For the complete code demo of ACL, see GitHub.
The following table describes the permissions included in the Access Control List (ACL) for an object.
| Permission | Description | Value |
|---|---|---|
| default | The ACL of an object is the same with that of its bucket. | oss.ACLDefault |
| Private | Only the object owner and authorized users can read and write the object. | oss.ACLPrivate |
| Public read | Only the object owner and authorized users can read and write the object. Other users can only read the object. Authorize this permission with caution. | oss.ACLPublicRead |
| Public read-write | All users can read and write the object. Authorize this permission with caution. | oss.PublicReadWrite |
The ACL privileges of objects take precedence over that of buckets. For example, if the ACL of a bucket is private, while the object ACL is public read-write, all users can read and write the object. If an object is not configured with an ACL, its ACL is the same as that of its bucket by default.
package main
import (
"fmt"
"os"
"github.com/aliyun/aliyun-oss-go-sdk/oss"
)
func main() {
// Create an OSSClient instance.
client, err := oss.New("<yourEndpoint>", "<yourAccessKeyId>", "<yourAccessKeySecret>")
if err ! = nil {
fmt.Println("Error:", err)
os.Exit(-1)
}
// Obtain the bucket.
bucket, err := client.Bucket("<yourBucketName>")
if err ! = nil {
fmt.Println("Error:", err)
os.Exit(-1)
}
// Configure an ACL for an object.
err = bucket.SetObjectACL("<yourObjectName>", oss.ACLPublicReadWrite)
if err ! = nil {
fmt.Println("Error:", err)
os.Exit(-1)
}
// Obtain the ALC for an object.
aclRes, err := bucket.GetObjectACL("<yourObjectName>")
if err ! = nil {
fmt.Println("Error:", err)
os.Exit(-1)
}
fmt.Println("Object ACL:", aclRes.ACL)
}