User Guides Developer Reference Support FAQs Log in

Manage ACL for Objects

You can manage ACL permission for objects through the web console, IONOS S3 Object Storage API, or the CLI.

Note: Due to the granularity limitations and the complexity of managing permissions across a large scale of resources and users, we recommend using Bucket Policy instead of ACLs.

ACL permission for objects

The following table shows the ACL permissions that you can configure for objects in a bucket in the IONOS S3 Object Storage:

These permissions are applied at individual object levels offering a high granularity in access control.

Note: For security, granting some of the access permissions such as Public access WRITE_ACP and Authenticated users WRITE_ACP is possible only through an API Call.

Web console

To manage ACL for objects using the web console, follow these steps:

Prerequisites:

— Make sure the user ID of the grantee is known. For more information, see Retrieve User ID.

— The grantee should already exist. If not, create a user and retrieve the Canonical User ID by following the steps in Retrieve the user ID of a new user.

1. In the DCD, go to Menu > Storage > IONOS S3 Object Storage.

2. From the drop-down list in the Buckets tab, choose either Show user-owned buckets or Show contract-owned buckets, depending on the bucket type you want to view.

3. From the Buckets list, choose the bucket under which the object ACL to be modified exists.

4. From the Objects list, choose the object for which ACL permissions must be modified.

5. From the Object Settings, go to the Access Control List (ACL).

6. Depending on the Bucket Types, manage the object access permissions as follows:

  • Select the checkboxes against the access permissions to grant at each user level such as specific or all users of another contract, all users of a group, and authenticated users of a group. For more information, see ACL permission for objects.

  • Add grantees to provide additional users with access permission to the contract-owned bucket's objects.

    • In the Additional Grantees section, enter the retrieved Contract Number of the grantee.

    • Select the checkboxes on the object ACL permissions to grant, and click Add.

7. Click Save to apply ACL permissions and add the grantee to the object.

Result: The object ACL permissions are successfully applied to the object.

IONOS S3 Object Storage API

Use the API to manage object ACL permissions.

CLI

Use CLI to manage ACL permission for objects.

PreviousManage ACL for BucketsNextLogging

Last updated