Grantable PermissionsΒΆ
The set of permissions Zenko supports in an ACL is detailed in the following table.
Permission | When Granted to a Bucket | When Granted to an Object |
---|---|---|
READ | Grantee can list the objects in the bucket. | Grantee can read the object data and its metadata. |
WRITE | Grantee can create, overwrite, and delete any object in the bucket. | Not applicable |
READ_ACP | Grantee can read the bucket ACL. | Grantee can read the object ACL. |
WRITE_ACP | Grantee can write the ACL for the applicable bucket. | Grantee can write the ACL for the applicable object. |
FULL_CONTROL | Allows grantee the READ, WRITE, READ_ACP, and READ_ACP, and WRITE_ACP WRITE_ACP permissions on the bucket | Allows grantee the READ, READ_ACP, and WRITE_ACP WRITE_ACP permissions on the object |
Note
The set of ACL permissions is the same for object ACL and bucket ACL. However, depending on the context (bucket ACL or object ACL), these ACL permissions grant permissions for specific bucket or the object operations.