Twoorb Plugins  1.0
 All Classes Namespaces Functions Variables Enumerations Enumerator Properties
Amazon.S3.Model.S3AccessControlList Class Reference

Represents an access control list (ACL) for S3. An AccessControlList is represented by an Owner, and a List of Grants, where each Grant is a Grantee and a Permission. More...

Public Member Functions

void AddGrant (S3Grantee grantee, S3Permission permission)
 Creates a S3Grant and adds it to the list of grants. More...
 
void RemoveGrant (S3Grantee grantee, S3Permission permission)
 Removes a specific permission for the given grantee. More...
 
void RemoveGrant (S3Grantee grantee)
 Removes all permissions for the given grantee. More...
 

Properties

Owner Owner [get, set]
 The owner of the bucket or object. More...
 
List< S3GrantGrants [get, set]
 A collection of grants. More...
 

Detailed Description

Represents an access control list (ACL) for S3. An AccessControlList is represented by an Owner, and a List of Grants, where each Grant is a Grantee and a Permission.

Each bucket and object in Amazon S3 has an ACL that defines its access control policy. When a request is made, Amazon S3 authenticates the request using its standard authentication procedure and then checks the ACL to verify the sender was granted access to the bucket or object. If the sender is approved, the request proceeds. Otherwise, Amazon S3 returns an error.

An ACL is a list of grants. A grant consists of one grantee and one permission. ACLs only grant permissions; they do not deny them.

For convenience, some commonly used Access Control Lists are defined in S3CannedACL.

Note: BucketName and object ACLs are completely independent; an object does not inherit the ACL from its bucket. For example, if you create a bucket and grant write access to another user, you will not be able to access the user's objects unless the user explicitly grants access. This also applies if you grant anonymous write access to a bucket. Only the user "anonymous" will be able to access objects the user created unless permission is explicitly granted to the bucket owner.

Important: We highly recommend that you do not grant the anonymous group write access to your buckets as you will have no control over the objects others can store and their associated charges. For more information, see Grantees and Permissions

Member Function Documentation

void Amazon.S3.Model.S3AccessControlList.AddGrant ( S3Grantee  grantee,
S3Permission  permission 
)

Creates a S3Grant and adds it to the list of grants.

Parameters
granteeThe grantee for the grant.
permissionThe permission for the grantee.
void Amazon.S3.Model.S3AccessControlList.RemoveGrant ( S3Grantee  grantee,
S3Permission  permission 
)

Removes a specific permission for the given grantee.

Parameters
granteeThe grantee
permissionThe permission for the grantee to remove
void Amazon.S3.Model.S3AccessControlList.RemoveGrant ( S3Grantee  grantee)

Removes all permissions for the given grantee.

Parameters
grantee

Property Documentation

List<S3Grant> Amazon.S3.Model.S3AccessControlList.Grants
getset

A collection of grants.

Owner Amazon.S3.Model.S3AccessControlList.Owner
getset

The owner of the bucket or object.

Every bucket and object in Amazon S3 has an owner, the user that created the bucket or object. The owner of a bucket or object cannot be changed. However, if the object is overwritten by another user (deleted and rewritten), the new object will have a new owner.

Note: Even the owner is subject to the ACL. For example, if an owner does not have Permission.READ access to an object, the owner cannot read that object. However, the owner of an object always has write access to the access control policy (Permission.WriteAcp) and can change the ACL to read the object.


The documentation for this class was generated from the following file: