|« PreviousNext »|
|Did this page help you? Yes | No | Tell us about it...|
ACLs provide a coarse-grain permission model, where you simply grant access permissions to buckets or objects. Bucket policies, on the other hand, provide fine-grain control over the permissions you are granting. For example, you can write a policy granting users access to a bucket or an object, provided the user sends the request from a specific IP address, or the request arrives after a specific date and time. Depending on your needs, you can use one or both of these permission models. However, there are specific use cases where ACL's may be the most appropriate:
Amazon S3 supports both ACLs and bucket policies. If you already use ACLs, there is no need to change. In simpler scenarios, ACLs might provide the appropriate level of permissions for your use case. For example, when granting permissions to a smaller number of grantees, using ACLs might be adequate.