Modifies the ACL for an object. Only the bucket owner who has the write permission on the requested object can perform PutObjectACL operations.
- The object ACL takes precedence over the bucket ACL. For example, if the bucket ACL is private and the object ACL is public-read-write, OSS first checks the ACL for the object when a user accesses the object. As a result, all users can access this object even if the ACL for the bucket is a private. If the ACL for an object has never been set, the ACL for this object is same as that for the bucket where the object is located.
- Read operations to an object include: the read operations to the source object in GetObject, HeadObject, CopyObject, and UploadPartCopy Write operations to an object include: the write operations on a new object in PutObject, PostObject, AppendObject, DeleteObject, DeleteMultipleObjects, CompleteMultipartUpload, and CopyObject.
- You can also include the x-oss-object-acl header in the request to set the ACL for an object when performing write operations on the object. For example, if you include the x-oss-object-acl header in the PutObject request, you can set the ACL for the object while uploading it.
You can specify the x-oss-object-acl header in the PutObjectACL request.to set the ACL for an object. The following table describes the four ACLs that can be set for an object.
|private||This ACL indicates that an object is a private resource. Only the owner of this object has the permission to read or write this object.|
|public-read||This ACL indicates that an object is a resource that can be read by the public. Only the owner of this object has the permission to read and write this object. Other users only have the permission to read this object.|
|public-read-write||This ACL indicates that an object is a resource that can be read and written by the public. All users have the permission to read and write this object.|
|default||This ACL indicates an object is a resource inheriting the read-write permissions of the bucket. That is, the bucket and the object have the same permissions.|
PUT /ObjectName? acl HTTP/1.1 x-oss-object-acl: Permission Host: BucketName.oss-cn-hangzhou.aliyuncs.com Date: GMT Date Authorization: SignatureValue
PUT /test-object?acl HTTP/1.1 x-oss-object-acl: public-read Host: oss-example.oss-cn-hangzhou.aliyuncs.com Date: Wed, 29 Apr 2015 05:21:12 GMT Authorization: OSS qn6qrrqxo2oawuk53otfjbyc:KU5h8YMUC78M30dXqf3JxrTZHiA=
HTTP/1.1 200 OK x-oss-request-id: 559CC9BDC755F95A64485981 Date: Wed, 29 Apr 2015 05:21:12 GMT Content-Length: 0 Connection: keep-alive Server: AliyunOSS
The SDKs of this API are as follows:
|Error code||HTTP status code||Description|
|AccessDenied||403||The user is not the bucket owner or does not have the read and write permissions on the object.|
|InvalidArgument||400||The value of x-oss-object-acl is invalid.|