ACL for Objects

This document provides instructions to Manage ACL for Objects using the AWS CLI. Additionally, these tasks can also be performed using the DCD and IONOS S3 Object Storage API.

Prerequisites:

Use the following keys to define access permissions:

  • --grant-read: Grants read-only access.

  • --grant-write: Grants write-only access.

  • --grant-read-acp: Grants permission to read the Access Control List.

  • --grant-write-acp: Grants permission to modify the Access Control List.

  • --grant-full-control: Grants full access, encompassing the permissions listed above (read, write, read ACL, and write ACL).

Use --key to specify the object for granting access:

aws s3api put-object-acl --bucket MY-BUCKET --key my-object.txt --grant-full-control id=CANONICAL_USER_ID --endpoint-url https://s3.eu-central-2.ionoscloud.com

Use the following values for the --acl key:

  • private removes public access.

  • public-read allows public read-only access.

  • public-read-write allows public read/write access.

  • authenticated-read allows read-only access to all authenticated users of IONOS S3 Object storage (including ones out of your contract).

Allow public read-only access to the object:

aws s3api put-object-acl --bucket MY-BUCKET --acl public-read --endpoint-url https://s3.eu-central-2.ionoscloud.com

Remove public access from the object:

aws s3api put-object-acl --bucket MY-BUCKET --acl private --endpoint-url https://s3.eu-central-2.ionoscloud.com

Last updated

Revision created

commented latest release