All Products
Search

This Product

    Object Storage Service:Manage bucket ACLs (Ruby SDK)

    Document Center

    Object Storage Service:Manage bucket ACLs (Ruby SDK)

    Last Updated:Nov 29, 2025

    A bucket is a container for objects stored in Object Storage Service (OSS). All objects in OSS are stored in buckets. This topic describes how to configure and query the access control list (ACL) of a bucket.

    The following table describes the bucket ACLs.

    ACL

    Description

    Read/write permissions

    Private

    Only the bucket owner can read and write objects in the bucket. Other users cannot access the objects.

    Aliyun::OSS::ACL::PRIVATE

    Public-read

    Only the bucket owner can write objects in the bucket. Anyone, including anonymous users, can read the objects in the bucket.

    Warning

    Any user on the Internet can access the objects in the bucket. This can cause data leaks and a surge in fees. Use this permission with caution.

    Aliyun::OSS::ACL::PUBLIC_READ

    Public-read-write

    Anyone, including anonymous users, can read and write objects in the bucket.

    Warning

    Any user on the Internet can access and write objects in the bucket. This can cause data leaks and a surge in fees. If malicious users write illegal information to your bucket, your legal rights may be violated. Do not configure this permission except in specific scenarios.

    Aliyun::OSS::ACL::PUBLIC_READ_WRITE

    Set the ACL of a bucket

    The following code shows how to set the ACL of a bucket:

    require 'aliyun/oss'

client = Aliyun::OSS::Client.new(
  # The China (Hangzhou) region is used as an example. Specify the actual region.
  endpoint: 'https://oss-cn-hangzhou.aliyuncs.com',
  # Obtain access credentials from environment variables. Before running this code, ensure the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are set.
  access_key_id: ENV['OSS_ACCESS_KEY_ID'],
  access_key_secret: ENV['OSS_ACCESS_KEY_SECRET']
)
# Specify the bucket name. For example, examplebucket.
bucket = client.get_bucket('examplebucket')
bucket.acl = Aliyun::OSS::ACL::PUBLIC_READ
puts bucket.acl

    Obtain read and write permissions for a bucket

    The following code shows how to retrieve the ACL of a bucket:

    require 'aliyun/oss'

client = Aliyun::OSS::Client.new(
  # The China (Hangzhou) region is used as an example. Specify the actual region.
  endpoint: 'https://oss-cn-hangzhou.aliyuncs.com',
  # Obtain access credentials from environment variables. Before running this code, ensure the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are set.
  access_key_id: ENV['OSS_ACCESS_KEY_ID'],
  access_key_secret: ENV['OSS_ACCESS_KEY_SECRET']
)
# Specify the bucket name. For example, examplebucket.
bucket = client.get_bucket('examplebucket')
puts bucket.acl

    References

    • For more information about the API operation to set a bucket ACL, see PutBucketAcl.

    • For more information about the API operation to retrieve a bucket ACL, see GetBucketAcl.