tencent cloud

Managing Bucket ACL - bucket-acl
Download PDF
Last updated: 2025-10-28 15:52:41
Managing Bucket ACL - bucket-acl
Last updated: 2025-10-28 15:52:41
Download PDF
The bucket-acl command is used to set or query bucket ACL.
Note:
To query bucket ACL, when performing authorization policy, set action to cos:GetBucketACL.
To set bucket ACL, when performing authorization policy, set action to cos:PutBucketACL.
For more authorization, please refer to Business APIs Supporting CAM.

Command Syntax

./coscli bucket-acl --method [method] cos://<bucket-name>
The bucket-acl command includes the following parameters:
Parameter Format
Description
Example
cos://<bucket-name>
Specifies the target bucket, which is accessible by using the bucket alias or bucket name configured in the configuration file as detailed in Download and Installation Configuration. If you use the bucket name for access, you also need to include the endpoint flag.
Access with the bucket alias: cos://example-alias
Access with the bucket name: cos://examplebucket-1250000000
The bucket-acl command includes the following optional flags:
Flag Abbreviation
Flag Name
Description
-h
--help
Views the usage of this command.
None
--method
Specify the required operation, including put (set bucket ACL), get (query bucket ACL).
None
--acl
Set the file's ACL, such as private, public-read, public-read-write.
None
--grant-read
Grant the authorized entity permission to read the bucket. Format: id="[OwnerUin]", for example id="100000000001". Use comma (half-width) to separate multiple authorized entities, such as id="100000000001",id="100000000002".
None
--grant-read-acp
Grant the authorized entity permission to read the bucket's access control list (ACL). Format: id="[OwnerUin]", for example id="100000000001". Use comma (half-width) to separate multiple authorized entities, such as id="100000000001",id="100000000002".
None
--grant-write-acp
Grant the authorized entity permission to write to the bucket's access control list (ACL). Format: id="[OwnerUin]", for example id="100000000001". Use comma (half-width) to separate multiple authorized entities, such as id="100000000001",id="100000000002".
None
--grant-full-control
Grant the authorized entity all permissions to operate the bucket. Format: id="[OwnerUin]", for example id="100000000001". Use comma (half-width) to separate multiple authorized entities, such as id="100000000001",id="100000000002".
Note:
For more general options for this command (such as switching buckets or user accounts), see Common Options.

Setting a Bucket ACL

Operation Example

Grant read permission on bucket alias example-alias to 100000000013 and 100000000012. The command is as follows:
./coscli bucket-acl --method put cos://example-alias --grant-read="id=\\"100000000013\\",id=\\"100000000012\\""

Querying the ACL of a Bucket

Operation Example

Query the permission list of the bucket named example-alias.
./coscli bucket-acl --method get cos://example-alias
Output the following result.
  SECTION  | KEY          | VALUE                                        
-----------+--------------+----------------------------------------------
  Owner    | UIN          |                                              
+          +--------------+---------------------------------------------+
           | ID           | qcs::cam::uin/100000000:uin/100000000      
+          +--------------+                                             +
           | Display Name |                                              
+----------+--------------+---------------------------------------------+
           |              |                                              
+----------+--------------+---------------------------------------------+
  Grant #1 | Permission   | READ                                         
+          +--------------+---------------------------------------------+
           | Grantee Type | CanonicalUser                                
+          +--------------+---------------------------------------------+
           | ID           | qcs::cam::uin/100000000013:uin/100000000013  
+          +--------------+                                             +
           | Display Name |                                              
+----------+--------------+---------------------------------------------+
           |              |                                              
+----------+--------------+---------------------------------------------+
  Grant #2 | Permission   | READ                                         
+          +--------------+---------------------------------------------+
           | Grantee Type | CanonicalUser                                
+          +--------------+---------------------------------------------+
           | ID           | qcs::cam::uin/100000000012:uin/100000000012  
+          +--------------+                                             +
           | Display Name |                                                                                 
-----------+--------------+----------------------------------------------
Access Control List (ACL) Information

Summary:
 - Owner: qcs::cam::uin/100000000:uin/100000000 (UIN: )
 - Total Grants: 2
 - Permissions:
   - READ: 2 grants




Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback