< Previous | Contents | Next >

Adding an ACL to a bucket

You use the HTTP PUT method with the acl query parameter to add an ACL to an existing bucket. Adding an ACL to a bucket replaces any existing ACL in its entirety. You cannot modify an existing ACL in place.


To add an ACL to a bucket, you need write ACL permission for the bucket.


To add an ACL to a bucket, you can use either request headers or an ACL request body. You cannot use ACL headers and an ACL request body in the same request.


With ACL headers, you can specify either a canned ACL or individual x-amz-grant- headers. You cannot specify both a canned ACL and an x-amz-grant- header in the same request.


You can use an ACL request body to change the owner of a bucket you own. You cannot use ACL headers to do this. To change the owner of a bucket, you need both write ACL and change owner permission for the bucket.


If you try to add an ACL that specifies a user account that does not exist, HCP returns a 400 (Bad Request) status code and does not add the ACL to the bucket.


For an introduction to ACLs and information on how to specify them, see “Access control lists” on page 25.


Chapter 5: Working with buckets 79

Adding an ACL to a bucket


 

Request lineRequest headersResponse headersHTTP status codesExamplesExample 1: Adding an ACL to a bucket by specifying individual grantsExample 2: Adding an ACL to a bucket by using an ACL request body