Sets the permissions on an existing bucket using access control lists (ACL). For more
* information, see Using ACLs. To set the ACL of a
* bucket, you must have WRITE_ACP permission.
You can use one of the following two ways to set a bucket's permissions:
*Specify the ACL in the request body
*Specify permissions using request headers
*You cannot specify access permission using both the body and the request * headers.
*Depending on your application needs, you may choose to set the ACL on a bucket using * either the request body or the headers. For example, if you have an existing application * that updates a bucket ACL using the request body, then you can continue to use that * approach.
*If your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs
* are disabled and no longer affect permissions. You must use policies to grant access to
* your bucket and the objects in it. Requests to set ACLs or update ACLs fail and return
* the AccessControlListNotSupported error code. Requests to read ACLs are
* still supported. For more information, see Controlling object
* ownership in the Amazon S3 User Guide.
You can set access permissions by using one of the following methods:
*Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports
* a set of predefined ACLs, known as canned ACLs. Each canned ACL
* has a predefined set of grantees and permissions. Specify the canned ACL name as the
* value of x-amz-acl. If you use this header, you cannot use other access
* control-specific headers in your request. For more information, see Canned
* ACL.
Specify access permissions explicitly with the x-amz-grant-read,
* x-amz-grant-read-acp, x-amz-grant-write-acp, and
* x-amz-grant-full-control headers. When using these headers, you
* specify explicit access permissions and grantees (Amazon Web Services accounts or Amazon S3 groups) who
* will receive the permission. If you use these ACL-specific headers, you cannot use
* the x-amz-acl header to set a canned ACL. These parameters map to the
* set of permissions that Amazon S3 supports in an ACL. For more information, see Access Control
* List (ACL) Overview.
You specify each grantee as a type=value pair, where the type is one of the * following:
*
* id – if the value specified is the canonical user ID of an
* Amazon Web Services account
* uri – if you are granting permissions to a predefined
* group
* emailAddress – if the value specified is the email address of
* an Amazon Web Services account
Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
*US East (N. Virginia)
*US West (N. California)
*US West (Oregon)
*Asia Pacific (Singapore)
*Asia Pacific (Sydney)
*Asia Pacific (Tokyo)
*Europe (Ireland)
*South America (São Paulo)
*For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
*For example, the following x-amz-grant-write header grants create,
* overwrite, and delete objects permission to LogDelivery group predefined by Amazon S3 and
* two Amazon Web Services accounts identified by their email addresses.
* x-amz-grant-write: uri="http://acs.amazonaws.com/groups/s3/LogDelivery",
* id="111122223333", id="555566667777"
*
You can use either a canned ACL or specify access permissions explicitly. You cannot do * both.
*You can specify the person (grantee) to whom you're assigning access rights (using * request elements) in the following ways:
*By the person's ID:
*
*
DisplayName is optional and ignored in the request
*By URI:
*
*
By Email address:
*
*
The grantee is resolved to the CanonicalUser and, in a response to a GET Object * acl request, appears as the CanonicalUser.
*Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
*US East (N. Virginia)
*US West (N. California)
*US West (Oregon)
*Asia Pacific (Singapore)
*Asia Pacific (Sydney)
*Asia Pacific (Tokyo)
*Europe (Ireland)
*South America (São Paulo)
*For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
*The following operations are related to PutBucketAcl:
* CreateBucket *
** DeleteBucket *
** GetObjectAcl *
*Base exception class for all service exceptions from S3 service.
* * @example Put bucket acl * ```javascript * // The following example replaces existing ACL on a bucket. The ACL grants the bucket owner (specified using the owner ID) and write permission to the LogDelivery group. Because this is a replace operation, you must specify all the grants in your request. To incrementally add or remove ACL grants, you might use the console. * const input = { * "Bucket": "examplebucket", * "GrantFullControl": "id=examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484", * "GrantWrite": "uri=http://acs.amazonaws.com/groups/s3/LogDelivery" * }; * const command = new PutBucketAclCommand(input); * await client.send(command); * // example id: put-bucket-acl-1482260397033 * ``` * */ export declare class PutBucketAclCommand extends $Command