Source File
api_op_PutObjectAcl.go
Belonging Package
github.com/aws/aws-sdk-go-v2/service/s3
// Code generated by smithy-go-codegen DO NOT EDIT.package s3import (awsmiddlewareinternalChecksums3custsmithyhttp)// Uses the acl subresource to set the access control list (ACL) permissions for a// new or existing object in an S3 bucket. You must have WRITE_ACP permission to// set the ACL of an object. For more information, see What permissions can I// grant?// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions)// in the Amazon S3 User Guide. This action is not supported by Amazon S3 on// Outposts. Depending on your application needs, you can choose to set the ACL on// an object using either the request body or the headers. For example, if you have// an existing application that updates a bucket ACL using the request body, you// can continue to use that approach. For more information, see Access Control List// (ACL) Overview// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the// Amazon S3 User Guide. If your bucket uses the bucket owner enforced setting for// S3 Object Ownership, ACLs are disabled and no longer affect permissions. You// must use policies to grant access to your bucket and the objects in it. Requests// to set ACLs or update ACLs fail and return the AccessControlListNotSupported// error code. Requests to read ACLs are still supported. For more information, see// Controlling object ownership// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)// in the Amazon S3 User Guide. Access Permissions You can set access permissions// using one of the following methods://// * Specify a canned ACL with the x-amz-acl// request header. Amazon S3 supports a set of predefined ACLs, known as canned// ACLs. Each canned ACL has a predefined set of grantees and permissions. Specify// the canned ACL name as the value of x-amz-acl. If you use this header, you// cannot use other access control-specific headers in your request. For more// information, see Canned ACL// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).//// *// Specify access permissions explicitly with the x-amz-grant-read,// x-amz-grant-read-acp, x-amz-grant-write-acp, and x-amz-grant-full-control// headers. When using these headers, you specify explicit access permissions and// grantees (Amazon Web Services accounts or Amazon S3 groups) who will receive the// permission. If you use these ACL-specific headers, you cannot use x-amz-acl// header to set a canned ACL. These parameters map to the set of permissions that// Amazon S3 supports in an ACL. For more information, see Access Control List// (ACL) Overview// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). You specify// each grantee as a type=value pair, where the type is one of the following://// * id// – if the value specified is the canonical user ID of an Amazon Web Services// account//// * uri – if you are granting permissions to a predefined group//// *// emailAddress – if the value specified is the email address of an Amazon Web// Services account Using email addresses to specify a grantee is only supported in// the following Amazon Web Services Regions://// * US East (N. Virginia)//// * US West// (N. California)//// * US West (Oregon)//// * Asia Pacific (Singapore)//// * Asia Pacific// (Sydney)//// * Asia Pacific (Tokyo)//// * Europe (Ireland)//// * South America (São// Paulo)//// For a list of all the Amazon S3 supported Regions and endpoints, see// Regions and Endpoints// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the// Amazon Web Services General Reference.//// For example, the following// x-amz-grant-read header grants list objects permission to the two Amazon Web// Services accounts identified by their email addresses. x-amz-grant-read:// emailAddress="xyz@amazon.com", emailAddress="abc@amazon.com"//// You can use either// a canned ACL or specify access permissions explicitly. You cannot do both.// Grantee Values You can specify the person (grantee) to whom you're assigning// access rights (using request elements) in the following ways://// * By the person's// ID: <>ID<><>GranteesEmail<> DisplayName is optional and ignored in the// request.//// * By URI:// <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<>//// * By Email// address: <>Grantees@email.com<>lt;/Grantee> The grantee is resolved to the// CanonicalUser and, in a response to a GET Object acl request, appears as the// CanonicalUser. Using email addresses to specify a grantee is only supported in// the following Amazon Web Services Regions://// * US East (N. Virginia)//// * US West// (N. California)//// * US West (Oregon)//// * Asia Pacific (Singapore)//// * Asia Pacific// (Sydney)//// * Asia Pacific (Tokyo)//// * Europe (Ireland)//// * South America (São// Paulo)//// For a list of all the Amazon S3 supported Regions and endpoints, see// Regions and Endpoints// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the// Amazon Web Services General Reference.//// Versioning The ACL of an object is set// at the object version level. By default, PUT sets the ACL of the current version// of an object. To set the ACL of a different version, use the versionId// subresource. Related Resources//// * CopyObject// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html)//// *// GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)func ( *Client) ( context.Context, *PutObjectAclInput, ...func(*Options)) (*PutObjectAclOutput, error) {if == nil {= &PutObjectAclInput{}}, , := .invokeOperation(, "PutObjectAcl", , , .addOperationPutObjectAclMiddlewares)if != nil {return nil,}:= .(*PutObjectAclOutput).ResultMetadata =return , nil}type PutObjectAclInput struct {// The bucket name that contains the object to which you want to attach the ACL.// When using this action with an access point, you must direct requests to the// access point hostname. The access point hostname takes the form// AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this// action with an access point through the Amazon Web Services SDKs, you provide// the access point ARN in place of the bucket name. For more information about// access point ARNs, see Using access points// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html)// in the Amazon S3 User Guide.//// This member is required.Bucket *string// Key for which the PUT action was initiated. When using this action with an// access point, you must direct requests to the access point hostname. The access// point hostname takes the form// AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this// action with an access point through the Amazon Web Services SDKs, you provide// the access point ARN in place of the bucket name. For more information about// access point ARNs, see Using access points// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html)// in the Amazon S3 User Guide. When using this action with Amazon S3 on Outposts,// you must direct requests to the S3 on Outposts hostname. The S3 on Outposts// hostname takes the form// AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When using// this action with S3 on Outposts through the Amazon Web Services SDKs, you// provide the Outposts bucket ARN in place of the bucket name. For more// information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the// Amazon S3 User Guide.//// This member is required.Key *string// The canned ACL to apply to the object. For more information, see Canned ACL// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).ACL types.ObjectCannedACL// Contains the elements that set the ACL permissions for an object per grantee.AccessControlPolicy *types.AccessControlPolicy// Indicates the algorithm used to create the checksum for the object when using// the SDK. This header will not provide any additional functionality if not using// the SDK. When sending this header, there must be a corresponding x-amz-checksum// or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the// HTTP status code 400 Bad Request. For more information, see Checking object// integrity// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html)// in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3// ignores any provided ChecksumAlgorithm parameter.ChecksumAlgorithm types.ChecksumAlgorithm// The base64-encoded 128-bit MD5 digest of the data. This header must be used as a// message integrity check to verify that the request body was not corrupted in// transit. For more information, go to RFC 1864.>// (http://www.ietf.org/rfc/rfc1864.txt) For requests made using the Amazon Web// Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is// calculated automatically.ContentMD5 *string// The account ID of the expected bucket owner. If the bucket is owned by a// different account, the request fails with the HTTP status code 403 Forbidden// (access denied).ExpectedBucketOwner *string// Allows grantee the read, write, read ACP, and write ACP permissions on the// bucket. This action is not supported by Amazon S3 on Outposts.GrantFullControl *string// Allows grantee to list the objects in the bucket. This action is not supported// by Amazon S3 on Outposts.GrantRead *string// Allows grantee to read the bucket ACL. This action is not supported by Amazon S3// on Outposts.GrantReadACP *string// Allows grantee to create new objects in the bucket. For the bucket and object// owners of existing objects, also allows deletions and overwrites of those// objects.GrantWrite *string// Allows grantee to write the ACL for the applicable bucket. This action is not// supported by Amazon S3 on Outposts.GrantWriteACP *string// Confirms that the requester knows that they will be charged for the request.// Bucket owners need not specify this parameter in their requests. For information// about downloading objects from Requester Pays buckets, see Downloading Objects// in Requester Pays Buckets// (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)// in the Amazon S3 User Guide.RequestPayer types.RequestPayer// VersionId used to reference a specific version of the object.VersionId *stringnoSmithyDocumentSerde}type PutObjectAclOutput struct {// If present, indicates that the requester was successfully charged for the// request.RequestCharged types.RequestCharged// Metadata pertaining to the operation's result.ResultMetadata middleware.MetadatanoSmithyDocumentSerde}func ( *Client) ( *middleware.Stack, Options) ( error) {= .Serialize.Add(&awsRestxml_serializeOpPutObjectAcl{}, middleware.After)if != nil {return}= .Deserialize.Add(&awsRestxml_deserializeOpPutObjectAcl{}, middleware.After)if != nil {return}if = addSetLoggerMiddleware(, ); != nil {return}if = awsmiddleware.AddClientRequestIDMiddleware(); != nil {return}if = smithyhttp.AddComputeContentLengthMiddleware(); != nil {return}if = addResolveEndpointMiddleware(, ); != nil {return}if = v4.AddComputePayloadSHA256Middleware(); != nil {return}if = addRetryMiddlewares(, ); != nil {return}if = addHTTPSignerV4Middleware(, ); != nil {return}if = awsmiddleware.AddRawResponseToMetadata(); != nil {return}if = awsmiddleware.AddRecordResponseTiming(); != nil {return}if = addClientUserAgent(); != nil {return}if = smithyhttp.AddErrorCloseResponseBodyMiddleware(); != nil {return}if = smithyhttp.AddCloseResponseBodyMiddleware(); != nil {return}if = swapWithCustomHTTPSignerMiddleware(, ); != nil {return}if = addOpPutObjectAclValidationMiddleware(); != nil {return}if = .Initialize.Add(newServiceMetadataMiddleware_opPutObjectAcl(.Region), middleware.Before); != nil {return}if = addMetadataRetrieverMiddleware(); != nil {return}if = addPutObjectAclInputChecksumMiddlewares(, ); != nil {return}if = addPutObjectAclUpdateEndpoint(, ); != nil {return}if = addResponseErrorMiddleware(); != nil {return}if = v4.AddContentSHA256HeaderMiddleware(); != nil {return}if = disableAcceptEncodingGzip(); != nil {return}if = addRequestResponseLogging(, ); != nil {return}return nil}func ( string) *awsmiddleware.RegisterServiceMetadata {return &awsmiddleware.RegisterServiceMetadata{Region: ,ServiceID: ServiceID,SigningName: "s3",OperationName: "PutObjectAcl",}}// getPutObjectAclRequestAlgorithmMember gets the request checksum algorithm value// provided as input.func ( interface{}) (string, bool) {:= .(*PutObjectAclInput)if len(.ChecksumAlgorithm) == 0 {return "", false}return string(.ChecksumAlgorithm), true}func ( *middleware.Stack, Options) error {return internalChecksum.AddInputMiddleware(, internalChecksum.InputMiddlewareOptions{GetAlgorithm: getPutObjectAclRequestAlgorithmMember,RequireChecksum: true,EnableTrailingChecksum: false,EnableComputeSHA256PayloadHash: true,EnableDecodedContentLengthHeader: true,})}// getPutObjectAclBucketMember returns a pointer to string denoting a provided// bucket member valueand a boolean indicating if the input has a modeled bucket// name,func ( interface{}) (*string, bool) {:= .(*PutObjectAclInput)if .Bucket == nil {return nil, false}return .Bucket, true}func ( *middleware.Stack, Options) error {return s3cust.UpdateEndpoint(, s3cust.UpdateEndpointOptions{Accessor: s3cust.UpdateEndpointParameterAccessor{GetBucketFromInput: getPutObjectAclBucketMember,},UsePathStyle: .UsePathStyle,UseAccelerate: .UseAccelerate,SupportsAccelerate: true,TargetS3ObjectLambda: false,EndpointResolver: .EndpointResolver,EndpointResolverOptions: .EndpointOptions,UseARNRegion: .UseARNRegion,DisableMultiRegionAccessPoints: .DisableMultiRegionAccessPoints,})}
The pages are generated with Golds v0.4.9. (GOOS=linux GOARCH=amd64)