All Products
Search
Document Center

Object Storage Service:GetBucketAcl

Last Updated:Jun 10, 2026

Queries the access control list (ACL) of a bucket.

Notes

Requires the oss:GetBucketAcl permission. For more information, see Grant a custom policy.

Request syntax

GET /? acl HTTP/1.1
Host: BucketName.oss-cn-hangzhou.aliyuncs.com
Date: GMT Date
Authorization: SignatureValue

Request headers

DescribeRegions uses only common request headers. For more information, see Common request headers.

Response elements

Element

Type

Description

AccessControlList

Container

Contains the ACL information.

Parent node: AccessControlPolicy.

AccessControlPolicy

Container

Contains the GetBucketACL response.

Parent node: none.

DisplayName

String

The bucket owner name, which is currently the same as the user ID.

Parent node: AccessControlPolicy and Owner.

Grant

Enumeration

The ACL for the bucket.

Valid values: private, public-read, and public-read-write.

Parent node: AccessControlPolicy and AccessControlList.

ID

String

The user ID of the bucket owner.

Parent node: AccessControlPolicy and Owner.

Owner

Container

Contains bucket owner information.

Parent node: AccessControlPolicy.

Examples

Sample request

GET /? acl HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Thu, 17 Apr 2025 04:11:23 GMT
Authorization: OSS4-HMAC-SHA256 Credential=LTAI********************/20250417/cn-hangzhou/oss/aliyun_v4_request,Signature=a7c3554c729d71929e0b84489addee6b2e8d5cb48595adfc51868c299c0c218e

Sample response

HTTP/1.1 200 OK
x-oss-request-id: 534B371674E88A4D8906****
Date: Fri, 24 Feb 2012 04:11:23 GMT 
Content-Length: 253
Content-Type: application/xml
Connection: keep-alive
Server: AliyunOSS

<? xml version="1.0" ? >
<AccessControlPolicy>
    <Owner>
        <ID>0022012****</ID>
        <DisplayName>user_example</DisplayName>
    </Owner>
    <AccessControlList>
        <Grant>public-read</Grant>
    </AccessControlList>
</AccessControlPolicy>

OSS SDKs

The following OSS SDKs support GetBucketAcl:

ossutil

For information about the ossutil command that corresponds to the GetBucketAcl operation, see get-bucket-acl.

Error codes

Error code

HTTP status code

Description

NoSuchBucket

404

The specified bucket does not exist.

AccessDenied

403

You are not authorized to query the bucket ACL. Only the bucket owner can perform this operation.