com.amazonaws.services.s3.model.AccessControlList
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public class AccessControlList
Represents an Amazon S3 Access Control List (ACL), including the ACL's set of grantees and the permissions assigned to each grantee.
Each bucket and object in Amazon S3 has an ACL that defines its access control policy. When a request is made, Amazon S3 authenticates the request using its standard authentication procedure and then checks the ACL to verify the sender was granted access to the bucket or object. If the sender is approved, the request proceeds. Otherwise, Amazon S3 returns an error.
An ACL is a list of grants. A grant consists of one grantee and one permission. ACLs only grant permissions; they do not deny them.
For convenience, some commonly used Access Control Lists are defined in
CannedAccessControlList.
Note: Bucket and object ACLs are completely independent; an object does not inherit the ACL from its bucket. For example, if you create a bucket and grant write access to another user, you will not be able to access the user's objects unless the user explicitly grants access. This also applies if you grant anonymous write access to a bucket. Only the user "anonymous" will be able to access objects the user created unless permission is explicitly granted to the bucket owner.
Important: We highly recommend that you do not grant the anonymous group write access to your buckets as you will have no control over the objects others can store and their associated charges. For more information, see Grantees and Permissions
CannedAccessControlList,
Serialized Form| Constructor Summary | |
|---|---|
AccessControlList()
|
|
| Method Summary | |
|---|---|
Set<Grant> |
getGrants()
|
Owner |
getOwner()
Every bucket and object in Amazon S3 has an owner, the user that created the bucket or object. |
void |
grantAllPermissions(Grant... grantsVarArg)
Adds a set of grantee/permission pairs to the ACL, where each item in the set is a Grant object. |
void |
grantPermission(Grantee grantee,
Permission permission)
Adds a grantee to the ACL with the given permission. |
void |
revokeAllPermissions(Grantee grantee)
Revokes the permissions of a grantee by removing the grantee from the ACL. |
void |
setOwner(Owner owner)
Sets the owner on this ACL. |
String |
toString()
Returns a string representation of the ACL contents, useful for debugging. |
| Methods inherited from class java.lang.Object |
|---|
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
| Constructor Detail |
|---|
public AccessControlList()
| Method Detail |
|---|
public Owner getOwner()
Note: Even the owner is subject to the ACL. For example, if an owner does
not have Permission.Read access to an object, the owner cannot
read that object. However, the owner of an object always has write access
to the access control policy (Permission.WriteAcp) and can change
the ACL to read the object.
public void setOwner(Owner owner)
owner - The owner for this ACL.
public void grantPermission(Grantee grantee,
Permission permission)
grantee - the grantee to whom the permission will apply.permission - the permission to apply to the grantee.public void grantAllPermissions(Grant... grantsVarArg)
Grant object.
grants - a collection of Grant objectspublic void revokeAllPermissions(Grantee grantee)
grantee - the grantee to remove from this ACL.public Set<Grant> getGrants()
Grant objects in this ACL.public String toString()
toString in class Object
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||