The BucketAccessControls resource represents the Access Control Lists (ACLs) for buckets within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.
There are three roles that can be assigned to an entity:
For more information, see
Access Control
, with the caveat that this API uses
READER
s can
get
the bucket, though no
acl
property will be returned, and
list
the bucket's objects.
WRITER
s are
READER
s, and they can
insert
objects into the bucket and
delete
the bucket's objects.
OWNER
s are
WRITER
s, and they can get the
acl
property of a
bucket
,
update
a bucket, and call all BucketAccessControls methods on the bucket.
READER
,
WRITER
, and
OWNER
instead of
READ
,
WRITE
, and
FULL_CONTROL
.
For a list of methods for this resource, see the end of this page.
Resource representations
{ "kind": "storage#bucketAccessControl", "id": string, "selfLink": string, "bucket": string, "entity": string, "role": string, "email": string, "entityId": string, "domain": string, "projectTeam": { "projectNumber": string, "team": string }, "etag": string }
Property name | Value | Description | Notes |
---|---|---|---|
bucket
|
string
|
The name of the bucket. | |
domain
|
string
|
The domain associated with the entity, if any. | |
email
|
string
|
The email address associated with the entity, if any. | |
entity
|
string
|
The entity holding the permission, in one of the following forms:
|
writable |
entityId
|
string
|
The ID for the entity, if any. | |
etag
|
string
|
HTTP 1.1 Entity tag for the access-control entry. | |
id
|
string
|
The ID of the access-control entry. | |
kind
|
string
|
The kind of item this is. For bucket access control entries, this is always
storage#bucketAccessControl
.
|
|
projectTeam
|
object
|
The project team associated with the entity, if any. | |
projectTeam.
projectNumber
|
string
|
The project number. | |
projectTeam.
team
|
string
|
The team. Can be
owners
,
editors
, or
viewers
.
|
|
role
|
string
|
The access permission for the entity. Can be
READER
,
WRITER
, or
OWNER
.
|
writable |
selfLink
|
string
|
The link to this access-control entry. |
Methods
Every bucket in Google Cloud Storage has an Access Control List. The methods for working with a bucket's access controls are as follows:
- delete
- Permanently deletes the ACL entry for the specified entity on the specified bucket .
- get
- Returns the ACL entry for the specified entity on the specified bucket.
- insert
- Creates a new ACL entry on the specified bucket .
- list
- Retrieves ACL entries on a specified bucket .
- patch
- Updates an ACL entry on the specified bucket . This method supports patch semantics.
- update
- Updates an ACL entry on the specified bucket .