Class GetBucketAclCommandProtected

This implementation of the GET action uses the acl subresource to return the access control list (ACL) of a bucket. To use GET to return the ACL of the bucket, you must have READ_ACP access to the bucket. If READ_ACP permission is granted to the anonymous user, you can return the ACL of the bucket without using an authorization header.

To use this API operation against an access point, provide the alias of the access point in place of the bucket name.

To use this API operation against an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError is returned. For more information about InvalidAccessPointAliasError, see List of Error Codes.

If your bucket uses the bucket owner enforced setting for S3 Object Ownership, requests to read ACLs are still supported and return the bucket-owner-full-control ACL with the owner being the account that created the bucket. For more information, see Controlling object ownership and disabling ACLs in the Amazon S3 User Guide.

The following operations are related to GetBucketAcl:

• ListObjects

Example

Use a bare-bones client and the command you need to make an API call.

import { S3Client, GetBucketAclCommand } from "@aws-sdk/client-s3"; // ES Modules import
// const { S3Client, GetBucketAclCommand } = require("@aws-sdk/client-s3"); // CommonJS import
const client = new S3Client(config);
const input = { // GetBucketAclRequest
  Bucket: "STRING_VALUE", // required
  ExpectedBucketOwner: "STRING_VALUE",
};
const command = new GetBucketAclCommand(input);
const response = await client.send(command);
// { // GetBucketAclOutput
//   Owner: { // Owner
//     DisplayName: "STRING_VALUE",
//     ID: "STRING_VALUE",
//   },
//   Grants: [ // Grants
//     { // Grant
//       Grantee: { // Grantee
//         DisplayName: "STRING_VALUE",
//         EmailAddress: "STRING_VALUE",
//         ID: "STRING_VALUE",
//         URI: "STRING_VALUE",
//         Type: "CanonicalUser" || "AmazonCustomerByEmail" || "Group", // required
//       },
//       Permission: "FULL_CONTROL" || "WRITE" || "WRITE_ACP" || "READ" || "READ_ACP",
//     },
//   ],
// };

Param

GetBucketAclCommandInput

Returns

GetBucketAclCommandOutput

See

• GetBucketAclCommandInput for command's input shape.
• GetBucketAclCommandOutput for command's response shape.
• config for S3Client's config shape.

Throws

S3ServiceException

Base exception class for all service exceptions from S3 service.