1 of 1

ACL for Buckets

This document provides instructions to Manage ACL for Buckets using the AWS CLI. Additionally, these tasks can also be performed using the DCD and IONOS Object Storage API.

Prerequisites:

Set up the AWS CLI by following the installation instructions.
Make sure to consider the supported .

Use the following keys to define access permissions:

--grant-read: Grants read-only access.
--grant-write: Grants write-only access.
--grant-read-acp: Grants permission to read the Access Control List.

Note: Granting access to a bucket for another IONOS user does not make the bucket appear in the user's Object Storage in the DCD due to the S3 protocol's architecture. To access the bucket, the user must utilize other , as the granted access does not translate to interface visibility.

Grant access permission to another user

Grant full control of my-bucket to a user with a specific Canonical user ID:

Separate grants with a comma if you want to specify multiple Canonical user IDs:

Grant full control of my-bucket to multiple users using their Canonical user IDs:

Grant full control of my-bucket by using an email address instead of a Canonical User ID:

Retrieve the ACL of a bucket and save it to the file acl.json:

Edit the file. For example, remove or add some grants and apply the updated ACL to the bucket:

Use the following values for the --acl key:

private removes public access.
public-read allows public read-only access.
public-read-write allows public read/write access.

Public access

Allow public read-only access to the bucket:

Remove public access to the bucket:

Grant access permission to Log Delivery Group

Set WRITE and READ_ACP permissions for the Log Delivery Group, which is required before enabling the Logging feature for a bucket: