Getting Information About an Object ACL

You can get information about the permissions you set for an object using an Access Control List (ACL). For more information, see Access Control List (ACL) Reference.

This action also returns information about the permissions for the objects that you uploaded or copied to one of your buckets, or for the objects you have the appropriate permissions for.

Getting Information About an Object ACL Using AWS CLI

Before you begin: Install and configure AWS CLI and set up your profile. For more information, see Installing and Configuring AWS CLI.

To get information about the ACL of an object, use the get-object-acl command following this syntax:

Request sample
$ aws s3api get-object-acl \
    --profile YOUR_PROFILE \
    --bucket BUCKET \
    --key OBJECT \
    --version-id qAfAAsAAuA00kclkg0A0AAuAAjaAtA. \
    --endpoint https://oos.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • bucket: The name of the bucket in which the object is stored.

  • key: The name of the object in the bucket.

  • (optional) version-id: The ID of a previous or of the current version of the object.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The get-object-acl command returns the following elements:

  • Owner: Information about the owner of the object. This element contains the following information:

    • DisplayName: The OUTSCALE account ID of the owner of the object.

    • ID: The S3 user ID of the owner of the object.

  • Grants: Information about the permissions. This element contains the following information:

    • Grantee: Information about the permissions. This element contains the following information:

      • Type: The scope of the permission. If the permission is for an individual user, CanonicalUser. If the permission is for a group of users, Group. For more information, see Access Control List (ACL) Reference.

      • DisplayName: The OUTSCALE account ID of the grantee.

      • ID: The S3 user ID of the grantee.

      • URI: The grantee group (AllUsers | AuthenticatedUsers).

    • Permission: The granted permission (READ | WRITE | READ_ACP | WRITE_ACP | FULL_CONTROL).

Result sample
 {
    "Owner": {
        "DisplayName": "ACCOUNT_ID",
        "ID": "USER_ID"
    },
    "Grants": [
        {
            "Grantee": {
                "Type": "Group",
                "URI": "http://acs.amazonaws.com/groups/global/AllUsers"
            },
            "Permission": "READ"
        },
        {
            "Grantee": {
                "Type": "CanonicalUser",
                "DisplayName": "ACCOUNT_ID",
                "ID": "USER_ID"
            },
            "Permission": "FULL_CONTROL"
        }
    ]
}

Related Pages

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.