Bucket permission control

Last Updated: Nov 27, 2017

OSS provides an Access Control List (ACL) for bucket-level access control. Currently, three access permissions are available for a bucket: Public Read/Write, Public Read, and Private.

PermissionAccess restrictions on visitors
Public Read/Write- Anyone (including anonymous access) can read, write, and delete the objects in the bucket.
- The fees incurred by such operations are borne by the owner of the bucket. Use this permission with caution.
Public Read- Only the owner of the bucket and the authorized users can perform write and delete operations on the objects in the bucket.
- Anyone (including anonymous access) can read the objects in the bucket.
Private- Only the owner of the bucket and the authorized users can perform read, write, and delete operations on the objects in the bucket.
- Other users cannot access objects in the bucket.

Note:

  • When a new bucket is created without a permission specified, OSS automatically sets a private permission for the bucket.
  • For an existing bucket, only the creator of the bucket can change its permissions by using the Put Bucket Acl interface provided by the OSS.
Thank you! We've received your feedback.