Please note that the contents of this offline web site may be out of date. To access the most recent documentation visit the online version .
Note that links that point to online resources are green in color and will open in a new window.
We would love it if you could give us feedback about this material by filling this form (You have to be online to fill it)



ObjectAccessControls

The ObjectAccessControls resources represent the Access Control Lists (ACLs) for objects within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.


There are two roles that can be assigned to an entity :

  • READER s can get an object, though the acl property will not be revealed.
  • OWNER s are READER s, and they can get the acl property, update an object, and call all objectAccessControls methods on the object . The owner of an object is always an OWNER .
For more information, see Access Control , with the caveat that this API uses READER and OWNER instead of READ and FULL_CONTROL .

For a list of methods for this resource, see the end of this page.

Resource representations

{
  "kind": "storage#objectAccessControl",
  "id": string,
  "selfLink": string,
  "bucket": string,
  "object": string,
  "generation": long,
  "entity": string,
  "role": string,
  "email": string,
  "entityId": string,
  "domain": string,
  "projectTeam": {
    "projectNumber": string,
    "team": string
  },
  "etag": string
}
Property name Value Description Notes
bucket string The name of the bucket.
domain string The domain associated with the entity, if any.
email string The email address associated with the entity, if any.
entity string The entity holding the permission, in one of the following forms:
  • user- userId
  • user- email
  • group- groupId
  • group- email
  • domain- domain
  • project- team - projectId
  • allUsers
  • allAuthenticatedUsers
Examples:
writable
entityId string The ID for the entity, if any.
etag string HTTP 1.1 Entity tag for the access-control entry.
generation long The content generation of the object.
id string The ID of the access-control entry.
kind string The kind of item this is. For object access control entries, this is always storage#objectAccessControl .
object string The name of the object.
projectTeam object The project team associated with the entity, if any.
projectTeam. projectNumber string The project number.
projectTeam. team string The team. Can be owners , editors , or viewers .
role string The access permission for the entity. Can be READER or OWNER . writable

Methods

Every object in Google Cloud Storage has an Access Control List. The methods for working with an object's access controls are as follows:

delete
Permanently deletes the ACL entry for the specified entity on the specified object .
get
Returns the ACL entry for the specified entity on the specified object .
insert
Creates a new ACL entry on the specified object .
list
Retrieves ACL entries on the specified object .
patch
Updates an ACL entry on the specified object . This method supports patch semantics.
update
Updates an ACL entry on the specified object .

Authentication required

You need to be signed in with Google+ to do that.

Signing you in...

Google Developers needs your permission to do that.