x-cos-acl
and x-cos-grant-*
request headers or the request body in XML format.PUT Object acl
is an overwriting operation. The new ACL will overwrite the old one.PUT /<ObjectKey>?acl HTTP/1.1Host: <BucketName-APPID>.cos.<Region>.myqcloud.comDate: GMT DateContent-Length: 0Authorization: Auth String
PUT /<ObjectKey>?acl HTTP/1.1Host: <BucketName-APPID>.cos.<Region>.myqcloud.comDate: GMT DateContent-Type: application/xmlContent-Length: Content LengthContent-MD5: MD5Authorization: Auth String[Request Body]
Host: <BucketName-APPID>.cos.<Region>.myqcloud.com
,<BucketName-APPID> is the bucket name followed by the APPID, such as examplebucket-1250000000
(see Bucket Overview > Basic Information and Bucket Overview > Bucket Naming Conventions), and <Region> is a COS region (see Regions and Access Endpoints).Header | Description | Type | Required |
x-cos-acl | Defines the ACL attribute of the object. For the enumerated values, such as default , private , and public-read , please see the Preset ACL section in ACL Overview. Default value: default Note: If you do not need access control for the object, set this header to default or leave it empty. In this way, the object will inherit the permissions of the bucket it is stored in. | Enum | No |
x-cos-grant-read | Grants a user read permission for an object in the format: id="[OwnerUin]" (e.g., id="100000000001" ). You can use commas (,) to separate multiple users, for example, id="100000000001",id="100000000002" . | string | No |
x-cos-grant-read-acp | Grants a user read permission for the ACL of an object in the format: id="[OwnerUin]" (e.g., id="100000000001" ). You can use commas (,) to separate multiple users, for example, id="100000000001",id="100000000002" . | string | No |
x-cos-grant-write-acp | Grants a user write permission for the ACL of an object in the format: id="[OwnerUin]" (e.g., id="100000000001" ). You can use commas (,) to separate multiple users, for example, id="100000000001",id="100000000002" . | string | No |
x-cos-grant-full-control | Grants a user full permission to operate on an object in the format: id="[OwnerUin]" (e.g., id="100000000001" ). You can use commas (,) to separate multiple users, for example, id="100000000001",id="100000000002" . | string | No |
<AccessControlPolicy><Owner><ID>string</ID></Owner><AccessControlList><Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"><URI>string</URI></Grantee><Permission>Enum</Permission></Grant><Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"><ID>string</ID></Grantee><Permission>Enum</Permission></Grant></AccessControlList></AccessControlPolicy>
Node Name (Keyword) | Parent Node | Description | Type | Required |
AccessControlPolicy | None | All request information about the PUT Object acl operation | Container | Yes |
AccessControlPolicy
:Node Name (Keyword) | Parent Node | Description | Type | Required |
Owner | AccessControlPolicy | Information about the object owner | Container | Yes |
AccessControlList | AccessControlPolicy | Information about the grantee and permissions | Container | Yes |
AccessControlPolicy.Owner
:Node Name (Keyword) | Parent Node | Description | Type | Required |
ID | AccessControlPolicy.Owner | Complete ID of the object owner in the format of qcs::cam::uin/[OwnerUin]:uin/[OwnerUin] Example: qcs::cam::uin/100000000001:uin/100000000001 | string | Yes |
AccessControlPolicy.AccessControlList
:Node Name (Keyword) | Parent Node | Description | Type | Required |
Grant | AccessControlPolicy. AccessControlList | A single permission. Each AccessControlList supports up to 100 Grant nodes. | Container | Yes |
AccessControlPolicy.AccessControlList.Grant
:Node Name (Keyword) | Parent Node | Description | Type | Required |
Grantee | AccessControlPolicy. AccessControlList.Grant | Grantee information. xsi:type can be set to Group or CanonicalUser . If set to Group , the child node can only include URI . If set to CanonicalUser , the child node can only include ID . | Container | Yes |
Permission | AccessControlPolicy. AccessControlList.Grant | Permission granted. For the enumerated values, such as READ and FULL_CONTROL , please see Actions on objects in ACL Overview. | Enum | Yes |
AccessControlPolicy.AccessControlList.Grant.Grantee
:Node Name (Keyword) | Parent Node | Description | Type | Required |
URI | AccessControlPolicy. AccessControlList.Grant.Grantee | Example: http://cam.qcloud.com/groups/global/AllUsers or http://cam.qcloud.com/groups/global/AuthenticatedUsers | string | Required if xsi:type of the grantee is set to Group |
ID | AccessControlPolicy. AccessControlList.Grant.Grantee | Compete ID of the grantee in the format of qcs::cam::uin/[OwnerUin]:uin/[OwnerUin] Example: qcs::cam::uin/100000000001:uin/100000000001 | string | Required if xsi:type of the grantee is set to CanonicalUser |
PUT /exampleobject?acl HTTP/1.1Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.comDate: Mon, 09 Sep 2019 13:11:09 GMTx-cos-acl: public-readx-cos-grant-read-acp: id="100000000002"Content-Length: 0Authorization: q-sign-algorithm=sha1&q-ak=AKID8A0fBVtYFrNm02oY1g1JQQF0c3JO****&q-sign-time=1568034669;1568041869&q-key-time=1568034669;1568041869&q-header-list=content-length;date;host;x-cos-acl;x-cos-grant-read-acp&q-url-param-list=acl&q-signature=43faf0a3231435a922e16526709c281a537d****Connection: close
HTTP/1.1 200 OKContent-Length: 0Connection: closeDate: Mon, 09 Sep 2019 13:11:10 GMTServer: tencent-cosx-cos-request-id: NWQ3NjRmNmRfZjZjMjBiMDlfMmE5MWJfMTI3OWZh****
PUT /exampleobject?acl HTTP/1.1Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.comDate: Tue, 10 Sep 2019 06:32:02 GMTContent-Type: application/xmlContent-Length: 594Content-MD5: zUPEBc1TeGrqTqEfPV7rxg==Authorization: q-sign-algorithm=sha1&q-ak=AKID8A0fBVtYFrNm02oY1g1JQQF0c3JO****&q-sign-time=1568097122;1568104322&q-key-time=1568097122;1568104322&q-header-list=content-length;content-md5;content-type;date;host&q-url-param-list=acl&q-signature=edab1b68ce0f747604906354afbe5702b24c****Connection: close<AccessControlPolicy><Owner><ID>qcs::cam::uin/100000000001:uin/100000000001</ID></Owner><AccessControlList><Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"><URI>http://cam.qcloud.com/groups/global/AllUsers</URI></Grantee><Permission>READ</Permission></Grant><Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"><ID>qcs::cam::uin/100000000002:uin/100000000002</ID></Grantee><Permission>READ_ACP</Permission></Grant></AccessControlList></AccessControlPolicy>
HTTP/1.1 200 OKContent-Length: 0Connection: closeDate: Tue, 10 Sep 2019 06:32:02 GMTServer: tencent-cosx-cos-request-id: NWQ3NzQzNjJfZmVhODBiMDlfMjc5MGVfMTM4OTky****
문제 해결에 도움이 되었나요?