Use the ossutil command-line tool for batch operations or set access control lists (ACLs) individually in the OSS console.
Important
After you set object ACLs to private, URLs previously used to access these objects without authentication return 403 errors. Make sure your applications and shared links use signed URLs or authenticated requests before making this change.
Method 1: Batch operations with ossutil (recommended)
Run the set-props (set object properties) command in ossutil 2.0 to recursively set the ACLs of all objects in a folder to private.
Syntax
ossutil set-props oss://<bucket_name>/<folder_name> --acl private -r -f| Parameter | Description |
|---|---|
--acl private |
Sets the object ACL to private. Only the object owner or authorized users can read and write the object. |
-r |
Performs a recursive operation on all objects in the folder. |
-f |
Forces the command to run without prompting for confirmation. |
Example
Set all objects in the data/ folder of the examplebucket bucket to private:
ossutil set-props oss://examplebucket/data/ --acl private -r -fMethod 2: Set ACLs individually in the console
If you have a small number of objects, set the ACL for each object individually in the OSS console. For detailed steps, see Set object ACLs.