OSS allows you to configure ACL for objects to control access to them. This topic describes how to configure ACL for an object through the OSS console.

Prerequisites

  • A bucket has been created. For more information, see Create a bucket.
  • Objects have been uploaded to the bucket. For more information, see Upload objects.

Background information

You can configure ACL for an object when or after you upload the object. If you do not specify ACL for an object, default ACL Inherited from Bucket applies.
  • Inherited from Bucket: The ACL for object is the same as that for the bucket.
  • Private: Only the bucket owner or authorized users can read from and write to the objects in the bucket. Other users, including anonymous users, cannot access objects in the bucket.
    Note You can configure and send the object URL to share the object to other visitors. For more information, see Generate a signed URL.
  • Public Read: Only the bucket owner or authorized users can read from and write to objects. Other users, including anonymous users, can only read from objects in the bucket.
  • Public Read/Write: All users, including anonymous users, can perform read and write operations on objects in the bucket. Fees incurred by these operations are paid by the bucket owner. Use this ACL policy only when necessary.

For more information about object ACL, see Object ACL.

Procedure

  1. Log on to the OSS console.
  2. Click the target bucket.
    • New console: Click Buckets, and then click the name of the target bucket.
    • Old console: In the left-side navigation pane, click the name of the target bucket.
  3. Click the Files tab.
  4. Click the name of an object. In the View Details dialog box that appears, Click Set ACL.
    Alternatively, move the pointer over More in the Actions column corresponding to the object and choose Set ACL from the shortcut menu.
  5. In the Set ACL dialog box that appears, set ACL for the object.
  6. Click OK.