We are extending CloudBerry S3 Explorer with useful Amazon S3 functionality and in the post, we would like to introduce the Canned ACL policy support. When doing a PUT request you can specify a canned ACL, which grants the certain access rights. You don’t need to do an extra request to set an ACL. This makes working with Amazon S3 more efficient. In the previous releases of CloudBerry, S3 Explorer we ran an extra request for setting ACL of every type. Now we will recognize the type of ACL you want to set and run canned ACL whenever appropriate.
Following are canned ACLs that are supported for REST.
No one else has access rights (default).
FULL_CONTROL and the anonymous principal is granted
If this policy is used on an object, it can be read from a browser with no authentication.
FULL_CONTROL, the anonymous principal is granted
This can be a useful policy to apply to a bucket, but is generally not recommended.
FULL_CONTROL, and any principal authenticated as a registered Amazon S3 user is granted
·bucket-owner-read—Object Owner gets FULL_CONTROL, Bucket Owner gets READ
This ACL applies only to objects and is equivalent to private when used with PUT Bucket. You use this ACL to let someone other than the bucket owner write content (get full control) in the bucket but still grant the bucket owner read access to the objects.
·bucket-owner-full-control—Object Owner gets FULL_CONTROL, Bucket Owner gets FULL_CONTROL
This ACL applies only to objects and is equivalent to private when used with PUT Bucket. You use this ACL to let someone other than the bucket owner write content (get full control) in the bucket but still grant the bucket owner full rights over the objects.
Note: this post applies to CloudBerry Explorer 1.9 and later.