OSS supports access control list (ACL). You can configure the ACL of a bucket when you create the bucket or modify the ACL of a created bucket. If you do not set the ACL when creating a bucket, the default value Private applies.

Background information

If you modify the ACL of a bucket, the ACLs of all objects that inherit the bucket ACL change accordingly. If you do not specify the ACL of an object when it is uploaded, the object ACL inherits that of the bucket to which the object is uploaded. If you modify the bucket ACL, the object ACL synchronizes with the bucket ACL.

For more information about ACL, see ACL-based access control.

Procedure

  1. Log on to the OSS console.
  2. Click Buckets, and then click the name of the target bucket.
  3. Choose Access Control > Access Control List (ACL).
  4. Click Configure to modify the bucket ACL.
    You can set one of the following ACLs for a bucket:
    • Private: Only the owner or authorized users of this bucket can read and write objects in the bucket. Other users, including anonymous users cannot access the objects in the bucket without authorization.
    • Public Read: Only the bucket owner can perform write operations on objects in the bucket. Other users, including anonymous users, can perform only read operations on objects in the bucket.
      Warning All Internet users can access objects in the bucket. This may cause unwanted access to the data in your bucket, and cause an increase in your fees. We recommend that you proceed with caution when you set your bucket ACL to Public Read.
    • Public Read/Write: All users, including anonymous users, can read and write objects in the bucket.
      Warning All users on the Internet can access objects in the bucket and write data to the bucket. This may cause unwanted access to the data in your bucket, and cause an increase in your fees. If a user uploads prohibited data or information, it may affect your legitimate interests and rights. Therefore, if there are no special requirements, we recommend that you do not set your bucket ACL to Public Read/Write.
  5. Click Save.