Skip to content

Get Bucket Acl

s3_get_bucket_acl R Documentation

This operation is not supported by directory buckets

Description

This operation is not supported by directory buckets.

This implementation of the GET action uses the acl subresource to return the access control list (ACL) of a bucket. To use GET to return the ACL of the bucket, you must have the READ_ACP access to the bucket. If READ_ACP permission is granted to the anonymous user, you can return the ACL of the bucket without using an authorization header.

When you use this API operation with an access point, provide the alias of the access point in place of the bucket name.

When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError is returned. For more information about InvalidAccessPointAliasError, see List of Error Codes.

If your bucket uses the bucket owner enforced setting for S3 Object Ownership, requests to read ACLs are still supported and return the bucket-owner-full-control ACL with the owner being the account that created the bucket. For more information, see Controlling object ownership and disabling ACLs in the Amazon S3 User Guide.

The following operations are related to get_bucket_acl:

  • list_objects

Usage

s3_get_bucket_acl(Bucket, ExpectedBucketOwner)

Arguments

Bucket

[required] Specifies the S3 bucket whose ACL is being requested.

When you use this API operation with an access point, provide the alias of the access point in place of the bucket name.

When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError is returned. For more information about InvalidAccessPointAliasError, see List of Error Codes.

ExpectedBucketOwner

The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code ⁠403 Forbidden⁠ (access denied).

Value

A list with the following syntax: 

list(
  Owner = list(
    DisplayName = "string",
    ID = "string"
  ),
  Grants = list(
    list(
      Grantee = list(
        DisplayName = "string",
        EmailAddress = "string",
        ID = "string",
        Type = "CanonicalUser"|"AmazonCustomerByEmail"|"Group",
        URI = "string"
      ),
      Permission = "FULL_CONTROL"|"WRITE"|"WRITE_ACP"|"READ"|"READ_ACP"
    )
  )
)

Request syntax

svc$get_bucket_acl(
  Bucket = "string",
  ExpectedBucketOwner = "string"
)