Please note that the contents of this offline web site may be out of date. To access the most recent documentation visit the online version .
Note that links that point to online resources are green in color and will open in a new window.
We would love it if you could give us feedback about this material by filling this form (You have to be online to fill it)



BucketAccessControls

The BucketAccessControls resources represent the Access Control Lists (ACLs) for buckets within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.


There are three roles that can be assigned to an entity:

  • READER s can get the bucket, though no acl property will be returned, and list the bucket's objects.
  • WRITER s are READER s, and they can insert objects into the bucket and delete the bucket's objects.
  • OWNER s are WRITER s, and they can get the acl property of a bucket , update a bucket and call all bucketAccessControls methods on the bucket.

For more information, see Access Control , with the caveat that this API uses READER , WRITER , and OWNER instead of READ , WRITE , and FULL_CONTROL .

For a list of methods for this resource, see the end of this page.

Resource representations

An access-control entry. 

{
  "kind": "storage#bucketAccessControl",
  "id": string,
  "selfLink": string,
  "bucket": string,
  "entity": string,
  "role": string,
  "email": string,
  "entityId": string,
  "domain": string
}
Property name Value Description Notes
kind string The kind of item this is. For bucket access control entries, this is always storage#bucketAccessControl .
id string The ID of the access-control entry.
bucket string The name of the bucket.
entity string The entity holding the permission, in one of the following forms:
  • user- userId
  • user- email
  • group- groupId
  • group- email
  • domain- domain
  • allUsers
  • allAuthenticatedUsers
Examples: 		writable
email string The email address associated with the entity, if any.
entityId string The ID for the entity, if any.
domain string The domain associated with the entity, if any.
role string The access permission for the entity. Can be READER , WRITER , or OWNER . writable

Methods

Every bucket in Google Cloud Storage has an Access Control List. The methods for working with a bucket's access controls are as follows:

delete
Deletes the ACL entry for the specified entity on the specified bucket .
get
Returns the ACL entry for the specified entity on the specified bucket .
insert
Creates a new ACL entry on the specified bucket .
list
Retrieves ACL entries on a specified bucket .
patch
Updates an ACL entry on the specified bucket . This method supports patch semantics.
update
Updates an ACL entry on the specified bucket .

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 3.0 License , and code samples are licensed under the Apache 2.0 License . For details, see our Site Policies .

Authentication required

You need to be signed in with Google+ to do that.

Signing you in...

Google Developers needs your permission to do that.