ACL for Objects

This document provides instructions to Manage ACL for Objects using the AWS CLI command-line tool. Additionally, these tasks can also be performed using the web console and IONOS S3 Object Storage API.

Prerequisites:

Set up the AWS CLI by following the installation instructions.
Make sure to consider the supported S3 Endpoints for object upload.

Use the following keys to define access permissions:

--grant-read: Grants read-only access.
--grant-write: Grants write-only access.
--grant-read-acp: Grants permission to read the Access Control List.
--grant-write-acp: Grants permission to modify the Access Control List.
--grant-full-control: Grants full access, encompassing the permissions listed above (read, write, read ACL, and write ACL).

Use --key to specify the object for granting access:

aws s3api put-object-acl --bucket MY-BUCKET --key my-object.txt --grant-full-control id=CANONICAL_USER_ID --endpoint-url https://s3-eu-central-2.ionoscloud.com

Use the following values for the --acl key:

private removes public access.
public-read allows public read-only access.
public-read-write allows public read/write access.
authenticated-read allows read-only access to all authenticated users of IONOS S3 Object storage (including ones out of your contract).

To allow public read-only access to the object:

aws s3api put-object-acl --bucket MY-BUCKET --acl public-read --endpoint-url https://s3-eu-central-2.ionoscloud.com

To remove public access to the object:

aws s3api put-object-acl --bucket MY-BUCKET --acl private --endpoint-url https://s3-eu-central-2.ionoscloud.com

PreviousACL for Buckets NextLogging

Last updated 1 year ago

Was this helpful?