reports
- Data Processing
- Data Processing Workflow
- Application Integration
- User Tools
- Tool Overview
- Installation and Configuration of Environment
- COSBrowser
- COSCLI (Beta)
- COSCLI Overview
- Download and Installation Configuration
- Common Options
- Common Commands
- Generating and Modifying Configuration Files - config
- Creating a Bucket - mb
- Deleting a Bucket - rb
- Tagging Bucket - bucket-tagging
- Querying Bucket/Object List - ls
- Obtaining Statistics on Different Types of Objects - du
- Uploading/Downloading/Copying Objects - cp
- Syncing Upload/Download/Copy - sync
- Deleting Objects - rm
- Getting File Hash Value - hash
- Listing Incomplete Multipart Uploads - lsparts
- Clearing Incomplete Multipart Uploads - abort
- Restoring Archived Objects - restore
- Getting Pre-signed URL - signurl
- FAQs
- COSCMD
- COS Migration
- FTP Server
- COSFS
- Hadoop
- COSDistCp
- Hadoop-cos-DistChecker
- HDFS TO COS
- Online Auxiliary Tools
- Diagnostic Tool
- GooseFS
- Overview
- Update Log
- Getting Started
- Key Features
- Deployment Guide
- OPS Guide
- Data Security
- GooseFS on TKE Cloud Native Practices
- Quick Start
- Using GooseFS as Fluid Dataset Runtime
- Multi-Master Node Deployment
- Multiple-Master Affinity Scheduling
- Accelerating Data in COS
- Global Client Deployment
- Using Parameters for Encryption
- Manual Scaling
- Data Caching and Metadata Caching
- Data Affinity Scheduling
- Data Scheduling Based on Tolerations and Taints
- Data Preloading
- Deploying Multiple Datasets on the Same Cluster via Placement
- Best Practice
- Overview
- Access Control and Permission Management
- ACL Practices
- Cloud Access Management Practices
- Granting Sub-accounts Access to COS
- Authorization Cases
- Working with COS API Authorization Policies
- Security Guidelines for Using Temporary Credentials for Direct Upload from Frontend to COS
- Generating and Using Temporary Keys
- Grant Sub-account Permissions to Pull Tag List
- Descriptions and Use Cases of Condition Keys
- Granting Sub-account Under One Root Account Permission to Manipulate Buckets Under Another Root Account
- Performance Optimization
- Data Migration
- Accessing COS Using the AWS S3 SDK
- Data Disaster Recovery and Backup
- Direct Data Upload
- Domain Name Management Practice
- Audio/Video Practices
- Data Security
- Data Verification
- Big Data Practice
- Custom Processing
- Using COS in the Third-party Applications
- Using APIs to Zip Files
- Using APIs to Merge Files
- Developer Guide
- Creating Request
- Bucket
- Object
- Data Management
- Data Disaster Recovery
- Data Security
- Cloud Access Management
- Batch Operation
- Global Acceleration
- Data Processing
- Metadata Acceleration
- Data Workflow
- Monitoring and Alarms
- Troubleshooting
- API Documentation
- Introduction
- Common Request Headers
- Common Response Headers
- Error Codes
- Request Signature
- Operation List
- Service APIs
- Bucket APIs
- Basic Operations
- Access Control List (acl)
- Cross-Origin Resource Sharing (cors)
- Lifecycle
- Bucket Policy (policy)
- Hotlink Protection (referer)
- Tag (tagging)
- Static Website (website)
- Intelligent Tiering
- Bucket inventory(inventory)
- Versioning
- Cross-Bucket Replication(replication)
- Log Management(logging)
- Global Acceleration (Accelerate)
- Bucket Encryption (encryption)
- Custom Domain Name (Domain)
- Object APIs
- Batch Operation APIs
- Data Processing APIs
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotation
- Converting Format
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Grayscale Image
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Limiting Output Image Size
- Pipeline Operators
- Image Advanced Compression
- Persistent Image Processing
- Image Compression
- Basic Image Processing
- Media Processing
- Image Processing
- Job and Workflow
- Common Request Headers
- Common Response Headers
- Error Codes
- Workflow APIs
- Job APIs
- Media Processing
- Submitting Media Processing Job
- Submitting Video-to-Animated Image Conversion Job
- Submitting Video Splicing Job
- Submitting Audio Noise Cancellation Job
- Submitting SDR-to-HDR Job
- Submitting Remuxing Job
- Submitting Screenshot Job
- Submitting Super Resolution Job
- Submitting Video Transcoding Job
- Submitting Text-to-Speech Job
- Submitting Video Montage Job
- Submitting Video Enhancement Job
- Submitting Video Tagging Job
- Submitting Voice/Sound Separation Job
- Canceling Media Processing Job
- Querying Media Processing Job
- Media Processing Job Callback
- Video-to-Animated Image Conversion
- Audio/Video Splicing
- Adding Digital Watermark
- Extracting Digital Watermark
- Getting Media Information
- Noise Cancellation
- Video Quality Scoring
- SDRtoHDR
- Remuxing (Audio/Video Segmentation)
- Intelligent Thumbnail
- Frame Capturing
- Super Resolution
- Audio/Video Transcoding
- Text to Speech
- Video Montage
- Video Enhancement
- Video Tagging
- Voice/Sound Separation
- Submitting Media Processing Job
- Image Processing
- AI-Based Content Recognition
- Media Processing
- Template APIs
- Media Processing
- Creating Media Processing Template
- Updating Media Processing Template
- Updating Animated Image Template
- Updating Splicing Template
- Updating Top Speed Codec Transcoding Template
- Updating Screenshot Template
- Updating Super Resolution Template
- Updating Audio/Video Transcoding Template
- Updating Professional Transcoding Template
- Updating Text-to-Speech Template
- Updating Video Montage Template
- Updating Video Enhancement Template
- Updating Voice/Sound Separation Template
- Media Processing
- Callback Content
- SDK Documentation
- SDK Overview
- Preparations
- Android SDK
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Generating Pre-Signed URLs
- Configuring Preflight Requests for Cross-origin Access
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Getting Started
- Quick Experience
- Bucket Operations
- Remote Disaster Recovery
- Data Management
- Cloud Access Management
- Data Verification
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Object Operations
- C SDK
- C++ SDK
- .NET(C#) SDK
- Getting Started
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Restoring Archived Objects
- Querying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Configuring Preflight Requests for Cross-Origin Access
- Server-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Cross-Region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Backward Compatibility
- Go SDK
- iOS SDK
- Getting Started
- Quick Experience
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Listing Objects
- Copying and Moving Objects
- Extracting Object Content
- Checking Whether an Object Exists
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Server-Side Encryption
- Object Access URL
- Generating Pre-Signed URL
- Configuring CORS Preflight Requests
- Cross-region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Java SDK
- Getting Started
- FAQs
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Generating Pre-Signed URL
- Restoring Archived Objects
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Data Management
- Cross-Region Disaster Recovery
- Cloud Access Management
- Image Processing
- Media Processing
- Troubleshooting
- Setting Access Domain Names (CDN/Global Acceleration)
- JavaScript SDK
- Node.js SDK
- PHP SDK
- Python SDK
- Getting Started
- Bucket Operations
- Bucket Management
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Restoring Archived Objects
- Extracting Object Content
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Data Management
- Cloud Access Management
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Image Processing
- Mini Program SDK
- Error Codes
- FAQs
- COS Service Level Agreement
- Glossary
Overview
This document provides an overview of APIs and SDK code samples related to the access control lists (ACLs) for buckets and objects.
Bucket ACL
| API | Operation | Description |
|---|---|---|
| PUT Bucket acl | Setting a bucket ACL | Sets an ACL for a bucket |
| GET Bucket acl | Querying a bucket ACL | Queries the ACL of a bucket |
Object ACL
| API | Operation | Description |
|---|---|---|
| PUT Object acl | Setting an object ACL | Sets an ACL for an object (file) in a bucket |
| GET Object acl | Querying an object ACL | Queries the ACL of an object (file) |
Bucket ACL
Setting a bucket ACL
Description
This API is used to set the access control list (ACL) of a specified bucket.
Method prototype
func (s *BucketService) PutACL(ctx context.Context, opt *BucketPutACLOptions) (*Response, error)
Sample request
package main
import (
"context"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
)
func main() {
// Bucket name in the format of BucketName-APPID (APPID is required), which can be viewed in the COS console at https://console.intl.cloud.tencent.com/cos5/bucket
// Replace it with your region, which can be viewed in the COS console at https://console.intl.cloud.tencent.com/. For more information about regions, see https://intl.cloud.tencent.com/document/product/436/6224.
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
client := cos.NewClient(b, &http.Client{
Transport: &cos.AuthorizationTransport{
// Get the key from environment variables
// Environment variable `SECRETID` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretID: os.Getenv("SECRETID"),
// Environment variable `SECRETKEY` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretKey: os.Getenv("SECRETKEY"),
},
})
// 1. Configure the bucket ACL through the request header
opt := &cos.BucketPutACLOptions{
Header: &cos.ACLHeaderOptions{
// private, public-read, public-read-write
XCosACL: "private",
},
}
_, err := client.Bucket.PutACL(context.Background(), opt)
if err != nil {
panic(err)
}
// 2. Configure the bucket ACL through the request body
opt = &cos.BucketPutACLOptions{
Body: &cos.ACLXml{
Owner: &cos.Owner{
ID: "qcs::cam::uin/100000000001:uin/100000000001",
},
AccessControlList: []cos.ACLGrant{
{
Grantee: &cos.ACLGrantee{
'Type': 'CanonicalUser'|'Group',
Type: "RootAccount",
ID: "qcs::cam::uin/100000760461:uin/100000760461",
},
'Permission': 'FULL_CONTROL'|'WRITE'|'READ'
Permission: "FULL_CONTROL",
},
},
},
}
_, err = client.Bucket.PutACL(context.Background(), opt)
if err != nil {
panic(err)
}
}
Parameter description
type ACLHeaderOptions struct {
XCosACL string
XCosGrantRead string
XCosGrantWrite string
XCosGrantFullControl string
}
| Parameter | Description | Type | Required |
|---|---|---|---|
| XCosACL | Sets the bucket ACL, such as private, public-read, and public-read-write | String | No |
| XCosGrantFullControl | Grants a specified account permission to read and write a bucket. Format: id=" ",id=" ". To authorize a sub-account, use id="qcs::cam::uin/{OwnerUin}:uin/{SubUin}"; To authorize a root account, use id="qcs::cam::uin/{OwnerUin}:uin/{OwnerUin}". Example: id="qcs::cam::uin/100000000001:uin/100000000011",id="qcs::cam::uin/100000000001:uin/100000000001" |
string | No |
| XCosGrantRead | Grants a specified account permission to read a bucket. Format: id=" ",id=" ". To authorize a sub-account, use id="qcs::cam::uin/{OwnerUin}:uin/{SubUin}"; To authorize a root account, use id="qcs::cam::uin/{OwnerUin}:uin/{OwnerUin}". Example: id="qcs::cam::uin/100000000001:uin/100000000011",id="qcs::cam::uin/100000000001:uin/100000000001" |
string | No |
| XCosGrantWrite | Grants a specified account permission to write to a bucket. Format: id=" ",id=" ". To authorize a sub-account, use id="qcs::cam::uin/{OwnerUin}:uin/{SubUin}"; To authorize a root account, use id="qcs::cam::uin/{OwnerUin}:uin/{OwnerUin}". Example: id="qcs::cam::uin/100000000001:uin/100000000011",id="qcs::cam::uin/100000000001:uin/100000000001" |
string | No |
| ACLXML | Grants a specified account access permission for a bucket. For more information on the format, see the response description of Get Bucket acl. |
struct | No |
Querying a bucket ACL
Description
This API is used to query the ACL of a specified bucket.
Method prototype
func (s *BucketService) GetACL(ctx context.Context) (*BucketGetACLResult, *Response, error)
Sample request
package main
import (
"context"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
)
func main() {
// Bucket name in the format of BucketName-APPID (APPID is required), which can be viewed in the COS console at https://console.intl.cloud.tencent.com/cos5/bucket
// Replace it with your region, which can be viewed in the COS console at https://console.intl.cloud.tencent.com/. For more information about regions, see https://intl.cloud.tencent.com/document/product/436/6224.
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
client := cos.NewClient(b, &http.Client{
Transport: &cos.AuthorizationTransport{
// Get the key from environment variables
// Environment variable `SECRETID` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretID: os.Getenv("SECRETID"),
// Environment variable `SECRETKEY` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretKey: os.Getenv("SECRETKEY"),
},
})
_, _, err := client.Bucket.GetACL(context.Background())
if err != nil {
panic(err)
}
}
Response description
The result of the request is returned through GetBucketACLResult.
type ACLXml struct {
Owner *Owner
AccessControlList []ACLGrant
}
type Owner struct {
ID string
DisplayName string
}
type ACLGrant struct {
Grantee *ACLGrantee
Permission string
}
type ACLGrantee struct {
Type string
ID string
DisplayName string
URI string
}
| Parameter | Description | Type |
|---|---|---|
| Owner | Information on the bucket owner, including DisplayName and ID |
struct |
| AccessControlList | Information on the authorized user granted with bucket permissions, including Grantee and Permission |
struct |
| Grantee | Information on the grantees, including DisplayName, Type, ID and URI |
struct |
| Type | Type of grantee. Valid values: CanonicalUser and Group |
string |
| ID | ID of the grantee when Type is CanonicalUser, in the format of qcs::cam::uin/[OwnerUin]:uin/[OwnerUin], for example, qcs::cam::uin/100000000001:uin/100000000001. This parameter is required when Type is CanonicalUser |
string |
| DisplayName | Name of the grantee. This parameter can be left empty or be consistent with the value of ID |
string |
| URI | URI of the preset user group when Type is Group, for example, http://cam.qcloud.com/groups/global/AllUsers. For more information, please see ACL Overview |
string |
| Permission | Bucket permission granted. Valid values: FULL_CONTROL (read and write), WRITE, and READ |
string |
Object ACL
Setting an object ACL
Description
This API is used to set an ACL for an object.
Method prototype
func (s *ObjectService) PutACL(ctx context.Context, key string, opt *ObjectPutACLOptions) (*Response, error)
Sample request
package main
import (
"context"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
)
func main() {
// Bucket name in the format of BucketName-APPID (APPID is required), which can be viewed in the COS console at https://console.intl.cloud.tencent.com/cos5/bucket
// Replace it with your region, which can be viewed in the COS console at https://console.intl.cloud.tencent.com/. For more information about regions, see https://intl.cloud.tencent.com/document/product/436/6224.
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
client := cos.NewClient(b, &http.Client{
Transport: &cos.AuthorizationTransport{
// Get the key from environment variables
// Environment variable `SECRETID` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretID: os.Getenv("SECRETID"),
// Environment variable `SECRETKEY` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretKey: os.Getenv("SECRETKEY"),
},
})
// 1. Configure through the request header
opt := &cos.ObjectPutACLOptions{
Header: &cos.ACLHeaderOptions{
XCosACL: "private",
},
}
key := "exampleobject"
_, err := client.Object.PutACL(context.Background(), key, opt)
if err != nil {
panic(err)
}
// 2. Configure through the request body
opt = &cos.ObjectPutACLOptions{
Body: &cos.ACLXml{
Owner: &cos.Owner{
ID: "qcs::cam::uin/100000000001:uin/100000000001",
},
AccessControlList: []cos.ACLGrant{
{
Grantee: &cos.ACLGrantee{
Type: "RootAccount",
ID: "qcs::cam::uin/100000760461:uin/100000760461",
},
Permission: "FULL_CONTROL",
},
},
},
}
_, err = client.Object.PutACL(context.Background(), key, opt)
if err != nil {
panic(err)
}
}
Parameter description
type ACLHeaderOptions struct {
XCosACL string
XCosGrantRead string
XCosGrantWrite string
XCosGrantFullControl string
}
| Parameter | Description | Type | Required |
|---|---|---|---|
| key | Object key, unique identifier of an object in a bucket. For example, if the object endpoint is examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com/doc/pic.jpg, its object key is doc/pic.jpg |
String | Yes |
| XCosACL | Sets the object ACL, such as private, public-read | string | No |
| XCosGrantFullControl | Grants full permission in the format: id="[OwnerUin]" |
String | No |
| XCosGrantRead | Grants read permission in the format: id="[OwnerUin]" | String | No |
| ACLXML | Grants the specified account bucket access permission. For more information on the format, see the response to the "GET object acl" request. | struct | No |
Querying an object ACL
Description
This API is used to query the ACL of an object.
Method prototype
func (s *ObjectService) GetACL(ctx context.Context, key string) (*ObjectGetACLResult, *Response, error)
Sample request
package main
import (
"context"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
)
func main() {
// Bucket name in the format of BucketName-APPID (APPID is required), which can be viewed in the COS console at https://console.intl.cloud.tencent.com/cos5/bucket
// Replace it with your region, which can be viewed in the COS console at https://console.intl.cloud.tencent.com/. For more information about regions, see https://intl.cloud.tencent.com/document/product/436/6224.
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
client := cos.NewClient(b, &http.Client{
Transport: &cos.AuthorizationTransport{
// Get the key from environment variables
// Environment variable `SECRETID` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretID: os.Getenv("SECRETID"),
// Environment variable `SECRETKEY` refers to the user's SecretId, which can be viewed at https://console.intl.cloud.tencent.com/cam/capi
SecretKey: os.Getenv("SECRETKEY"),
},
})
key := "exampleobject"
_, _, err := client.Object.GetACL(context.Background(), key)
if err != nil {
panic(err)
}
}
Parameter description
| Parameter | Description | Type | Required |
|---|---|---|---|
| key | Object key, the unique identifier of an object in a bucket. For example, if the object endpoint is examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com/doc/pic.jpg, its object key is doc/pic.jpg |
string | Yes |
Response description
type ACLXml struct {
Owner *Owner
AccessControlList []ACLGrant
}
type Owner struct {
ID string
DisplayName string
}
type ACLGrant struct {
Grantee *ACLGrantee
Permission string
}
type ACLGrantee struct {
Type string
ID string
DisplayName string
URI string
}
| Parameter | Description | Type |
|---|---|---|
| Owner | Information on the bucket owner, including DisplayName and ID |
struct |
| AccessControlList | Information on the authorized user granted with bucket permissions, including Grantee and Permission |
struct |
| Grantee | Information on the grantees, including DisplayName, Type, ID and URI |
struct |
| Type | Type of grantee. Valid values: CanonicalUser and Group |
string |
| ID | ID of the grantee when Type is CanonicalUser, in the format of qcs::cam::uin/[OwnerUin]:uin/[OwnerUin], for example, qcs::cam::uin/100000000001:uin/100000000001. This parameter is required when Type is CanonicalUser |
string |
| DisplayName | Name of the grantee. This parameter can be left empty or be consistent with the value of ID |
string |
| URI | URI of the preset user group when Type is Group, for example, http://cam.qcloud.com/groups/global/AllUsers. For more information, please see ACL Overview |
string |
| Permission | Bucket permission granted. Valid values: FULL_CONTROL (read and write), WRITE, and READ |
string |
Ya
Tidak
Apakah halaman ini membantu?