ACL for Buckets
This document provides instructions to Manage ACL for Buckets using the AWS CLI command-line tool. Additionally, these tasks can also be performed using the web console and IONOS S3 Object Storage API.
Use the following keys to define access permissions:
--grant-read
: Grants read-only access.--grant-write
: Grants write-only access.--grant-read-acp
: Grants permission to read the Access Control List.--grant-write-acp
: Grants permission to modify the Access Control List.--grant-full-control
: Grants full access, encompassing the permissions listed above (read, write, read ACL, and write ACL).
Grant access permission to another user
To grant full control of my-bucket
to a user with a specific Canonical user ID:
To separate grants with a comma if you want to specify multiple IDs:
To grant full control of my-bucket
to multiple users using Canonical user ID:
To grant full control of my-bucket
by using an email address
instead of Canonical User ID:
Retrieve the ACL of a bucket and save it to the file acl.json
:
To edit the file, for example, remove or add some grants and apply updated ACL to the bucket:
Use the following values for the --acl
key:
private
removes public access.public-read
allows public read-only access.public-read-write
allows public read/write access.authenticated-read
allows read-only access to all authenticated users of IONOS S3 Object storage (including ones out of your contract).
Public access
To allow public read-only access to the bucket:
To remove public access to the bucket:
Grant access permission to Log Delivery Group
To set WRITE
and READ_ACP
permissions for the Log Delivery Group which is required before enabling the Logging feature for a bucket:
Last updated
Was this helpful?