Help Center/ Object Storage Service/ API Reference/ APIs/ Advanced Bucket Settings/ Obtaining Bucket ACL Information
Updated on 2026-03-06 GMT+08:00
View PDF
Share

Obtaining Bucket ACL Information

Functions

This operation returns the ACL information of a bucket. To obtain the ACL of a bucket, you need to have the READ_ACP or FULL_CONTROL permission for the bucket.

Authorization Information

To call this API, you must be the bucket owner or have the permission to obtain the ACL information of a bucket. You are advised to use IAM or bucket policies for authorization. For details about OBS authorization methods, see Differences Between OBS Permissions Control Methods.

  • If you use IAM for authorization, you need to use either role/policy-based authorization or identity policy-based authorization and configure the required permissions:
    • If you use role/policy-based authorization (IAM v3 APIs in the old IAM version), you need to grant the obs:bucket:GetBucketAcl permission. For details, see Creating a Custom IAM Policy.
    • If you use identity policy-based authorization (IAM v5 APIs in the new IAM version), you need to grant the obs:bucket:getBucketAcl permission, as shown in the following table. For details, see Creating a Custom IAM Identity Policy.

      Action

      Access Level

      Resource Type (*: Required)

      Condition Key

      Alias

      Dependencies

      obs:bucket:getBucketAcl

      Read

      bucket *

      -

      -

      -
      • obs:EpochTime
      • obs:SourceIp
      • obs:TlsVersion
      • obs:CustomDomain
  • If you use bucket policies for authorization, you need to grant the obs:bucket:GetBucketAcl permission. For details, see Creating a Custom Bucket Policy.

Request Syntax

1
2
3
4
 
GET /?acl HTTP/1.1 
Host: bucketname.obs.region.myhuaweicloud.com 
Date: date
Authorization: authorization

Request Parameters

This request contains no message parameters.

Request Headers

This request uses common headers. For details, see Table 3.

Request Elements

This request involves no elements.

Response Syntax

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
 
HTTP/1.1 status_code
Date: date
Content-Length: length
Content-Type: application/xml 

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> 
<AccessControlPolicy xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/">
    <Owner> 
        <ID>id</ID> 
    </Owner> 
    <AccessControlList> 
        <Grant> 
            <Grantee> 
                <ID>id</ID> 
            </Grantee> 
            <Permission>permission</Permission> 
            <Delivered>false</Delivered>
        </Grant> 
    </AccessControlList> 
</AccessControlPolicy>

Response Headers

The response to the request uses common headers. For details, see Table 1.

Response Elements

This response returns information (in the form of elements) about the bucket ACL. Table 1 describes the elements.

Table 1 Response elements

Element

Description

Owner

Bucket owner

Type: XML

ID

Account ID

Type: string

AccessControlList

Indicates the ACL that records all users who have permissions to access the bucket and the permissions granted to the users.

Type: XML

Grant

Container for the grantee and the granted permissions

Type: XML

Grantee

Grantee information

Type: XML

Canned

Grants permissions to all users.

Type: string. The value can only be Everyone.

Delivered

Indicates whether the bucket ACL is applied to objects in the bucket.

Type: boolean

Permission

Grantee's permission for a bucket

Type: string

Error Responses

No special error responses are returned. For details about error responses, see Table 2.

Sample Request

1
2
3
4
5
6
 
GET /?acl HTTP/1.1
User-Agent: curl/7.29.0
Host: examplebucket.obs.region.myhuaweicloud.com
Accept: */*
Date: WED, 01 Jul 2015 02:39:28 GMT
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:X7HtzGsIEkzJbd8vo1DRu30vVrs=

Sample Response

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: BF260000016436B69D82F14E93528658
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSjTh8661+HF5y8uAnTOBIpNO133hji+
Content-Type: application/xml
Date: WED, 01 Jul 2015 02:39:28 GMT
Content-Length: 784

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AccessControlPolicy xmlns="http://obs.ap-southeast-1.myhuaweicloud.com/doc/2015-06-30/">
  <Owner> 
    <ID>b4bf1b36d9ca43d984fbcb9491b6fce9</ID> 
  </Owner>  
  <AccessControlList> 
    <Grant> 
      <Grantee> 
        <ID>b4bf1b36d9ca43d984fbcb9491b6fce9</ID> 
      </Grantee>  
      <Permission>FULL_CONTROL</Permission> 
    </Grant>  
    <Grant> 
      <Grantee> 
        <ID>783fc6652cf246c096ea836694f71855</ID> 
      </Grantee>  
      <Permission>READ</Permission>  
      <Delivered>false</Delivered> 
    </Grant>  
    <Grant> 
      <Grantee> 
        <Canned>Everyone</Canned> 
      </Grantee>  
      <Permission>READ_ACP</Permission> 
    </Grant> 
  </AccessControlList> 
</AccessControlPolicy>
Parent Topic: Advanced Bucket Settings