We are extending CloudBerry S3 Explorer with useful Amazon S3 functionality and in the post we would like to introduce the Canned ACL policy support. When doing a PUT request you can specify a canned ACL, which grants certain access right. You don’t need to do an extra request to set an ACL. This makes working with Amazon S3 more efficient. In the previous releases of CloudBerry S3 Explorerwe ran an extra request for setting ACL of every type. Now we will recognize the type of ACL you want to set and run canned ACL whenever appropriate.
Following are canned ACLs that are supported for REST.
No one else has access rights (default).
FULL_CONTROL and the anonymous principal is granted
If this policy is used on an object, it can be read from a browser with no authentication.
FULL_CONTROL, the anonymous principal is granted
This can be a useful policy to apply to a bucket, but is generally not recommended.
FULL_CONTROL, and any principal authenticated as a registered Amazon S3 user is granted
·bucket-owner-read—Object Owner gets FULL_CONTROL, Bucket Owner gets READ
This ACL applies only to objects and is equivalent to private when used with PUT Bucket. You use this ACL to let someone other than the bucket owner write content (get full control) in the bucket but still grant the bucket owner read access to the objects.
·bucket-owner-full-control—Object Owner gets FULL_CONTROL, Bucket Owner gets FULL_CONTROL
This ACL applies only to objects and is equivalent to private when used with PUT Bucket. You use this ACL to let someone other than the bucket owner write content (get full control) in the bucket but still grant the bucket owner full rights over the objects.
Note: this post applies to CloudBerry Explorer 1.9 and later.
CloudBerry S3 Explorer is a Windows freeware product that helps managing Amazon S3 storage and CloudFront.
- CloudBerry Explorer - Amazon S3 Browser
- CloudBerry Explorer for Azure Cloud Storage
- CloudBerry Free Google Storage Explorer
- CloudBerry Explorer - OpenStack Cloud Storage Manager