ACL for Objects

This document provides instructions to Manage ACL for Objects using the AWS CLI command-line tool. Additionally, these tasks can also be performed using the web console and IONOS S3 Object Storage API.

Prerequisites:

Use the following keys to define access permissions:

  • --grant-read: Grants read-only access.

  • --grant-write: Grants write-only access.

  • --grant-read-acp: Grants permission to read the Access Control List.

  • --grant-write-acp: Grants permission to modify the Access Control List.

  • --grant-full-control: Grants full access, encompassing the permissions listed above (read, write, read ACL, and write ACL).

Use --key to specify the object for granting access:

aws s3api put-object-acl --bucket MY-BUCKET --key my-object.txt --grant-full-control id=CANONICAL_USER_ID --endpoint-url https://s3-eu-central-2.ionoscloud.com

Use the following values for the --acl key:

  • private removes public access.

  • public-read allows public read-only access.

  • public-read-write allows public read/write access.

  • authenticated-read allows read-only access to all authenticated users of IONOS S3 Object storage (including ones out of your contract).

To allow public read-only access to the object:

aws s3api put-object-acl --bucket MY-BUCKET --acl public-read --endpoint-url https://s3-eu-central-2.ionoscloud.com

To remove public access to the object:

aws s3api put-object-acl --bucket MY-BUCKET --acl private --endpoint-url https://s3-eu-central-2.ionoscloud.com

Last updated

Revision created

fixed broken links