You can set the access control list (ACL) when creating a bucket, or modify the ACL for a created bucket based on your business needs. Only bucket owners can set or modify the ACL for buckets.

The following table describes the three types of ACLs for buckets.

ACL Description Access control
public-read-write The public-read-write permission. Anyone (including anonymous users) can perform read and write operations on the objects in the bucket.
Warning All users on the Internet can have access to the objects in the bucket and write data to the bucket. This may leak your bucket data and sharply increase your fees. If anyone maliciously writes illegal information, they may also infringe on your legitimate interests and rights. Therefore, we do recommend that you do not set your bucket ACL to public-read-write except for special needs.
public-read The public-read permission. Only the bucket owner can perform write operations on the objects in the bucket. Other users (including anonymous users) can perform only read operations on the objects in the bucket.
Warning All users on the Internet can have access to the objects in the bucket. This may leak your bucket data and sharply increase your fees. Therefore, we recommend that you set your bucket ACL to public-read with caution.
private The private permission. Only the bucket owner can perform read and write operations on the objects in the bucket. Other users have no access to the objects in the bucket.

Operating methods

Operating method Description
Console Web application, which is intuitive and easy to use
ossbrowser Graphical tool, which is easy to operate
ossutil Command-line tool, which delivers good performance
Java SDK SDK demos in various languages
Python SDK
PHP SDK
Go SDK
C SDK
.NET SDK
Node.js SDK
Ruby SDK

Reference