Use get-object-acl to query the access control list (ACL) of an object in a bucket.
Usage notes
An Alibaba Cloud account can query object ACLs by default. To run this command as a RAM user or with Security Token Service (STS) credentials, grant the
oss:GetObjectAclpermission explicitly. For details, see Attach a custom policy to a RAM user.If an object has no ACL configured, OSS returns the bucket's ACL as the object's effective ACL. For example, if the bucket ACL is
private, the object ACL is alsoprivate.
Syntax
ossutil api get-object-acl --bucket <value> --key <value> [flags]Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
--bucket | string | Yes | Name of the bucket. |
--key | string | Yes | Full path of the object. |
--version-id | string | No | Version ID of the object. Use this parameter to query the ACL of a specific version of a versioned object. |
--output-format | string | No | Format of the command output. Valid values: json, yaml. If not specified, the output uses the default text format. |
get-object-acl corresponds to the GetObjectACL API operation. For supported global flags, see Command-line options.Examples
Query the ACL of an object
ossutil api get-object-acl --bucket examplebucket --key exampleobjectQuery the ACL of an object in JSON format
ossutil api get-object-acl --bucket examplebucket --key exampleobject --output-format jsonQuery the ACL of an object in YAML format
ossutil api get-object-acl --bucket examplebucket --key exampleobject --output-format yamlQuery the ACL of a specific version of an object
ossutil api get-object-acl --bucket examplebucket --key exampleobject --version-id <version-id>Replace <version-id> with the version ID of the object.