GET Object acl

Returns an object's access control list (ACL) permissions. This operation requires READ_ACP access to the object.

Request syntax

GET /ObjectName?acl HTTP/1.1
Host: BucketName.rs2.StorageService.com
Date: date
Authorization: signatureValue
Range:bytes=byte_range

Request headers

The GET Object acl operation can use the following request headers:
Authorization, Content-Length, Content-Type, Date, and Host.

The Authorization, Date, and Host headers are required; the others are optional.
For more information, see Request Headers.

Response headers

The GET Object acl operation may include the following response headers: Content-Length, Connection, Date, ETag, and Server. 

For more information, see Response Headers.

Response elements

The GET Object acl operation returns the following items (item datatypes in parentheses):

Examples

This sample gets the access control permissions for the specified .rpm file object:

Request sample
GET /frodo_preview/sindexd-1.0r22859-1.x86_64.rpm?acl HTTP/1.1
Host: private.demo.cloud.it
Accept-Encoding: identity
content-length: 0
Authorization: AWS pat:wkeChV4mxUJinLOQDBClAXzRBUo=
x-amz-date: Wed, 22 Jun 2011 16:05:43 +0000
X-Forwarded-For: 94.23.9.26
Connection: close
Response sample
HTTP/1.1 200 OK
Date: Wed, 22 Jun 2011 16:05:43 GMT
Server: RestServer/1.0..Content-Length: 706
Content-Type: application/xml
Cache-Control: no-cache
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
   <Owner>
        <ID>3452783832C94517345278000000004000000120</ID>
        <DisplayName>Patrick</DisplayName>
   </Owner>
   <AccessControlList>
        <Grant>
            <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group">
                <URI>http://acs.amazonaws.com/groups/global/AllUsers</URI>
           </Grantee>
           <Permission>READ</Permission>
        </Grant>
        <Grant>
            <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
                <ID>3452783832C94517345278000000004000000120</ID>
                <DisplayName>Patrick</DisplayName>
            </Grantee>
            <Permission>FULL_CONTROL</Permission>
        </Grant>
    </AccessControlList>
</AccessControlPolicy>