Riak CS GET Bucket ACL

The GET Bucket acl operation uses the acl subresource to return the access control list (ACL) of a bucket.

Note: You must have READ_ACP access to the bucket to use this operation. If the anonymous user has READ_ACP permission, this operation will return the ACL of the bucket without an authorization header.

Requests

Request Syntax

GET /?acl HTTP/1.1
Host: bucketname.data.riak.com
Date: date
Authorization: signature_value

Request Parameters

The GET Bucket acl operation doesn’t use request parameters.

Response Elements

AccessControlList - Container for ACL information.

  • Type: Container
  • Ancestry: AccessControlPolicy

AccessControlPolicy - Container for the response.

  • Type: Container
  • Ancestry: None

DisplayName - Bucket owner’s display name.

Note: The operation returns the DisplayName only if the owner’s e-mail address can be determined from the ID.

  • Type: String
  • Ancestry: AccessControlPolicy.Owner

Grant - Container for Grantee and Permission.

  • Type: Container
  • Ancestry: AccessControlPolicy.AccessControlList

Grantee - Container for DisplayName and ID of the person who is being granted permissions.

  • Type: Container
  • Ancestry: AccessControlPolicy.AccessControlList.Grant

ID - Bucket owner’s ID.

  • Type: String
  • Ancestry: AccessControlPolicy.Owner

Owner - Container for bucket owner information.

  • Type: Container
  • Ancestry: AccessControlPolicy

Permission - Permission granted to the Grantee for bucket.

  • Type: String
  • TypeValid Values: FULL_CONTROL|WRITE|WRITE_ACP|READ|READ_ACP

Ancestry: AccessControlPolicy.AccessControlList.GrantAccessControlList - Container for ACL information.

  • Type: Container
  • Ancestry: AccessControlPolicy

AccessControlPolicy - Container for the response.

  • Type: Container
  • Ancestry: None

DisplayName - Bucket owner’s display name.

Note: The operation returns the DisplayName only if the owner’s e-mail address can be determined from the ID.

  • Type: String
  • Ancestry: AccessControlPolicy.Owner

Grant - Container for Grantee and Permission.

  • Type: Container
  • Ancestry: AccessControlPolicy.AccessControlList

Grantee - Container for DisplayName and ID of the person who is being granted permissions.

  • Type: Container
  • Ancestry: AccessControlPolicy.AccessControlList.Grant

ID - Bucket owner’s ID.

  • Type: String
  • Ancestry: AccessControlPolicy.Owner

Owner - Container for bucket owner information.

  • Type: Container
  • Ancestry: AccessControlPolicy

Permission - Permission granted to the Grantee for bucket.

  • Type: String
  • Valid Values: FULL_CONTROL|WRITE|WRITE_ACP|READ|READ_ACP
  • Ancestry: AccessControlPolicy.AccessControlList.Grant

Examples

Sample Request

This request returns the ACL of the specified bucket.

GET ?acl HTTP/1.1
Host:bucket.data.riak.com
Date: Wed, 06 Jun 2012 20:47:15 +0000
Authorization: AWS QMUG3D7KP5OQZRDSQWB6:4Pb+A0YT4FhZYeqMdDhYls9f9AM=

Sample Response

HTTP/1.1 200 OK
Date: Wed, 06 Jun 2012 20:47:15 +0000
Last-Modified: Mon, 04 Jun 2012 12:00:00 GMT
Content-Length: 124198
Content-Type: text/plain
Connection: close
Server: MochiWeb/1.1 WebMachine/1.9.0 (someone had painted it blue)

  <AccessControlPolicy>
    <Owner>
      <ID>24ef09aa099d10f75aa57c8caeab4f8c8e7faeebf76c078efc7c6caea54ba06a</ID>
      <DisplayName>UserName@riak.com</DisplayName>
    </Owner>
    <AccessControlList>
      <Grant>
        <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                          xsi:type="CanonicalUser">
          <ID>24ef09aa099d10f75aa57c8caeab4f8c8e7faeebf76c078efc7c6caea54ba06a</ID>
          <DisplayName>UserName@riak.com</DisplayName>
        </Grantee>
        <Permission>FULL_CONTROL</Permission>
      </Grant>
    </AccessControlList>
  </AccessControlPolicy>