Define Bucket ACL
Using this feature, you can determine the bucket's ACL.
Components
- Credentials
- Bucket Name
- Bucket's ACL
Bucket's ACL
It specifies access levels to your bucket.
Possible ACLs:
- Private
- Public-Read
- .NET
- PHP
- Python
- Javascript
- GO
using Amazon;
using Amazon.S3;
using Amazon.S3.Model;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
namespace PutBucketAcl
{
class PutBucketAcl
{
private const string bucketName = "<BUCKET_NAME>";
private const string acl = "private"; // private or public-read
private static IAmazonS3 _s3Client;
public static void Main()
{
var awsCredentials = new Amazon.Runtime.BasicAWSCredentials("<ACCESS-KEY>", "<SECRET-KEY>");
var config = new AmazonS3Config { ServiceURL = "<ENDPOINT>" };
_s3Client = new AmazonS3Client(awsCredentials, config);
PutBucketAclAsync().Wait();
}
private static async Task PutBucketAclAsync()
{
try
{
// Set a new ACL.
PutACLResponse response = await _s3Client.PutACLAsync(new PutACLRequest
{
BucketName = bucketName,
CannedACL = acl == "private" ? S3CannedACL.Private : S3CannedACL.PublicRead, // S3CannedACL.PublicRead or S3CannedACL.Private
});
Console.WriteLine($"Access-list {acl} added to {bucketName} bucket");
}
catch (AmazonS3Exception amazonS3Exception)
{
Console.WriteLine("An AmazonS3Exception was thrown. Exception: " + amazonS3Exception.ToString());
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.ToString());
}
}
}
}
<?php
require('client.php');
$bucket = $config['sample_bucket'];
// Sets the permissions on a bucket using access control lists (ACL).
$params = [
'ACL' => 'public-read',
'Bucket' => $bucket,
];
try {
$resp = $client->putBucketAcl($params);
echo "Succeed in setting bucket ACL.\n";
} catch (AwsException $e) {
// Display error message
echo $e->getMessage();
echo "\n";
}
import boto3
import logging
from botocore.exceptions import ClientError
# Configure logging
logging.basicConfig(level=logging.INFO)
try:
# S3 resource
s3_resource = boto3.resource(
's3',
endpoint_url='endpoint_url',
aws_access_key_id='access_key',
aws_secret_access_key='secret_key'
)
except Exception as exc:
logging.error(exc)
else:
try:
bucket_name = 'bucket_name'
bucket_acl = s3_resource.BucketAcl(bucket_name)
bucket_acl.put(ACL='private') # ACL='private'|'public-read'|'public-read-write'
except ClientError as e:
logging.error(e)
// Import required AWS SDK clients and commands for Node.js
const { S3Client, PutBucketAclCommand } = require('@aws-sdk/client-s3');
// Create an S3 client service object
const s3 = new S3Client({
region: 'default',
endpoint: 'endpoint_url',
credentials: {
accessKeyId: 'access_key',
secretAccessKey: 'secret_key',
},
});
const run = async () => {
try {
const response = await s3.send(
new PutBucketAclCommand({
Bucket: 'sample_bucket',
ACL: 'private', // 'private' | 'public-read'
})
);
console.log('Success', response);
} catch (err) {
console.log('Error', err);
}
};
run();
package main
import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/s3"
"fmt"
"os"
)
// Allows person with EMAIL address PERMISSION access to BUCKET
// If PERMISSION is missing, they get READ access.
//
// Usage:
// go run s3_put_bucket_acl.go BUCKET ACL
func main() {
if len(os.Args) != 3 {
exitErrorf("Bucket name and ACL name required\nUsage: go run", os.Args[0], "BUCKET", os.Args[1], "ACL")
}
bucket := os.Args[1]
acl := os.Args[2]
if !(acl == "private" || acl == "public-read") {
fmt.Println("Illegal acl value. It must be one of:")
fmt.Println("private or public-read")
os.Exit(1)
}
sess, err := session.NewSession(&aws.Config{
Credentials: credentials.NewStaticCredentials("<ACCESS_KEY>", "<SECRET_KEY>", ""),
})
svc := s3.New(sess, &aws.Config{
Region: aws.String("default"),
Endpoint: aws.String("<ENDPOINT_URL>"),
})
params := &s3.PutBucketAclInput{
Bucket: &bucket,
ACL: aws.String(acl),
}
// Set bucket ACL
_, err = svc.PutBucketAcl(params)
if err != nil {
exitErrorf(err.Error())
}
fmt.Println("Congratulations. You put", acl, "permissions to bucket", bucket)
}
func exitErrorf(msg string, args ...interface{}) {
fmt.Fprintf(os.Stderr, msg+"\n", args...)
os.Exit(1)
}
The following command can be used to execute the aforementioned code, presuming the code file is called s3_put_bucket_acl.go:
go run s3_put_bucket_acl.go BUCKET ACL