Skip to content

Get Object Acl

s3_get_object_acl R Documentation

This operation is not supported by directory buckets

Description

This operation is not supported by directory buckets.

Returns the access control list (ACL) of an object. To use this operation, you must have s3:GetObjectAcl permissions or READ_ACP access to the object. For more information, see Mapping of ACL permissions and access policy permissions in the Amazon S3 User Guide

This functionality is not supported for Amazon S3 on Outposts.

By default, GET returns ACL information about the current version of an object. To return ACL information about a different version, use the versionId subresource.

If your bucket uses the bucket owner enforced setting for S3 Object Ownership, requests to read ACLs are still supported and return the bucket-owner-full-control ACL with the owner being the account that created the bucket. For more information, see Controlling object ownership and disabling ACLs in the Amazon S3 User Guide.

The following operations are related to get_object_acl:

  • get_object

  • get_object_attributes

  • delete_object

  • put_object

Usage

s3_get_object_acl(Bucket, Key, VersionId, RequestPayer,
  ExpectedBucketOwner)

Arguments

Bucket

[required] The bucket name that contains the object for which to get the ACL information.

Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see Using access points in the Amazon S3 User Guide.

Key

[required] The key of the object for which to get the ACL information.

VersionId

Version ID used to reference a specific version of the object.

This functionality is not supported for directory buckets.

RequestPayer
ExpectedBucketOwner

The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code ⁠403 Forbidden⁠ (access denied).

Value

A list with the following syntax:

list(
  Owner = list(
    DisplayName = "string",
    ID = "string"
  ),
  Grants = list(
    list(
      Grantee = list(
        DisplayName = "string",
        EmailAddress = "string",
        ID = "string",
        Type = "CanonicalUser"|"AmazonCustomerByEmail"|"Group",
        URI = "string"
      ),
      Permission = "FULL_CONTROL"|"WRITE"|"WRITE_ACP"|"READ"|"READ_ACP"
    )
  ),
  RequestCharged = "requester"
)

Request syntax

svc$get_object_acl(
  Bucket = "string",
  Key = "string",
  VersionId = "string",
  RequestPayer = "requester",
  ExpectedBucketOwner = "string"
)

Examples

## Not run: 
# The following example retrieves access control list (ACL) of an object.
svc$get_object_acl(
  Bucket = "examplebucket",
  Key = "HappyFace.jpg"
)

## End(Not run)