GET Object ACL¶

The GET Object ACL operation returns an object’s access control list (ACL) permissions. This operation requires READ_ACP access to the object.

By default, GET returns ACL information about the current version of an object. To return ACL information about a different version, use the versionId subresource.

Requests¶

Syntax¶

GET /ObjectName?acl HTTP/1.1
Host: {{BucketName}}.{{StorageService}}.com
Date: {{date}}
Authorization: {{authorizationString}}
Range:bytes={{byte_range}}

Parameters¶

The GET Object ACL operation does not use request parameters.

Headers¶

The GET Object ACL operation uses only request headers that are common to all operations (refer to Common Request Headers).

Elements¶

The GET Object ACL operation does not use request elements.

Responses¶

Headers¶

The GET Object ACL operation can include the following response headers in addition to the response headers common to all responses (refer to Common Response Headers).

Element Type Description

Element	Type	Description
`x-amz-version-id`	string	Returns the version ID of the retrieved object if it has a unique version ID Default: None

x-amz-version-id

string

Returns the version ID of the retrieved object if it has a unique version ID

Default: None

Elements¶

The GET Object ACL operation can return the following XML elements of the response (includes XML containers):

Element	Type	Description
`AccessControlList`	container	Container for Grant, Grantee, Permission
`AccessControlPolicy`	container	Contains the elements that set the ACL permissions for an object per Grantee
`DisplayName`	string	Screen name of the bucket owner
`Grant`	container	Container for the grantee and his or her permissions
`Grantee`	string	The subject whose permissions are being set
`ID`	string	ID of the bucket owner, or the ID of the grantee
`Owner`	container	Container for the bucket owner’s display name and ID
`Permission`	string	Specifies the permission (`FULL_CONTROL`, `WRITE`, `READ_ACP`) given to the grantee

Examples¶

Returning Object Information, Including ACL¶

The sample illustrated retrieves the access control permissions for the specified file object, greatshot_d.raw:

Request¶

GET /greatshot_d.raw?acl HTTP/1.1
Host: bucket.example.com
Date: Wed, 28 Oct 2009 22:32:00 GMT
Authorization: {{authorizationString}}

Response¶

HTTP/1.1 200 OK
x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran
x-amz-request-id: 318BC8BC148832E5
x-amz-version-id: 4HL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nrjfkd
Date: Wed, 28 Oct 2009 22:32:00 GMT
Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT
Content-Length: 124
Content-Type: text/plain
Connection: close
Server: ScalityS3

<AccessControlPolicy>
  <Owner>
    <ID>8b27d4b0fc460740425b9deef56fa1af6245fbcccdda813b691a8fda9be8ff0c</ID>
    <DisplayName>user@example.com</DisplayName>
  </Owner>
  <AccessControlList>
    <Grant>
      <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
        <ID>8b27d4b0fc460740425b9deef56fa1af6245fbcccdda813b691a8fda9be8ff0c</ID>
        <DisplayName>user@example.com</DisplayName>
      </Grantee>
      <Permission>FULL_CONTROL</Permission>
    </Grant>
  </AccessControlList>
</AccessControlPolicy>

Getting and Showing the ACL of a Specific Object Version¶

Request¶

GET /my-image.jpg?versionId=3/L4kqtJlcpXroDVBH40Nr8X8gdRQBpUMLUo&amp;acl HTTP/1.1
Host: {{bucketName}}.example.com
Date: Wed, 28 Oct 2009 22:32:00 GMT
Authorization: {{authorizationString}}

Response¶

HTTP/1.1 200 OK
x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran
x-amz-request-id: 318BC8BC148832E5
Date: Wed, 28 Oct 2009 22:32:00 GMT
Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT
x-amz-version-id: 3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo
Content-Length: 124
Content-Type: text/plain
Connection: close
Server: ScalityS3

<AccessControlPolicy>
  <Owner>
    <ID>8b27d4b0fc460740425b9deef56fa1af6245fbcccdda813b691a8fda9be8ff0c</ID>
    <DisplayName>user@example.com</DisplayName>
  </Owner>
  <AccessControlList>
    <Grant>
      <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
        <ID>8b27d4b0fc460740425b9deef56fa1af6245fbcccdda813b691a8fda9be8ff0c</ID>
        <DisplayName>user@example.com</DisplayName>
      </Grantee>
      <Permission>FULL_CONTROL</Permission>
    </Grant>
  </AccessControlList>
</AccessControlPolicy>